Merge pull request #3493 from gilles-peskine-arm/psa-unified-driver-specs
PSA unified driver specification
diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt
index dca4bd7..18945e5 100644
--- a/3rdparty/CMakeLists.txt
+++ b/3rdparty/CMakeLists.txt
@@ -1,11 +1,17 @@
list (APPEND thirdparty_src)
list (APPEND thirdparty_lib)
+list (APPEND thirdparty_inc_public)
list (APPEND thirdparty_inc)
list (APPEND thirdparty_def)
-add_subdirectory(everest)
+execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result)
+
+if(${result} EQUAL 0)
+ add_subdirectory(everest)
+endif()
set(thirdparty_src ${thirdparty_src} PARENT_SCOPE)
set(thirdparty_lib ${thirdparty_lib} PARENT_SCOPE)
+set(thirdparty_inc_public ${thirdparty_inc_public} PARENT_SCOPE)
set(thirdparty_inc ${thirdparty_inc} PARENT_SCOPE)
set(thirdparty_def ${thirdparty_def} PARENT_SCOPE)
diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt
index c27a8e5..d81d995 100644
--- a/3rdparty/everest/CMakeLists.txt
+++ b/3rdparty/everest/CMakeLists.txt
@@ -1,4 +1,5 @@
list (APPEND everest_src)
+list (APPEND everest_inc_public)
list (APPEND everest_inc)
list (APPEND everest_def)
@@ -8,24 +9,20 @@
${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519_joined.c
)
-list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib)
+list(APPEND everest_inc_public ${CMAKE_CURRENT_SOURCE_DIR}/include)
+list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib)
-execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result)
+if(INSTALL_MBEDTLS_HEADERS)
-if(${result} EQUAL 0)
+ install(DIRECTORY include/everest
+ DESTINATION include
+ FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ
+ DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
+ FILES_MATCHING PATTERN "*.h")
- if(INSTALL_MBEDTLS_HEADERS)
-
- install(DIRECTORY include/everest
- DESTINATION include
- FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ
- DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
- FILES_MATCHING PATTERN "*.h")
-
- endif(INSTALL_MBEDTLS_HEADERS)
-
-endif()
+endif(INSTALL_MBEDTLS_HEADERS)
set(thirdparty_src ${thirdparty_src} ${everest_src} PARENT_SCOPE)
+set(thirdparty_inc_public ${thirdparty_inc_public} ${everest_inc_public} PARENT_SCOPE)
set(thirdparty_inc ${thirdparty_inc} ${everest_inc} PARENT_SCOPE)
set(thirdparty_def ${thirdparty_def} ${everest_def} PARENT_SCOPE)
diff --git a/3rdparty/everest/library/Hacl_Curve25519_joined.c b/3rdparty/everest/library/Hacl_Curve25519_joined.c
index 18b32d2..ee62be1 100644
--- a/3rdparty/everest/library/Hacl_Curve25519_joined.c
+++ b/3rdparty/everest/library/Hacl_Curve25519_joined.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
diff --git a/3rdparty/everest/library/everest.c b/3rdparty/everest/library/everest.c
index 2e2422f..82c4e03 100644
--- a/3rdparty/everest/library/everest.c
+++ b/3rdparty/everest/library/everest.c
@@ -19,11 +19,7 @@
* This file is part of Mbed TLS (https://tls.mbed.org).
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#include <string.h>
diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c
index 990bb4d..9faa9ab 100644
--- a/3rdparty/everest/library/x25519.c
+++ b/3rdparty/everest/library/x25519.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1f675c1..f8df140 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,3 +1,21 @@
+#
+# CMake build system design considerations:
+#
+# - Include directories:
+# + Do not define include directories globally using the include_directories
+# command but rather at the target level using the
+# target_include_directories command. That way, it is easier to guarantee
+# that targets are built using the proper list of include directories.
+# + Use the PUBLIC and PRIVATE keywords to specifiy the scope of include
+# directories. That way, a target linking to a library (using the
+# target_link_librairies command) inherits from the library PUBLIC include
+# directories and not from the PRIVATE ones.
+# + Note: there is currently one remaining include_directories command in the
+# CMake files. It is related to ZLIB support which is planned to be removed.
+# When the support is removed, the associated include_directories command
+# will be removed as well as this note.
+#
+
cmake_minimum_required(VERSION 2.6)
if(TEST_CPP)
project("mbed TLS" C CXX)
@@ -147,7 +165,10 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op")
endif()
if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow -Wformat-signedness")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
+ endif()
+ if (GCC_VERSION VERSION_GREATER 5.0)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-signedness")
endif()
set(CMAKE_C_FLAGS_RELEASE "-O2")
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
@@ -205,9 +226,6 @@
set(LIB_INSTALL_DIR lib)
endif()
-include_directories(include/)
-include_directories(library/)
-
if(ENABLE_ZLIB_SUPPORT)
find_package(ZLIB)
@@ -219,12 +237,33 @@
add_subdirectory(include)
add_subdirectory(3rdparty)
-include_directories(${thirdparty_inc})
list(APPEND libs ${thirdparty_lib})
-add_definitions(${thirdparty_def})
add_subdirectory(library)
+#
+# The C files in tests/src directory contain test code shared among test suites
+# and programs. This shared test code is compiled and linked to test suites and
+# programs objects as a set of compiled objects. The compiled objects are NOT
+# built into a library that the test suite and program objects would link
+# against as they link against the mbedcrypto, mbedx509 and mbedtls libraries.
+# The reason is that such library is expected to have mutual dependencies with
+# the aforementioned libraries and that there is as of today no portable way of
+# handling such dependencies (only toolchain specific solutions).
+#
+# Thus the below definition of the `mbedtls_test` CMake library of objects
+# target. This library of objects is used by tests and programs CMake files
+# to define the test executables.
+#
+if(ENABLE_TESTING OR ENABLE_PROGRAMS)
+ file(GLOB MBEDTLS_TEST_FILES ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c)
+ add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
+ target_include_directories(mbedtls_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library)
+endif()
+
if(ENABLE_PROGRAMS)
add_subdirectory(programs)
endif()
diff --git a/ChangeLog.d/bugfix_PR3452.txt b/ChangeLog.d/bugfix_PR3452.txt
new file mode 100644
index 0000000..acf593e
--- /dev/null
+++ b/ChangeLog.d/bugfix_PR3452.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Use local labels in mbedtls_padlock_has_support() to fix an invalid symbol redefinition if the function is inlined.
+ Reported in #3451 and fix contributed in #3452 by okhowang.
diff --git a/ChangeLog.d/build_with_only_montgomery_curves.txt b/ChangeLog.d/build_with_only_montgomery_curves.txt
new file mode 100644
index 0000000..d4ec7c5
--- /dev/null
+++ b/ChangeLog.d/build_with_only_montgomery_curves.txt
@@ -0,0 +1,6 @@
+Bugfix
+ * Fix build errors when the only enabled elliptic curves are Montgomery
+ curves. Raised by signpainter in #941 and by Taiki-San in #1412. This
+ also fixes missing declarations reported by Steven Cooreman in #1147.
+ * Fix self-test failure when the only enabled short Weierstrass elliptic
+ curve is secp192k1. Fixes #2017.
diff --git a/ChangeLog.d/cmake-install.txt b/ChangeLog.d/cmake-install.txt
new file mode 100644
index 0000000..1bcec4a
--- /dev/null
+++ b/ChangeLog.d/cmake-install.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Library files installed after a CMake build no longer have execute
+ permission.
diff --git a/ChangeLog.d/do_not_persist_volatile_external_keys.txt b/ChangeLog.d/do_not_persist_volatile_external_keys.txt
new file mode 100644
index 0000000..b27292c
--- /dev/null
+++ b/ChangeLog.d/do_not_persist_volatile_external_keys.txt
@@ -0,0 +1,4 @@
+Default behavior changes
+ * Stop storing persistent information about externally stored keys created
+ through PSA Crypto with a volatile lifetime. Reported in #3288 and
+ contributed by Steven Cooreman in #3382.
diff --git a/ChangeLog.d/format-signedness.txt b/ChangeLog.d/format-signedness.txt
new file mode 100644
index 0000000..ee1ee4b
--- /dev/null
+++ b/ChangeLog.d/format-signedness.txt
@@ -0,0 +1,3 @@
+Changes
+ * Only pass -Wformat-signedness to versions of GCC that support it. Reported
+ in #3478 and fix contributed in #3479 by okhowang.
diff --git a/ChangeLog.d/psa_curve25519_key_support.txt b/ChangeLog.d/psa_curve25519_key_support.txt
new file mode 100644
index 0000000..954ca0f
--- /dev/null
+++ b/ChangeLog.d/psa_curve25519_key_support.txt
@@ -0,0 +1,9 @@
+Features
+ * The new function mbedtls_ecp_write_key() exports private ECC keys back to
+ a byte buffer. It is the inverse of the existing mbedtls_ecp_read_key().
+
+Bugfix
+ * Fix the endianness of Curve25519 keys imported/exported through the PSA
+ APIs. psa_import_key and psa_export_key will now correctly expect/output
+ Montgomery keys in little-endian as defined by RFC7748. Contributed by
+ Steven Cooreman in #3425.
diff --git a/ChangeLog.d/psa_curve25519_public_key_import.txt b/ChangeLog.d/psa_curve25519_public_key_import.txt
new file mode 100644
index 0000000..2ea11e2
--- /dev/null
+++ b/ChangeLog.d/psa_curve25519_public_key_import.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * PSA key import will now correctly import a Curve25519/Curve448 public key
+ instead of erroring out. Contributed by Steven Cooreman in #3492.
diff --git a/ChangeLog.d/psa_ecc_dh_macros.txt b/ChangeLog.d/psa_ecc_dh_macros.txt
new file mode 100644
index 0000000..033f3d8
--- /dev/null
+++ b/ChangeLog.d/psa_ecc_dh_macros.txt
@@ -0,0 +1,9 @@
+API changes
+ * In the PSA API, rename the types of elliptic curve and Diffie-Hellman group families to
+ psa_ecc_family_t and psa_dh_family_t, in line with the PSA Crypto API specification version 1.0.0.
+ Rename associated macros as well:
+ PSA_ECC_CURVE_xxx renamed to PSA_ECC_FAMILY_xxx
+ PSA_DH_GROUP_xxx renamed to PSA_DH_FAMILY_xxx
+ PSA_KEY_TYPE_GET_CURVE renamed to to PSA_KEY_TYPE_ECC_GET_FAMILY
+ PSA_KEY_TYPE_GET_GROUP renamed to PSA_KEY_TYPE_DH_GET_FAMILY
+
diff --git a/ChangeLog.d/x509write_csr_heap_alloc.txt b/ChangeLog.d/x509write_csr_heap_alloc.txt
new file mode 100644
index 0000000..abce20c
--- /dev/null
+++ b/ChangeLog.d/x509write_csr_heap_alloc.txt
@@ -0,0 +1,4 @@
+Changes
+ * Reduce the stack consumption of mbedtls_x509write_csr_der() which
+ previously could lead to stack overflow on constrained devices.
+ Contributed by Doru Gucea and Simon Leet in #3464.
diff --git a/Makefile b/Makefile
index 5ac5a53..d00183e 100644
--- a/Makefile
+++ b/Makefile
@@ -10,15 +10,18 @@
no_test: programs
-programs: lib
+programs: lib mbedtls_test
$(MAKE) -C programs
lib:
$(MAKE) -C library
-tests: lib
+tests: lib mbedtls_test
$(MAKE) -C tests
+mbedtls_test:
+ $(MAKE) -C tests mbedtls_test
+
ifndef WINDOWS
install: no_test
mkdir -p $(DESTDIR)/include/mbedtls
diff --git a/docs/architecture/testing/test-framework.md b/docs/architecture/testing/test-framework.md
index e0e960f..c4178fa 100644
--- a/docs/architecture/testing/test-framework.md
+++ b/docs/architecture/testing/test-framework.md
@@ -22,7 +22,7 @@
* Make the description descriptive. “foo: x=2, y=4” is more descriptive than “foo #2”. “foo: 0<x<y, both even” is even better if these inequalities and parities are why this particular test data was chosen.
* Avoid changing the description of an existing test case without a good reason. This breaks the tracking of failures across CI runs, since this tracking is based on the descriptions.
-`tests/scripts/check-test-cases.py` enforces some rules and warns if some guidelines are violated.
+`tests/scripts/check_test_cases.py` enforces some rules and warns if some guidelines are violated.
## TLS tests
@@ -32,7 +32,7 @@
Each test case in `ssl-opt.sh` has a description which succinctly describes for a human audience what the test does. The test description is the first parameter to `run_tests`.
-The same rules and guidelines apply as for [unit test descriptions](#unit-test-descriptions). In addition, the description must be written on the same line as `run_test`, in double quotes, for the sake of `check-test-cases.py`.
+The same rules and guidelines apply as for [unit test descriptions](#unit-test-descriptions). In addition, the description must be written on the same line as `run_test`, in double quotes, for the sake of `check_test_cases.py`.
## Running tests
diff --git a/docs/getting_started.md b/docs/getting_started.md
index f3c1341..e274f49 100644
--- a/docs/getting_started.md
+++ b/docs/getting_started.md
@@ -865,7 +865,7 @@
psa_set_key_algorithm(&attributes,
PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256));
psa_set_key_type(&attributes,
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1));
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
psa_set_key_bits(&attributes, key_bits);
status = psa_generate_key(&attributes, &handle);
if (status != PSA_SUCCESS) {
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index f2148a8..4f6c632 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -103,6 +103,17 @@
#if defined(MBEDTLS_ECDSA_C) && \
( !defined(MBEDTLS_ECP_C) || \
+ !( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) ) || \
!defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(MBEDTLS_ASN1_WRITE_C) )
#error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
@@ -246,12 +257,14 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
- ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) )
+ ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \
+ !defined(MBEDTLS_X509_CRT_PARSE_C) )
#error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
- ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) )
+ ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \
+ !defined(MBEDTLS_X509_CRT_PARSE_C) )
#error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index e00c546..24ba789 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -756,6 +756,7 @@
*
* Comment macros to disable the curve and functions for it
*/
+/* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
@@ -767,6 +768,7 @@
#define MBEDTLS_ECP_DP_BP256R1_ENABLED
#define MBEDTLS_ECP_DP_BP384R1_ENABLED
#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+/* Montgomery curves (supporting ECP) */
#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
#define MBEDTLS_ECP_DP_CURVE448_ENABLED
@@ -1083,7 +1085,7 @@
*
* Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
*
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
@@ -1107,7 +1109,7 @@
*
* Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
*
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
@@ -2571,7 +2573,9 @@
* This module is used by the following key exchanges:
* ECDHE-ECDSA
*
- * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C,
+ * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a
+ * short Weierstrass curve.
*/
#define MBEDTLS_ECDSA_C
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 875e1f8..980ec5e 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -61,6 +61,26 @@
#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00 /**< Operation in progress, call again with the same parameters to continue. */
+/* Flags indicating whether to include code that is specific to certain
+ * types of curves. These flags are for internal library use only. */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#define MBEDTLS_ECP_MONTGOMERY_ENABLED
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -74,6 +94,20 @@
* parameters. Therefore, only standardized domain parameters from trusted
* sources should be used. See mbedtls_ecp_group_load().
*/
+/* Note: when adding a new curve:
+ * - Add it at the end of this enum, otherwise you'll break the ABI by
+ * changing the numerical value for existing curves.
+ * - Increment MBEDTLS_ECP_DP_MAX below if needed.
+ * - Add the corresponding MBEDTLS_ECP_DP_xxx_ENABLED macro definition to
+ * config.h.
+ * - List the curve as a dependency of MBEDTLS_ECP_C and
+ * MBEDTLS_ECDSA_C if supported in check_config.h.
+ * - Add the curve to the appropriate curve type macro
+ * MBEDTLS_ECP_yyy_ENABLED above.
+ * - Add the necessary definitions to ecp_curves.c.
+ * - Add the curve to the ecp_supported_curves array in ecp.c.
+ * - Add the curve to applicable profiles in x509_crt.c if applicable.
+ */
typedef enum
{
MBEDTLS_ECP_DP_NONE = 0, /*!< Curve not defined. */
@@ -906,6 +940,7 @@
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_ecp_restart_ctx *rs_ctx );
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/**
* \brief This function performs multiplication and addition of two
* points by integers: \p R = \p m * \p P + \p n * \p Q
@@ -915,6 +950,10 @@
* \note In contrast to mbedtls_ecp_mul(), this function does not
* guarantee a constant execution flow and timing.
*
+ * \note This function is only defined for short Weierstrass curves.
+ * It may not be included in builds without any short
+ * Weierstrass curve.
+ *
* \param grp The ECP group to use.
* This must be initialized and have group parameters
* set, for example through mbedtls_ecp_group_load().
@@ -933,6 +972,8 @@
* valid private keys, or \p P or \p Q are not valid public
* keys.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
+ * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if \p grp does not
+ * designate a short Weierstrass curve.
* \return Another negative error code on other kinds of failure.
*/
int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
@@ -950,6 +991,10 @@
* but it can return early and restart according to the limit
* set with \c mbedtls_ecp_set_max_ops() to reduce blocking.
*
+ * \note This function is only defined for short Weierstrass curves.
+ * It may not be included in builds without any short
+ * Weierstrass curve.
+ *
* \param grp The ECP group to use.
* This must be initialized and have group parameters
* set, for example through mbedtls_ecp_group_load().
@@ -969,6 +1014,8 @@
* valid private keys, or \p P or \p Q are not valid public
* keys.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
+ * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if \p grp does not
+ * designate a short Weierstrass curve.
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another negative error code on other kinds of failure.
@@ -978,6 +1025,7 @@
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
mbedtls_ecp_restart_ctx *rs_ctx );
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
/**
* \brief This function checks that a point is a valid public key
@@ -1149,6 +1197,26 @@
*/
int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
const unsigned char *buf, size_t buflen );
+
+/**
+ * \brief This function exports an elliptic curve private key.
+ *
+ * \param key The private key.
+ * \param buf The output buffer for containing the binary representation
+ * of the key. (Big endian integer for Weierstrass curves, byte
+ * string for Montgomery curves.)
+ * \param buflen The total length of the buffer in bytes.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL if the \p key
+ representation is larger than the available space in \p buf.
+ * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the operation for
+ * the group is not implemented.
+ * \return Another negative error code on different kinds of failure.
+ */
+int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
+ unsigned char *buf, size_t buflen );
+
/**
* \brief This function checks that the keypair objects
* \p pub and \p prv have the same group and the
diff --git a/include/mbedtls/ecp_internal.h b/include/mbedtls/ecp_internal.h
index 3b6fbf1..92fee42 100644
--- a/include/mbedtls/ecp_internal.h
+++ b/include/mbedtls/ecp_internal.h
@@ -105,7 +105,7 @@
*/
void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp );
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
/**
@@ -245,9 +245,9 @@
mbedtls_ecp_point *pt );
#endif
-#endif /* ECP_SHORTWEIERSTRASS */
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp,
@@ -291,7 +291,7 @@
mbedtls_ecp_point *P );
#endif
-#endif /* ECP_MONTGOMERY */
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 513bc5f..f7620b0 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -160,12 +160,12 @@
/* Translations for ECC. */
static inline int mbedtls_psa_get_ecc_oid_from_id(
- psa_ecc_curve_t curve, size_t bits,
+ psa_ecc_family_t curve, size_t bits,
char const **oid, size_t *oid_len )
{
switch( curve )
{
- case PSA_ECC_CURVE_SECP_R1:
+ case PSA_ECC_FAMILY_SECP_R1:
switch( bits )
{
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
@@ -200,7 +200,7 @@
#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
}
break;
- case PSA_ECC_CURVE_SECP_K1:
+ case PSA_ECC_FAMILY_SECP_K1:
switch( bits )
{
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
@@ -223,7 +223,7 @@
#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
}
break;
- case PSA_ECC_CURVE_BRAINPOOL_P_R1:
+ case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
switch( bits )
{
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 2b07b74..339fad2 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -735,11 +735,12 @@
* where `m` is the bit size associated with the curve, i.e. the bit size
* of the order of the curve's coordinate field. This byte string is
* in little-endian order for Montgomery curves (curve types
- * `PSA_ECC_CURVE_CURVEXXX`), and in big-endian order for Weierstrass
- * curves (curve types `PSA_ECC_CURVE_SECTXXX`, `PSA_ECC_CURVE_SECPXXX`
- * and `PSA_ECC_CURVE_BRAINPOOL_PXXX`).
- * This is the content of the `privateKey` field of the `ECPrivateKey`
- * format defined by RFC 5915.
+ * `PSA_ECC_FAMILY_CURVEXXX`), and in big-endian order for Weierstrass
+ * curves (curve types `PSA_ECC_FAMILY_SECTXXX`, `PSA_ECC_FAMILY_SECPXXX`
+ * and `PSA_ECC_FAMILY_BRAINPOOL_PXXX`).
+ * For Weierstrass curves, this is the content of the `privateKey` field of
+ * the `ECPrivateKey` format defined by RFC 5915. For Montgomery curves,
+ * the format is defined by RFC 7748, and output is masked according to §5.
* - For Diffie-Hellman key exchange key pairs (key types for which
* #PSA_KEY_TYPE_IS_DH_KEY_PAIR is true), the
* format is the representation of the private key `x` as a big-endian byte
@@ -3502,9 +3503,9 @@
* length is determined by the curve, and sets the mandatory bits
* accordingly. That is:
*
- * - Curve25519 (#PSA_ECC_CURVE_MONTGOMERY, 255 bits): draw a 32-byte
+ * - Curve25519 (#PSA_ECC_FAMILY_MONTGOMERY, 255 bits): draw a 32-byte
* string and process it as specified in RFC 7748 §5.
- * - Curve448 (#PSA_ECC_CURVE_MONTGOMERY, 448 bits): draw a 56-byte
+ * - Curve448 (#PSA_ECC_FAMILY_MONTGOMERY, 448 bits): draw a 56-byte
* string and process it as specified in RFC 7748 §5.
*
* - For key types for which the key is represented by a single sequence of
diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h
index 1ed5f05..cb2be7f 100644
--- a/include/psa/crypto_compat.h
+++ b/include/psa/crypto_compat.h
@@ -50,8 +50,13 @@
typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t;
typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t;
typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_ecc_curve_t mbedtls_deprecated_psa_ecc_curve_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_dh_group_t mbedtls_deprecated_psa_dh_group_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t mbedtls_deprecated_psa_ecc_family_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t mbedtls_deprecated_psa_dh_family_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t psa_ecc_curve_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t psa_dh_group_t;
+
+#define PSA_KEY_TYPE_GET_CURVE PSA_KEY_TYPE_ECC_GET_FAMILY
+#define PSA_KEY_TYPE_GET_GROUP PSA_KEY_TYPE_DH_GET_FAMILY
#define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \
( (mbedtls_deprecated_##type) ( value ) )
@@ -115,79 +120,110 @@
#endif /* MBEDTLS_DEPRECATED_REMOVED */
/*
- * Size-specific elliptic curve and Diffie-Hellman group names
+ * Size-specific elliptic curve families.
*/
#define PSA_ECC_CURVE_SECP160K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
#define PSA_ECC_CURVE_SECP192K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
#define PSA_ECC_CURVE_SECP224K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
#define PSA_ECC_CURVE_SECP256K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
#define PSA_ECC_CURVE_SECP160R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
#define PSA_ECC_CURVE_SECP192R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
#define PSA_ECC_CURVE_SECP224R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
#define PSA_ECC_CURVE_SECP256R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
#define PSA_ECC_CURVE_SECP384R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
#define PSA_ECC_CURVE_SECP521R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
#define PSA_ECC_CURVE_SECP160R2 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R2 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2 )
#define PSA_ECC_CURVE_SECT163K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
#define PSA_ECC_CURVE_SECT233K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
#define PSA_ECC_CURVE_SECT239K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
#define PSA_ECC_CURVE_SECT283K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
#define PSA_ECC_CURVE_SECT409K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
#define PSA_ECC_CURVE_SECT571K1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
#define PSA_ECC_CURVE_SECT163R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
#define PSA_ECC_CURVE_SECT193R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
#define PSA_ECC_CURVE_SECT233R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
#define PSA_ECC_CURVE_SECT283R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
#define PSA_ECC_CURVE_SECT409R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
#define PSA_ECC_CURVE_SECT571R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
#define PSA_ECC_CURVE_SECT163R2 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R2 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 )
#define PSA_ECC_CURVE_SECT193R2 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R2 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 )
#define PSA_ECC_CURVE_BRAINPOOL_P256R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_BRAINPOOL_P_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 )
#define PSA_ECC_CURVE_BRAINPOOL_P384R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_BRAINPOOL_P_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 )
#define PSA_ECC_CURVE_BRAINPOOL_P512R1 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_BRAINPOOL_P_R1 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 )
#define PSA_ECC_CURVE_CURVE25519 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_MONTGOMERY )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY )
#define PSA_ECC_CURVE_CURVE448 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_MONTGOMERY )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY )
+/*
+ * Curves that changed name due to PSA specification.
+ */
+#define PSA_ECC_CURVE_SECP_K1 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
+#define PSA_ECC_CURVE_SECP_R1 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
+#define PSA_ECC_CURVE_SECP_R2 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2 )
+#define PSA_ECC_CURVE_SECT_K1 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
+#define PSA_ECC_CURVE_SECT_R1 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
+#define PSA_ECC_CURVE_SECT_R2 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 )
+#define PSA_ECC_CURVE_BRAINPOOL_P_R1 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 )
+#define PSA_ECC_CURVE_MONTGOMERY \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY )
+
+/*
+ * Finite-field Diffie-Hellman families.
+ */
#define PSA_DH_GROUP_FFDHE2048 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
#define PSA_DH_GROUP_FFDHE3072 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
#define PSA_DH_GROUP_FFDHE4096 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
#define PSA_DH_GROUP_FFDHE6144 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
#define PSA_DH_GROUP_FFDHE8192 \
- MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 )
+ MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
+
+/*
+ * Diffie-Hellman families that changed name due to PSA specification.
+ */
+#define PSA_DH_GROUP_RFC7919 \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
+#define PSA_DH_GROUP_CUSTOM \
+ MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_CUSTOM )
#ifdef __cplusplus
}
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 84cc5ab..afb16ad 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -414,11 +414,11 @@
/** Custom Diffie-Hellman group.
*
- * For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_GROUP_CUSTOM) or
- * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM), the group data comes
+ * For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or
+ * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM), the group data comes
* from domain parameters set by psa_set_key_domain_parameters().
*/
-#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x7e)
+#define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
/**
@@ -448,8 +448,8 @@
* }
* ```
* - For Diffie-Hellman key exchange keys
- * (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_GROUP_CUSTOM) or
- * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM)), the
+ * (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or
+ * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM)), the
* `DomainParameters` format as defined by RFC 3279 §2.3.3.
* ```
* DomainParameters ::= SEQUENCE {
@@ -575,53 +575,53 @@
* \param[out] bits On success, the bit size of the curve.
*
* \return The corresponding PSA elliptic curve identifier
- * (`PSA_ECC_CURVE_xxx`).
+ * (`PSA_ECC_FAMILY_xxx`).
* \return \c 0 on failure (\p grpid is not recognized).
*/
-static inline psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
+static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
size_t *bits )
{
switch( grpid )
{
case MBEDTLS_ECP_DP_SECP192R1:
*bits = 192;
- return( PSA_ECC_CURVE_SECP_R1 );
+ return( PSA_ECC_FAMILY_SECP_R1 );
case MBEDTLS_ECP_DP_SECP224R1:
*bits = 224;
- return( PSA_ECC_CURVE_SECP_R1 );
+ return( PSA_ECC_FAMILY_SECP_R1 );
case MBEDTLS_ECP_DP_SECP256R1:
*bits = 256;
- return( PSA_ECC_CURVE_SECP_R1 );
+ return( PSA_ECC_FAMILY_SECP_R1 );
case MBEDTLS_ECP_DP_SECP384R1:
*bits = 384;
- return( PSA_ECC_CURVE_SECP_R1 );
+ return( PSA_ECC_FAMILY_SECP_R1 );
case MBEDTLS_ECP_DP_SECP521R1:
*bits = 521;
- return( PSA_ECC_CURVE_SECP_R1 );
+ return( PSA_ECC_FAMILY_SECP_R1 );
case MBEDTLS_ECP_DP_BP256R1:
*bits = 256;
- return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
+ return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
case MBEDTLS_ECP_DP_BP384R1:
*bits = 384;
- return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
+ return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
case MBEDTLS_ECP_DP_BP512R1:
*bits = 512;
- return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
+ return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
case MBEDTLS_ECP_DP_CURVE25519:
*bits = 255;
- return( PSA_ECC_CURVE_MONTGOMERY );
+ return( PSA_ECC_FAMILY_MONTGOMERY );
case MBEDTLS_ECP_DP_SECP192K1:
*bits = 192;
- return( PSA_ECC_CURVE_SECP_K1 );
+ return( PSA_ECC_FAMILY_SECP_K1 );
case MBEDTLS_ECP_DP_SECP224K1:
*bits = 224;
- return( PSA_ECC_CURVE_SECP_K1 );
+ return( PSA_ECC_FAMILY_SECP_K1 );
case MBEDTLS_ECP_DP_SECP256K1:
*bits = 256;
- return( PSA_ECC_CURVE_SECP_K1 );
+ return( PSA_ECC_FAMILY_SECP_K1 );
case MBEDTLS_ECP_DP_CURVE448:
*bits = 448;
- return( PSA_ECC_CURVE_MONTGOMERY );
+ return( PSA_ECC_FAMILY_MONTGOMERY );
default:
*bits = 0;
return( 0 );
@@ -634,7 +634,7 @@
* Mbed TLS and may be removed at any time without notice.
*
* \param curve A PSA elliptic curve identifier
- * (`PSA_ECC_CURVE_xxx`).
+ * (`PSA_ECC_FAMILY_xxx`).
* \param byte_length The byte-length of a private key on \p curve.
*
* \return The corresponding Mbed TLS elliptic curve identifier
@@ -643,7 +643,7 @@
* \return #MBEDTLS_ECP_DP_NONE if \p byte_length is not
* correct for \p curve.
*/
-mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve,
+mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
size_t byte_length );
#endif /* MBEDTLS_ECP_C */
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index 41f1bea..29e1f29 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -74,7 +74,7 @@
* Values defined by this standard will never be in the range 0x80-0xff.
* Vendors who define additional families must use an encoding in this range.
*/
-typedef uint8_t psa_ecc_curve_t;
+typedef uint8_t psa_ecc_family_t;
/** The type of PSA Diffie-Hellman group family identifiers.
*
@@ -85,7 +85,7 @@
* Values defined by this standard will never be in the range 0x80-0xff.
* Vendors who define additional families must use an encoding in this range.
*/
-typedef uint8_t psa_dh_group_t;
+typedef uint8_t psa_dh_family_t;
/** \brief Encoding of a cryptographic algorithm.
*
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 9fed276..73d7d9d 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -426,15 +426,15 @@
#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff)
/** Elliptic curve key pair.
*
- * \param curve A value of type ::psa_ecc_curve_t that identifies the
- * ECC curve to be used.
+ * \param curve A value of type ::psa_ecc_family_t that
+ * identifies the ECC curve to be used.
*/
#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
(PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
/** Elliptic curve public key.
*
- * \param curve A value of type ::psa_ecc_curve_t that identifies the
- * ECC curve to be used.
+ * \param curve A value of type ::psa_ecc_family_t that
+ * identifies the ECC curve to be used.
*/
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
(PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
@@ -453,8 +453,8 @@
PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
/** Extract the curve from an elliptic curve key type. */
-#define PSA_KEY_TYPE_GET_CURVE(type) \
- ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
+#define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
+ ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
0))
@@ -466,7 +466,7 @@
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
*/
-#define PSA_ECC_CURVE_SECP_K1 ((psa_ecc_curve_t) 0x17)
+#define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
/** SEC random curves over prime fields.
*
@@ -476,9 +476,9 @@
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
*/
-#define PSA_ECC_CURVE_SECP_R1 ((psa_ecc_curve_t) 0x12)
+#define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
/* SECP160R2 (SEC2 v1, obsolete) */
-#define PSA_ECC_CURVE_SECP_R2 ((psa_ecc_curve_t) 0x1b)
+#define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
/** SEC Koblitz curves over binary fields.
*
@@ -488,7 +488,7 @@
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
*/
-#define PSA_ECC_CURVE_SECT_K1 ((psa_ecc_curve_t) 0x27)
+#define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
/** SEC random curves over binary fields.
*
@@ -498,7 +498,7 @@
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
*/
-#define PSA_ECC_CURVE_SECT_R1 ((psa_ecc_curve_t) 0x22)
+#define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
/** SEC additional random curves over binary fields.
*
@@ -508,7 +508,7 @@
* _SEC 2: Recommended Elliptic Curve Domain Parameters_.
* https://www.secg.org/sec2-v2.pdf
*/
-#define PSA_ECC_CURVE_SECT_R2 ((psa_ecc_curve_t) 0x2b)
+#define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
/** Brainpool P random curves.
*
@@ -517,7 +517,7 @@
* brainpoolP320r1, brainpoolP384r1, brainpoolP512r1.
* It is defined in RFC 5639.
*/
-#define PSA_ECC_CURVE_BRAINPOOL_P_R1 ((psa_ecc_curve_t) 0x30)
+#define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
/** Curve25519 and Curve448.
*
@@ -529,21 +529,21 @@
* _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015.
* The algorithm #PSA_ALG_ECDH performs X448 when used with this curve.
*/
-#define PSA_ECC_CURVE_MONTGOMERY ((psa_ecc_curve_t) 0x41)
+#define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200)
#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200)
#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff)
/** Diffie-Hellman key pair.
*
- * \param group A value of type ::psa_dh_group_t that identifies the
+ * \param group A value of type ::psa_dh_family_t that identifies the
* Diffie-Hellman group to be used.
*/
#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
(PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
/** Diffie-Hellman public key.
*
- * \param group A value of type ::psa_dh_group_t that identifies the
+ * \param group A value of type ::psa_dh_family_t that identifies the
* Diffie-Hellman group to be used.
*/
#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
@@ -563,8 +563,8 @@
PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
/** Extract the group from a Diffie-Hellman key type. */
-#define PSA_KEY_TYPE_GET_GROUP(type) \
- ((psa_dh_group_t) (PSA_KEY_TYPE_IS_DH(type) ? \
+#define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
+ ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
0))
@@ -574,7 +574,7 @@
* 2048, 3072, 4096, 6144, 8192. A given implementation may support
* all of these sizes or only a subset.
*/
-#define PSA_DH_GROUP_RFC7919 ((psa_dh_group_t) 0x03)
+#define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
#define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
(((type) >> 8) & 7)
@@ -1483,17 +1483,17 @@
* is padded with zero bits. The byte order is either little-endian
* or big-endian depending on the curve type.
*
- * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`),
+ * - For Montgomery curves (curve types `PSA_ECC_FAMILY_CURVEXXX`),
* the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
* in little-endian byte order.
* The bit size is 448 for Curve448 and 255 for Curve25519.
* - For Weierstrass curves over prime fields (curve types
- * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`),
+ * `PSA_ECC_FAMILY_SECPXXX` and `PSA_ECC_FAMILY_BRAINPOOL_PXXX`),
* the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
* in big-endian byte order.
* The bit size is `m = ceiling(log_2(p))` for the field `F_p`.
* - For Weierstrass curves over binary fields (curve types
- * `PSA_ECC_CURVE_SECTXXX`),
+ * `PSA_ECC_FAMILY_SECTXXX`),
* the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
* in big-endian byte order.
* The bit size is `m` for the field `F_{2^m}`.
@@ -1611,7 +1611,7 @@
*/
#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
(PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
- PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE)
+ PSA_KEY_PERSISTENCE_VOLATILE)
/** Construct a lifetime from a persistence level and a location.
*
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 05196e8..1bdc59e 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -148,10 +148,14 @@
message(FATAL_ERROR "Need to choose static or shared mbedtls build!")
endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
+set(target_libraries "mbedcrypto" "mbedx509" "mbedtls")
+
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
set(mbedtls_static_target "mbedtls_static")
set(mbedx509_static_target "mbedx509_static")
set(mbedcrypto_static_target "mbedcrypto_static")
+ list(APPEND target_libraries
+ "mbedcrypto_static" "mbedx509_static" "mbedtls_static")
elseif(USE_STATIC_MBEDTLS_LIBRARY)
set(mbedtls_static_target "mbedtls")
set(mbedx509_static_target "mbedx509")
@@ -162,8 +166,6 @@
add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
target_link_libraries(${mbedcrypto_static_target} ${libs})
- target_include_directories(${mbedcrypto_static_target}
- PUBLIC ${MBEDTLS_DIR}/include/)
add_library(${mbedx509_static_target} STATIC ${src_x509})
set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
@@ -172,37 +174,40 @@
add_library(${mbedtls_static_target} STATIC ${src_tls})
set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
-
- install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
endif(USE_STATIC_MBEDTLS_LIBRARY)
if(USE_SHARED_MBEDTLS_LIBRARY)
-
add_library(mbedcrypto SHARED ${src_crypto})
set_target_properties(mbedcrypto PROPERTIES VERSION 2.23.0 SOVERSION 5)
target_link_libraries(mbedcrypto ${libs})
- target_include_directories(mbedcrypto
- PUBLIC ${MBEDTLS_DIR}/include/)
add_library(mbedx509 SHARED ${src_x509})
set_target_properties(mbedx509 PROPERTIES VERSION 2.23.0 SOVERSION 1)
target_link_libraries(mbedx509 ${libs} mbedcrypto)
- target_include_directories(mbedx509
- PUBLIC ${MBEDTLS_DIR}/include/)
add_library(mbedtls SHARED ${src_tls})
set_target_properties(mbedtls PROPERTIES VERSION 2.23.0 SOVERSION 13)
target_link_libraries(mbedtls ${libs} mbedx509)
- target_include_directories(mbedtls
- PUBLIC ${MBEDTLS_DIR}/include/)
-
- install(TARGETS mbedtls mbedx509 mbedcrypto
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
endif(USE_SHARED_MBEDTLS_LIBRARY)
+foreach(target IN LISTS target_libraries)
+ # Include public header files from /include and other directories
+ # declared by /3rdparty/**/CMakeLists.txt. Include private header files
+ # from /library and others declared by /3rdparty/**/CMakeLists.txt.
+ # /library needs to be listed explicitly when building .c files outside
+ # of /library (which currently means: under /3rdparty).
+ target_include_directories(${target}
+ PUBLIC ${MBEDTLS_DIR}/include/
+ PUBLIC ${thirdparty_inc_public}
+ PRIVATE ${MBEDTLS_DIR}/library/
+ PRIVATE ${thirdparty_inc})
+ target_compile_definitions(${target}
+ PRIVATE ${thirdparty_def})
+ install(TARGETS ${target}
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+endforeach(target)
+
add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
diff --git a/library/Makefile b/library/Makefile
index 87ea56d..b76a84b 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -5,7 +5,11 @@
WARNING_CFLAGS ?= -Wall -Wextra
LDFLAGS ?=
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+# Include ../include for public headers and . for private headers.
+# Note that . needs to be included explicitly for the sake of library
+# files that are not in the /library directory (which currently means
+# under /3rdparty).
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I. -I../include -D_FILE_OFFSET_BITS=64
LOCAL_LDFLAGS =
ifdef DEBUG
diff --git a/library/aes.c b/library/aes.c
index 962b0b9..80e8134 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -25,11 +25,7 @@
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_AES_C)
diff --git a/library/aesni.c b/library/aesni.c
index 062708b..e0d8a69 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -24,11 +24,7 @@
* [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_AESNI_C)
diff --git a/library/arc4.c b/library/arc4.c
index b8998ac..2109bb2 100644
--- a/library/arc4.c
+++ b/library/arc4.c
@@ -24,11 +24,7 @@
* http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ARC4_C)
diff --git a/library/aria.c b/library/aria.c
index aff66d6..107be27 100644
--- a/library/aria.c
+++ b/library/aria.c
@@ -25,11 +25,7 @@
* [2] https://tools.ietf.org/html/rfc5794
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ARIA_C)
diff --git a/library/asn1parse.c b/library/asn1parse.c
index 34c6607..fe62bc6 100644
--- a/library/asn1parse.c
+++ b/library/asn1parse.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ASN1_PARSE_C)
diff --git a/library/asn1write.c b/library/asn1write.c
index 503db93..3c41180 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ASN1_WRITE_C)
diff --git a/library/base64.c b/library/base64.c
index f06b57b..3921c46 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_BASE64_C)
diff --git a/library/bignum.c b/library/bignum.c
index d9ab6f6..2ab71ca 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -35,11 +35,7 @@
*
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_BIGNUM_C)
diff --git a/library/blowfish.c b/library/blowfish.c
index cbf9238..7c9b1a6 100644
--- a/library/blowfish.c
+++ b/library/blowfish.c
@@ -25,11 +25,7 @@
*
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_BLOWFISH_C)
diff --git a/library/camellia.c b/library/camellia.c
index 22262b8..764e4f8 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -25,11 +25,7 @@
* http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_CAMELLIA_C)
diff --git a/library/ccm.c b/library/ccm.c
index eaef106..25a627b 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -28,11 +28,7 @@
* RFC 5116 "An Interface and Algorithms for Authenticated Encryption"
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_CCM_C)
diff --git a/library/certs.c b/library/certs.c
index f152c28..fa11d5c 100644
--- a/library/certs.c
+++ b/library/certs.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#include "mbedtls/certs.h"
diff --git a/library/chacha20.c b/library/chacha20.c
index 343b216..bda39b2 100644
--- a/library/chacha20.c
+++ b/library/chacha20.c
@@ -23,11 +23,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_CHACHA20_C)
diff --git a/library/chachapoly.c b/library/chachapoly.c
index f0af5de..d51227a 100644
--- a/library/chachapoly.c
+++ b/library/chachapoly.c
@@ -20,11 +20,7 @@
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_CHACHAPOLY_C)
diff --git a/library/cipher.c b/library/cipher.c
index 409c3fe..acbda26 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -23,11 +23,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_CIPHER_C)
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index a813426..e5ee7ff 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -23,11 +23,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_CIPHER_C)
diff --git a/library/cmac.c b/library/cmac.c
index 2d23be5..3a48a62 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -40,11 +40,7 @@
*
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_CMAC_C)
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 8a2920a..7872e9b 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -24,11 +24,7 @@
* http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_CTR_DRBG_C)
diff --git a/library/debug.c b/library/debug.c
index 2b25e99..6fb766b 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_DEBUG_C)
diff --git a/library/des.c b/library/des.c
index 24e517e..e135219 100644
--- a/library/des.c
+++ b/library/des.c
@@ -25,11 +25,7 @@
* http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_DES_C)
diff --git a/library/dhm.c b/library/dhm.c
index 392ed0c..387f5be 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -27,11 +27,7 @@
*
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_DHM_C)
diff --git a/library/ecdh.c b/library/ecdh.c
index 3cf5333..987a6ce 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c
@@ -26,11 +26,7 @@
* RFC 4492
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ECDH_C)
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 5acd2d0..3183a90 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -25,11 +25,7 @@
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ECDSA_C)
diff --git a/library/ecjpake.c b/library/ecjpake.c
index 79ea3cb..a607851 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -24,11 +24,7 @@
* available to members of the Thread Group http://threadgroup.org/
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ECJPAKE_C)
diff --git a/library/ecp.c b/library/ecp.c
index 7b20516..d6ef5ed 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -41,11 +41,7 @@
* <http://eprint.iacr.org/2004/342.pdf>
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
/**
* \brief Function level alternative implementation.
@@ -505,25 +501,6 @@
#endif /* MBEDTLS_ECP_RESTARTABLE */
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
- defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-#define ECP_SHORTWEIERSTRASS
-#endif
-
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
- defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-#define ECP_MONTGOMERY
-#endif
-
/*
* List of supported curves:
* - internal ID
@@ -901,7 +878,8 @@
plen = mbedtls_mpi_size( &grp->P );
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+ (void) format; /* Montgomery curves always use the same point format */
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
{
*olen = plen;
@@ -911,7 +889,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &P->X, buf, plen ) );
}
#endif
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
{
/*
@@ -974,7 +952,7 @@
plen = mbedtls_mpi_size( &grp->P );
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
{
if( plen != ilen )
@@ -990,7 +968,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) );
}
#endif
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
{
if( buf[0] == 0x00 )
@@ -1308,7 +1286,7 @@
return( ret );
}
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/*
* For curves in short Weierstrass form, we do all the internal operations in
* Jacobian coordinates.
@@ -2417,9 +2395,9 @@
return( ret );
}
-#endif /* ECP_SHORTWEIERSTRASS */
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
/*
* For Montgomery curves, we do all the internal arithmetic in projective
* coordinates. Import/export of points uses only the x coordinates, which is
@@ -2653,7 +2631,7 @@
return( ret );
}
-#endif /* ECP_MONTGOMERY */
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
/*
* Restartable multiplication R = m * P
@@ -2676,6 +2654,8 @@
/* reset ops count for this call if top-level */
if( rs_ctx != NULL && rs_ctx->depth++ == 0 )
rs_ctx->ops_done = 0;
+#else
+ (void) rs_ctx;
#endif
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
@@ -2697,11 +2677,11 @@
}
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
MBEDTLS_MPI_CHK( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) );
#endif
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
MBEDTLS_MPI_CHK( ecp_mul_comb( grp, R, m, P, f_rng, p_rng, rs_ctx ) );
#endif
@@ -2735,7 +2715,7 @@
return( mbedtls_ecp_mul_restartable( grp, R, m, P, f_rng, p_rng, NULL ) );
}
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/*
* Check that an affine point is valid as a public key,
* short weierstrass curves (SEC1 3.2.3.1)
@@ -2783,8 +2763,9 @@
return( ret );
}
-#endif /* ECP_SHORTWEIERSTRASS */
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/*
* R = m * P with shortcuts for m == 1 and m == -1
* NOT constant-time - ONLY for short Weierstrass!
@@ -2930,8 +2911,9 @@
ECP_VALIDATE_RET( Q != NULL );
return( mbedtls_ecp_muladd_restartable( grp, R, m, P, n, Q, NULL ) );
}
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
/*
* Check validity of a public key for Montgomery curves with x-only schemes
*/
@@ -2945,7 +2927,7 @@
return( 0 );
}
-#endif /* ECP_MONTGOMERY */
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
/*
* Check that a point is valid as a public key
@@ -2960,11 +2942,11 @@
if( mbedtls_mpi_cmp_int( &pt->Z, 1 ) != 0 )
return( MBEDTLS_ERR_ECP_INVALID_KEY );
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
return( ecp_check_pubkey_mx( grp, pt ) );
#endif
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
return( ecp_check_pubkey_sw( grp, pt ) );
#endif
@@ -2980,7 +2962,7 @@
ECP_VALIDATE_RET( grp != NULL );
ECP_VALIDATE_RET( d != NULL );
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
{
/* see RFC 7748 sec. 5 para. 5 */
@@ -2995,8 +2977,8 @@
return( 0 );
}
-#endif /* ECP_MONTGOMERY */
-#if defined(ECP_SHORTWEIERSTRASS)
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
{
/* see SEC1 3.2 */
@@ -3006,7 +2988,7 @@
else
return( 0 );
}
-#endif /* ECP_SHORTWEIERSTRASS */
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
}
@@ -3028,7 +3010,7 @@
n_size = ( grp->nbits + 7 ) / 8;
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
{
/* [M225] page 5 */
@@ -3054,9 +3036,9 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
}
}
-#endif /* ECP_MONTGOMERY */
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
{
/* SEC1 3.2.1: Generate d such that 1 <= n < N */
@@ -3098,7 +3080,7 @@
}
while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp != 1 );
}
-#endif /* ECP_SHORTWEIERSTRASS */
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
cleanup:
return( ret );
@@ -3176,7 +3158,7 @@
ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-#if defined(ECP_MONTGOMERY)
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
{
/*
@@ -3211,7 +3193,7 @@
}
#endif
-#if defined(ECP_SHORTWEIERSTRASS)
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &key->d, buf, buflen ) );
@@ -3229,6 +3211,45 @@
}
/*
+ * Write a private key.
+ */
+int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
+ unsigned char *buf, size_t buflen )
+{
+ int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+
+ ECP_VALIDATE_RET( key != NULL );
+ ECP_VALIDATE_RET( buf != NULL );
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+ if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
+ {
+ if( key->grp.id == MBEDTLS_ECP_DP_CURVE25519 )
+ {
+ if( buflen < ECP_CURVE25519_KEY_SIZE )
+ return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &key->d, buf, buflen ) );
+ }
+ else
+ ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+ }
+
+#endif
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+ if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
+ {
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &key->d, buf, buflen ) );
+ }
+
+#endif
+cleanup:
+
+ return( ret );
+}
+
+
+/*
* Check a public-private key pair
*/
int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv )
@@ -3274,33 +3295,141 @@
#if defined(MBEDTLS_SELF_TEST)
+/* Adjust the exponent to be a valid private point for the specified curve.
+ * This is sometimes necessary because we use a single set of exponents
+ * for all curves but the validity of values depends on the curve. */
+static int self_test_adjust_exponent( const mbedtls_ecp_group *grp,
+ mbedtls_mpi *m )
+{
+ int ret = 0;
+ switch( grp->id )
+ {
+ /* If Curve25519 is available, then that's what we use for the
+ * Montgomery test, so we don't need the adjustment code. */
+#if ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+ case MBEDTLS_ECP_DP_CURVE448:
+ /* Move highest bit from 254 to N-1. Setting bit N-1 is
+ * necessary to enforce the highest-bit-set constraint. */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, 254, 0 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, grp->nbits, 1 ) );
+ /* Copy second-highest bit from 253 to N-2. This is not
+ * necessary but improves the test variety a bit. */
+ MBEDTLS_MPI_CHK(
+ mbedtls_mpi_set_bit( m, grp->nbits - 1,
+ mbedtls_mpi_get_bit( m, 253 ) ) );
+ break;
+#endif
+#endif /* ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) */
+ default:
+ /* Non-Montgomery curves and Curve25519 need no adjustment. */
+ (void) grp;
+ (void) m;
+ goto cleanup;
+ }
+cleanup:
+ return( ret );
+}
+
+/* Calculate R = m.P for each m in exponents. Check that the number of
+ * basic operations doesn't depend on the value of m. */
+static int self_test_point( int verbose,
+ mbedtls_ecp_group *grp,
+ mbedtls_ecp_point *R,
+ mbedtls_mpi *m,
+ const mbedtls_ecp_point *P,
+ const char *const *exponents,
+ size_t n_exponents )
+{
+ int ret = 0;
+ size_t i = 0;
+ unsigned long add_c_prev, dbl_c_prev, mul_c_prev;
+ add_count = 0;
+ dbl_count = 0;
+ mul_count = 0;
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) );
+ MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
+
+ for( i = 1; i < n_exponents; i++ )
+ {
+ add_c_prev = add_count;
+ dbl_c_prev = dbl_count;
+ mul_c_prev = mul_count;
+ add_count = 0;
+ dbl_count = 0;
+ mul_count = 0;
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) );
+ MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
+
+ if( add_count != add_c_prev ||
+ dbl_count != dbl_c_prev ||
+ mul_count != mul_c_prev )
+ {
+ ret = 1;
+ break;
+ }
+ }
+
+cleanup:
+ if( verbose != 0 )
+ {
+ if( ret != 0 )
+ mbedtls_printf( "failed (%u)\n", (unsigned int) i );
+ else
+ mbedtls_printf( "passed\n" );
+ }
+ return( ret );
+}
+
/*
* Checkup routine
*/
int mbedtls_ecp_self_test( int verbose )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t i;
mbedtls_ecp_group grp;
mbedtls_ecp_point R, P;
mbedtls_mpi m;
- unsigned long add_c_prev, dbl_c_prev, mul_c_prev;
- /* exponents especially adapted for secp192r1 */
- const char *exponents[] =
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+ /* Exponents especially adapted for secp192k1, which has the lowest
+ * order n of all supported curves (secp192r1 is in a slightly larger
+ * field but the order of its base point is slightly smaller). */
+ const char *sw_exponents[] =
{
"000000000000000000000000000000000000000000000001", /* one */
- "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830", /* N - 1 */
+ "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8C", /* n - 1 */
"5EA6F389A38B8BC81E767753B15AA5569E1782E30ABE7D25", /* random */
"400000000000000000000000000000000000000000000000", /* one and zeros */
"7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", /* all ones */
"555555555555555555555555555555555555555555555555", /* 101010... */
};
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+ const char *m_exponents[] =
+ {
+ /* Valid private values for Curve25519. In a build with Curve448
+ * but not Curve25519, they will be adjusted in
+ * self_test_adjust_exponent(). */
+ "4000000000000000000000000000000000000000000000000000000000000000",
+ "5C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C30",
+ "5715ECCE24583F7A7023C24164390586842E816D7280A49EF6DF4EAE6B280BF8",
+ "41A2B017516F6D254E1F002BCCBADD54BE30F8CEC737A0E912B4963B6BA74460",
+ "5555555555555555555555555555555555555555555555555555555555555550",
+ "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8",
+ };
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &R );
mbedtls_ecp_point_init( &P );
mbedtls_mpi_init( &m );
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/* Use secp192r1 if available, or any available curve */
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP192R1 ) );
@@ -3309,81 +3438,48 @@
#endif
if( verbose != 0 )
- mbedtls_printf( " ECP test #1 (constant op_count, base point G): " );
-
+ mbedtls_printf( " ECP SW test #1 (constant op_count, base point G): " );
/* Do a dummy multiplication first to trigger precomputation */
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) );
-
- add_count = 0;
- dbl_count = 0;
- mul_count = 0;
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[0] ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) );
-
- for( i = 1; i < sizeof( exponents ) / sizeof( exponents[0] ); i++ )
- {
- add_c_prev = add_count;
- dbl_c_prev = dbl_count;
- mul_c_prev = mul_count;
- add_count = 0;
- dbl_count = 0;
- mul_count = 0;
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[i] ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) );
-
- if( add_count != add_c_prev ||
- dbl_count != dbl_c_prev ||
- mul_count != mul_c_prev )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed (%u)\n", (unsigned int) i );
-
- ret = 1;
- goto cleanup;
- }
- }
+ ret = self_test_point( verbose,
+ &grp, &R, &m, &grp.G,
+ sw_exponents,
+ sizeof( sw_exponents ) / sizeof( sw_exponents[0] ));
+ if( ret != 0 )
+ goto cleanup;
if( verbose != 0 )
- mbedtls_printf( "passed\n" );
-
- if( verbose != 0 )
- mbedtls_printf( " ECP test #2 (constant op_count, other point): " );
+ mbedtls_printf( " ECP SW test #2 (constant op_count, other point): " );
/* We computed P = 2G last time, use it */
+ ret = self_test_point( verbose,
+ &grp, &R, &m, &P,
+ sw_exponents,
+ sizeof( sw_exponents ) / sizeof( sw_exponents[0] ));
+ if( ret != 0 )
+ goto cleanup;
- add_count = 0;
- dbl_count = 0;
- mul_count = 0;
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[0] ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &P, NULL, NULL ) );
+ mbedtls_ecp_group_free( &grp );
+ mbedtls_ecp_point_free( &R );
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
- for( i = 1; i < sizeof( exponents ) / sizeof( exponents[0] ); i++ )
- {
- add_c_prev = add_count;
- dbl_c_prev = dbl_count;
- mul_c_prev = mul_count;
- add_count = 0;
- dbl_count = 0;
- mul_count = 0;
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[i] ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &P, NULL, NULL ) );
-
- if( add_count != add_c_prev ||
- dbl_count != dbl_c_prev ||
- mul_count != mul_c_prev )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed (%u)\n", (unsigned int) i );
-
- ret = 1;
- goto cleanup;
- }
- }
-
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
if( verbose != 0 )
- mbedtls_printf( "passed\n" );
+ mbedtls_printf( " ECP Montgomery test (constant op_count): " );
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+ MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE25519 ) );
+#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+ MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE448 ) );
+#else
+#error "MBEDTLS_ECP_MONTGOMERY_ENABLED is defined, but no curve is supported for self-test"
+#endif
+ ret = self_test_point( verbose,
+ &grp, &R, &m, &grp.G,
+ m_exponents,
+ sizeof( m_exponents ) / sizeof( m_exponents[0] ));
+ if( ret != 0 )
+ goto cleanup;
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
cleanup:
diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index a24a50c..137ef1e 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ECP_C)
@@ -557,6 +553,22 @@
};
#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
+ defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+/* For these curves, we build the group parameters dynamically. */
+#define ECP_LOAD_GROUP
+#endif
+
+#if defined(ECP_LOAD_GROUP)
/*
* Create an MPI from embedded constants
* (assumes len is an exact multiple of sizeof mbedtls_mpi_uint)
@@ -607,6 +619,7 @@
return( 0 );
}
+#endif /* ECP_LOAD_GROUP */
#if defined(MBEDTLS_ECP_NIST_OPTIM)
/* Forward declarations */
@@ -648,6 +661,7 @@
static int ecp_mod_p256k1( mbedtls_mpi * );
#endif
+#if defined(ECP_LOAD_GROUP)
#define LOAD_GROUP_A( G ) ecp_group_load( grp, \
G ## _p, sizeof( G ## _p ), \
G ## _a, sizeof( G ## _a ), \
@@ -663,6 +677,7 @@
G ## _gx, sizeof( G ## _gx ), \
G ## _gy, sizeof( G ## _gy ), \
G ## _n, sizeof( G ## _n ) )
+#endif /* ECP_LOAD_GROUP */
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
/*
diff --git a/library/entropy.c b/library/entropy.c
index 102f9f1..4d4d6ce 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ENTROPY_C)
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index dc62183..62fb4af 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -24,11 +24,7 @@
#define _GNU_SOURCE
#endif
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#include <string.h>
diff --git a/library/error.c b/library/error.c
index 57171b3..68e1f17 100644
--- a/library/error.c
+++ b/library/error.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
#include <string.h>
diff --git a/library/gcm.c b/library/gcm.c
index e34f1da..eae9eed 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -29,11 +29,7 @@
* [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_GCM_C)
diff --git a/library/havege.c b/library/havege.c
index ca7dd17..75e0e84 100644
--- a/library/havege.c
+++ b/library/havege.c
@@ -26,11 +26,7 @@
* Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_HAVEGE_C)
diff --git a/library/hkdf.c b/library/hkdf.c
index 82df597..0e9da59 100644
--- a/library/hkdf.c
+++ b/library/hkdf.c
@@ -18,11 +18,7 @@
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_HKDF_C)
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index f811885..b25b683 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -25,11 +25,7 @@
* References below are based on rev. 1 (January 2012).
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_HMAC_DRBG_C)
diff --git a/library/md.c b/library/md.c
index 30a580b..3eb0fe3 100644
--- a/library/md.c
+++ b/library/md.c
@@ -23,11 +23,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_MD_C)
diff --git a/library/md2.c b/library/md2.c
index 82aed8e..afc6539 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -25,11 +25,7 @@
* http://www.ietf.org/rfc/rfc1319.txt
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_MD2_C)
diff --git a/library/md4.c b/library/md4.c
index 6a658e3..beb42c9 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -25,11 +25,7 @@
* http://www.ietf.org/rfc/rfc1320.txt
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_MD4_C)
diff --git a/library/md5.c b/library/md5.c
index 2306855..c7b85d1 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -24,11 +24,7 @@
* http://www.ietf.org/rfc/rfc1321.txt
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_MD5_C)
diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c
index 51ea7c4..07bcce0 100644
--- a/library/memory_buffer_alloc.c
+++ b/library/memory_buffer_alloc.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#include "mbedtls/memory_buffer_alloc.h"
diff --git a/library/net_sockets.c b/library/net_sockets.c
index b26e858..3c6d293 100644
--- a/library/net_sockets.c
+++ b/library/net_sockets.c
@@ -25,11 +25,7 @@
#define _POSIX_C_SOURCE 200112L
#define _XOPEN_SOURCE 600 /* sockaddr_storage */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_NET_C)
diff --git a/library/nist_kw.c b/library/nist_kw.c
index 03e8072..f6ee486 100644
--- a/library/nist_kw.c
+++ b/library/nist_kw.c
@@ -29,11 +29,7 @@
* the wrapping and unwrapping operation than the definition in NIST SP 800-38F.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_NIST_KW_C)
diff --git a/library/oid.c b/library/oid.c
index e0c0743..29ced43 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -21,11 +21,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_OID_C)
diff --git a/library/padlock.c b/library/padlock.c
index b85ff9c..96463b9 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -25,11 +25,7 @@
* programming_guide.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PADLOCK_C)
@@ -58,10 +54,10 @@
"cpuid \n\t"
"cmpl $0xC0000001, %%eax \n\t"
"movl $0, %%edx \n\t"
- "jb unsupported \n\t"
+ "jb 1f \n\t"
"movl $0xC0000001, %%eax \n\t"
"cpuid \n\t"
- "unsupported: \n\t"
+ "1: \n\t"
"movl %%edx, %1 \n\t"
"movl %2, %%ebx \n\t"
: "=m" (ebx), "=m" (edx)
diff --git a/library/pem.c b/library/pem.c
index 31f4a9a..544f7c4 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
diff --git a/library/pk.c b/library/pk.c
index b83ba8e..631415c 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PK_C)
#include "mbedtls/pk.h"
@@ -602,7 +598,7 @@
const mbedtls_ecp_keypair *ec;
unsigned char d[MBEDTLS_ECP_MAX_BYTES];
size_t d_len;
- psa_ecc_curve_t curve_id;
+ psa_ecc_family_t curve_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t key_type;
size_t bits;
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index f736431..0c6d5a5 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PK_C)
#include "mbedtls/pk_internal.h"
@@ -559,7 +555,7 @@
mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
psa_algorithm_t psa_sig_md, psa_md;
size_t curve_bits;
- psa_ecc_curve_t curve =
+ psa_ecc_family_t curve =
mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits );
const size_t signature_part_size = ( ctx->grp.nbits + 7 ) / 8;
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 96c64ad..b26f566 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -25,11 +25,7 @@
* ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PKCS12_C)
diff --git a/library/pkcs5.c b/library/pkcs5.c
index 8832322..fc52248 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -29,11 +29,7 @@
* http://tools.ietf.org/html/rfc6070 (Test vectors)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PKCS5_C)
diff --git a/library/pkparse.c b/library/pkparse.c
index 1cbb8cc..03d5972 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PK_PARSE_C)
diff --git a/library/pkwrite.c b/library/pkwrite.c
index b1b5f46..7ed6337 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PK_WRITE_C)
@@ -168,7 +164,7 @@
size_t byte_length = ( ec->grp.pbits + 7 ) / 8;
unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
- ret = mbedtls_mpi_write_binary( &ec->d, tmp, byte_length );
+ ret = mbedtls_ecp_write_key( ec, tmp, byte_length );
if( ret != 0 )
goto exit;
ret = mbedtls_asn1_write_octet_string( p, start, tmp, byte_length );
@@ -272,7 +268,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t key_type;
psa_key_handle_t handle;
- psa_ecc_curve_t curve;
+ psa_ecc_family_t curve;
size_t bits;
handle = *((psa_key_handle_t*) key->pk_ctx );
@@ -282,7 +278,7 @@
bits = psa_get_key_bits( &attributes );
psa_reset_key_attributes( &attributes );
- curve = PSA_KEY_TYPE_GET_CURVE( key_type );
+ curve = PSA_KEY_TYPE_ECC_GET_FAMILY( key_type );
if( curve == 0 )
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
diff --git a/library/platform.c b/library/platform.c
index 420d09e..cd0e85b 100644
--- a/library/platform.c
+++ b/library/platform.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PLATFORM_C)
diff --git a/library/platform_util.c b/library/platform_util.c
index b1f7450..f6882e2 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -28,11 +28,7 @@
#define _POSIX_C_SOURCE 200112L
#endif
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/platform.h"
diff --git a/library/poly1305.c b/library/poly1305.c
index bc1e8a6..069b82d 100644
--- a/library/poly1305.c
+++ b/library/poly1305.c
@@ -20,11 +20,7 @@
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_POLY1305_C)
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3dc3b86..bc1619c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -20,11 +20,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PSA_CRYPTO_C)
@@ -376,12 +372,12 @@
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
#if defined(MBEDTLS_ECP_C)
-mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve,
+mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
size_t byte_length )
{
switch( curve )
{
- case PSA_ECC_CURVE_SECP_R1:
+ case PSA_ECC_FAMILY_SECP_R1:
switch( byte_length )
{
case PSA_BITS_TO_BYTES( 192 ):
@@ -399,7 +395,7 @@
}
break;
- case PSA_ECC_CURVE_BRAINPOOL_P_R1:
+ case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
switch( byte_length )
{
case PSA_BITS_TO_BYTES( 256 ):
@@ -413,7 +409,7 @@
}
break;
- case PSA_ECC_CURVE_MONTGOMERY:
+ case PSA_ECC_FAMILY_MONTGOMERY:
switch( byte_length )
{
case PSA_BITS_TO_BYTES( 255 ):
@@ -425,7 +421,7 @@
}
break;
- case PSA_ECC_CURVE_SECP_K1:
+ case PSA_ECC_FAMILY_SECP_K1:
switch( byte_length )
{
case PSA_BITS_TO_BYTES( 192 ):
@@ -445,9 +441,8 @@
}
#endif /* defined(MBEDTLS_ECP_C) */
-static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
- size_t bits,
- struct raw_data *raw )
+static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type,
+ size_t bits )
{
/* Check that the bit size is acceptable for the key type */
switch( type )
@@ -494,18 +489,12 @@
if( bits % 8 != 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
- /* Allocate memory for the key */
- raw->bytes = PSA_BITS_TO_BYTES( bits );
- raw->data = mbedtls_calloc( 1, raw->bytes );
- if( raw->data == NULL )
- {
- raw->bytes = 0;
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- }
return( PSA_SUCCESS );
}
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+#if defined(MBEDTLS_RSA_C)
+
+#if defined(MBEDTLS_PK_PARSE_C)
/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
* that are not a multiple of 8) well. For example, there is only
* mbedtls_rsa_get_len(), which returns a number of bytes, and no
@@ -527,79 +516,227 @@
mbedtls_mpi_free( &n );
return( status );
}
+#endif /* MBEDTLS_PK_PARSE_C */
-static psa_status_t psa_import_rsa_key( psa_key_type_t type,
- const uint8_t *data,
- size_t data_length,
- mbedtls_rsa_context **p_rsa )
+/** Load the contents of a key buffer into an internal RSA representation
+ *
+ * \param[in] type The type of key contained in \p data.
+ * \param[in] data The buffer from which to load the representation.
+ * \param[in] data_length The size in bytes of \p data.
+ * \param[out] p_rsa Returns a pointer to an RSA context on success.
+ * The caller is responsible for freeing both the
+ * contents of the context and the context itself
+ * when done.
+ */
+static psa_status_t psa_load_rsa_representation( psa_key_type_t type,
+ const uint8_t *data,
+ size_t data_length,
+ mbedtls_rsa_context **p_rsa )
{
+#if defined(MBEDTLS_PK_PARSE_C)
psa_status_t status;
- mbedtls_pk_context pk;
- mbedtls_rsa_context *rsa;
+ mbedtls_pk_context ctx;
size_t bits;
-
- mbedtls_pk_init( &pk );
+ mbedtls_pk_init( &ctx );
/* Parse the data. */
if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
status = mbedtls_to_psa_error(
- mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ) );
+ mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) );
else
status = mbedtls_to_psa_error(
- mbedtls_pk_parse_public_key( &pk, data, data_length ) );
+ mbedtls_pk_parse_public_key( &ctx, data, data_length ) );
if( status != PSA_SUCCESS )
goto exit;
/* We have something that the pkparse module recognizes. If it is a
* valid RSA key, store it. */
- if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_RSA )
+ if( mbedtls_pk_get_type( &ctx ) != MBEDTLS_PK_RSA )
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
- rsa = mbedtls_pk_rsa( pk );
/* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
* supports non-byte-aligned key sizes, but not well. For example,
* mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
- bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
+ bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( mbedtls_pk_rsa( ctx ) ) );
if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
{
status = PSA_ERROR_NOT_SUPPORTED;
goto exit;
}
- status = psa_check_rsa_key_byte_aligned( rsa );
+ status = psa_check_rsa_key_byte_aligned( mbedtls_pk_rsa( ctx ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Copy out the pointer to the RSA context, and reset the PK context
+ * such that pk_free doesn't free the RSA context we just grabbed. */
+ *p_rsa = mbedtls_pk_rsa( ctx );
+ ctx.pk_info = NULL;
exit:
- /* Free the content of the pk object only on error. */
+ mbedtls_pk_free( &ctx );
+ return( status );
+#else
+ (void) data;
+ (void) data_length;
+ (void) type;
+ (void) rsa;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_PK_PARSE_C */
+}
+
+/** Export an RSA key to export representation
+ *
+ * \param[in] type The type of key (public/private) to export
+ * \param[in] rsa The internal RSA representation from which to export
+ * \param[out] data The buffer to export to
+ * \param[in] data_size The length of the buffer to export to
+ * \param[out] data_length The amount of bytes written to \p data
+ */
+static psa_status_t psa_export_rsa_key( psa_key_type_t type,
+ mbedtls_rsa_context *rsa,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length )
+{
+#if defined(MBEDTLS_PK_WRITE_C)
+ int ret;
+ mbedtls_pk_context pk;
+ uint8_t *pos = data + data_size;
+
+ mbedtls_pk_init( &pk );
+ pk.pk_info = &mbedtls_rsa_info;
+ pk.pk_ctx = rsa;
+
+ /* PSA Crypto API defines the format of an RSA key as a DER-encoded
+ * representation of the non-encrypted PKCS#1 RSAPrivateKey for a
+ * private key and of the RFC3279 RSAPublicKey for a public key. */
+ if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
+ ret = mbedtls_pk_write_key_der( &pk, data, data_size );
+ else
+ ret = mbedtls_pk_write_pubkey( &pos, data, &pk );
+
+ if( ret < 0 )
+ {
+ /* Clean up in case pk_write failed halfway through. */
+ memset( data, 0, data_size );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+
+ /* The mbedtls_pk_xxx functions write to the end of the buffer.
+ * Move the data to the beginning and erase remaining data
+ * at the original location. */
+ if( 2 * (size_t) ret <= data_size )
+ {
+ memcpy( data, data + data_size - ret, ret );
+ memset( data + data_size - ret, 0, ret );
+ }
+ else if( (size_t) ret < data_size )
+ {
+ memmove( data, data + data_size - ret, ret );
+ memset( data + ret, 0, data_size - ret );
+ }
+
+ *data_length = ret;
+ return( PSA_SUCCESS );
+#else
+ (void) type;
+ (void) rsa;
+ (void) data;
+ (void) data_size;
+ (void) data_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_PK_WRITE_C */
+}
+
+/** Import an RSA key from import representation to a slot
+ *
+ * \param[in,out] slot The slot where to store the export representation to
+ * \param[in] data The buffer containing the import representation
+ * \param[in] data_length The amount of bytes in \p data
+ */
+static psa_status_t psa_import_rsa_key( psa_key_slot_t *slot,
+ const uint8_t *data,
+ size_t data_length )
+{
+ psa_status_t status;
+ uint8_t* output = NULL;
+ mbedtls_rsa_context *rsa = NULL;
+
+ /* Parse input */
+ status = psa_load_rsa_representation( slot->attr.type,
+ data,
+ data_length,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ slot->attr.bits = (psa_key_bits_t) PSA_BYTES_TO_BITS(
+ mbedtls_rsa_get_len( rsa ) );
+
+ /* Re-export the data to PSA export format, such that we can store export
+ * representation in the key slot. Export representation in case of RSA is
+ * the smallest representation that's allowed as input, so a straight-up
+ * allocation of the same size as the input buffer will be large enough. */
+ output = mbedtls_calloc( 1, data_length );
+ if( output == NULL )
+ {
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+ goto exit;
+ }
+
+ status = psa_export_rsa_key( slot->attr.type,
+ rsa,
+ output,
+ data_length,
+ &data_length);
+exit:
+ /* Always free the RSA object */
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+
+ /* Free the allocated buffer only on error. */
if( status != PSA_SUCCESS )
{
- mbedtls_pk_free( &pk );
+ mbedtls_free( output );
return( status );
}
- /* On success, store the content of the object in the RSA context. */
- *p_rsa = rsa;
+ /* On success, store the allocated export-formatted key. */
+ slot->data.key.data = output;
+ slot->data.key.bytes = data_length;
return( PSA_SUCCESS );
}
-#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
+#endif /* defined(MBEDTLS_RSA_C) */
#if defined(MBEDTLS_ECP_C)
-static psa_status_t psa_prepare_import_ec_key( psa_ecc_curve_t curve,
- size_t data_length,
- int is_public,
- mbedtls_ecp_keypair **p_ecp )
+/** Load the contents of a key buffer into an internal ECP representation
+ *
+ * \param[in] type The type of key contained in \p data.
+ * \param[in] data The buffer from which to load the representation.
+ * \param[in] data_length The size in bytes of \p data.
+ * \param[out] p_ecp Returns a pointer to an ECP context on success.
+ * The caller is responsible for freeing both the
+ * contents of the context and the context itself
+ * when done.
+ */
+static psa_status_t psa_load_ecp_representation( psa_key_type_t type,
+ const uint8_t *data,
+ size_t data_length,
+ mbedtls_ecp_keypair **p_ecp )
{
mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE;
- *p_ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
- if( *p_ecp == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- mbedtls_ecp_keypair_init( *p_ecp );
+ psa_status_t status;
+ mbedtls_ecp_keypair *ecp = NULL;
+ size_t curve_size = data_length;
- if( is_public )
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
+ PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
{
- /* A public key is represented as:
+ /* A Weierstrass public key is represented as:
* - The byte 0x04;
* - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
* - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
@@ -607,101 +744,195 @@
*/
if( ( data_length & 1 ) == 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
- data_length = data_length / 2;
+ curve_size = data_length / 2;
+
+ /* Montgomery public keys are represented in compressed format, meaning
+ * their curve_size is equal to the amount of input. */
+
+ /* Private keys are represented in uncompressed private random integer
+ * format, meaning their curve_size is equal to the amount of input. */
}
+ /* Allocate and initialize a key representation. */
+ ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
+ if( ecp == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ mbedtls_ecp_keypair_init( ecp );
+
/* Load the group. */
- grp_id = mbedtls_ecc_group_of_psa( curve, data_length );
+ grp_id = mbedtls_ecc_group_of_psa( PSA_KEY_TYPE_ECC_GET_FAMILY( type ),
+ curve_size );
if( grp_id == MBEDTLS_ECP_DP_NONE )
- return( PSA_ERROR_INVALID_ARGUMENT );
- return( mbedtls_to_psa_error(
- mbedtls_ecp_group_load( &( *p_ecp )->grp, grp_id ) ) );
-}
-
-/* Import a public key given as the uncompressed representation defined by SEC1
- * 2.3.3 as the content of an ECPoint. */
-static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve,
- const uint8_t *data,
- size_t data_length,
- mbedtls_ecp_keypair **p_ecp )
-{
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- mbedtls_ecp_keypair *ecp = NULL;
-
- status = psa_prepare_import_ec_key( curve, data_length, 1, &ecp );
- if( status != PSA_SUCCESS )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
+ }
- /* Load the public value. */
status = mbedtls_to_psa_error(
- mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q,
- data, data_length ) );
+ mbedtls_ecp_group_load( &ecp->grp, grp_id ) );
if( status != PSA_SUCCESS )
goto exit;
- /* Check that the point is on the curve. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) );
- if( status != PSA_SUCCESS )
- goto exit;
+ /* Load the key material. */
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ /* Load the public value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q,
+ data,
+ data_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Check that the point is on the curve. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+ else
+ {
+ /* Load and validate the secret value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_read_key( ecp->grp.id,
+ ecp,
+ data,
+ data_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
*p_ecp = ecp;
- return( PSA_SUCCESS );
-
exit:
- if( ecp != NULL )
+ if( status != PSA_SUCCESS )
{
mbedtls_ecp_keypair_free( ecp );
mbedtls_free( ecp );
}
+
return( status );
}
-/* Import a private key given as a byte string which is the private value
- * in big-endian order. */
-static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve,
- const uint8_t *data,
- size_t data_length,
- mbedtls_ecp_keypair **p_ecp )
+/** Export an ECP key to export representation
+ *
+ * \param[in] type The type of key (public/private) to export
+ * \param[in] ecp The internal ECP representation from which to export
+ * \param[out] data The buffer to export to
+ * \param[in] data_size The length of the buffer to export to
+ * \param[out] data_length The amount of bytes written to \p data
+ */
+static psa_status_t psa_export_ecp_key( psa_key_type_t type,
+ mbedtls_ecp_keypair *ecp,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length )
{
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t status;
+
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ /* Check whether the public part is loaded */
+ if( mbedtls_ecp_is_zero( &ecp->Q ) )
+ {
+ /* Calculate the public key */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
+ mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_point_write_binary( &ecp->grp, &ecp->Q,
+ MBEDTLS_ECP_PF_UNCOMPRESSED,
+ data_length,
+ data,
+ data_size ) );
+ if( status != PSA_SUCCESS )
+ memset( data, 0, data_size );
+
+ return( status );
+ }
+ else
+ {
+ if( data_size < PSA_BITS_TO_BYTES( ecp->grp.nbits ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_write_key( ecp,
+ data,
+ PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) );
+ if( status == PSA_SUCCESS )
+ *data_length = PSA_BITS_TO_BYTES( ecp->grp.nbits );
+ else
+ memset( data, 0, data_size );
+
+ return( status );
+ }
+}
+
+/** Import an ECP key from import representation to a slot
+ *
+ * \param[in,out] slot The slot where to store the export representation to
+ * \param[in] data The buffer containing the import representation
+ * \param[in] data_length The amount of bytes in \p data
+ */
+static psa_status_t psa_import_ecp_key( psa_key_slot_t *slot,
+ const uint8_t *data,
+ size_t data_length )
+{
+ psa_status_t status;
+ uint8_t* output = NULL;
mbedtls_ecp_keypair *ecp = NULL;
- status = psa_prepare_import_ec_key( curve, data_length, 0, &ecp );
+ /* Parse input */
+ status = psa_load_ecp_representation( slot->attr.type,
+ data,
+ data_length,
+ &ecp );
if( status != PSA_SUCCESS )
goto exit;
- /* Load the secret value. */
- status = mbedtls_to_psa_error(
- mbedtls_mpi_read_binary( &ecp->d, data, data_length ) );
- if( status != PSA_SUCCESS )
- goto exit;
- /* Validate the private key. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) );
- if( status != PSA_SUCCESS )
- goto exit;
- /* Calculate the public key from the private key. */
- status = mbedtls_to_psa_error(
- mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
- mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
- if( status != PSA_SUCCESS )
- goto exit;
+ if( PSA_KEY_TYPE_ECC_GET_FAMILY( slot->attr.type ) == PSA_ECC_FAMILY_MONTGOMERY)
+ slot->attr.bits = (psa_key_bits_t) ecp->grp.nbits + 1;
+ else
+ slot->attr.bits = (psa_key_bits_t) ecp->grp.nbits;
- *p_ecp = ecp;
- return( PSA_SUCCESS );
-
-exit:
- if( ecp != NULL )
+ /* Re-export the data to PSA export format. There is currently no support
+ * for other input formats then the export format, so this is a 1-1
+ * copy operation. */
+ output = mbedtls_calloc( 1, data_length );
+ if( output == NULL )
{
- mbedtls_ecp_keypair_free( ecp );
- mbedtls_free( ecp );
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+ goto exit;
}
- return( status );
+
+ status = psa_export_ecp_key( slot->attr.type,
+ ecp,
+ output,
+ data_length,
+ &data_length);
+exit:
+ /* Always free the PK object (will also free contained ECP context) */
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+
+ /* Free the allocated buffer only on error. */
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_free( output );
+ return( status );
+ }
+
+ /* On success, store the allocated export-formatted key. */
+ slot->data.key.data = output;
+ slot->data.key.bytes = data_length;
+
+ return( PSA_SUCCESS );
}
#endif /* defined(MBEDTLS_ECP_C) */
-
/** Return the size of the key in the given slot, in bits.
*
* \param[in] slot A key slot.
@@ -713,30 +944,30 @@
return( slot->attr.bits );
}
-/** Calculate the size of the key in the given slot, in bits.
+/** Try to allocate a buffer to an empty key slot.
*
- * \param[in] slot A key slot containing a transparent key.
+ * \param[in,out] slot Key slot to attach buffer to.
+ * \param[in] buffer_length Requested size of the buffer.
*
- * \return The key size in bits, calculated from the key data.
+ * \retval #PSA_SUCCESS
+ * The buffer has been successfully allocated.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * Not enough memory was available for allocation.
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * Trying to allocate a buffer to a non-empty key slot.
*/
-static psa_key_bits_t psa_calculate_key_bits( const psa_key_slot_t *slot )
+static psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
+ size_t buffer_length )
{
- size_t bits = 0; /* return 0 on an empty slot */
+ if( slot->data.key.data != NULL )
+ return( PSA_ERROR_ALREADY_EXISTS );
- if( key_type_is_raw_bytes( slot->attr.type ) )
- bits = PSA_BYTES_TO_BITS( slot->data.raw.bytes );
-#if defined(MBEDTLS_RSA_C)
- else if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
- bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) );
-#endif /* defined(MBEDTLS_RSA_C) */
-#if defined(MBEDTLS_ECP_C)
- else if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
- bits = slot->data.ecp->grp.pbits;
-#endif /* defined(MBEDTLS_ECP_C) */
+ slot->data.key.data = mbedtls_calloc( 1, buffer_length );
+ if( slot->data.key.data == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
- /* We know that the size fits in psa_key_bits_t thanks to checks
- * when the key was created. */
- return( (psa_key_bits_t) bits );
+ slot->data.key.bytes = buffer_length;
+ return( PSA_SUCCESS );
}
/** Import key data into a slot. `slot->attr.type` must have been set
@@ -748,60 +979,68 @@
{
psa_status_t status = PSA_SUCCESS;
+ /* zero-length keys are never supported. */
+ if( data_length == 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
if( key_type_is_raw_bytes( slot->attr.type ) )
{
size_t bit_size = PSA_BYTES_TO_BITS( data_length );
- /* Ensure that the bytes-to-bit conversion didn't overflow. */
+
+ /* Ensure that the bytes-to-bits conversion hasn't overflown. */
if( data_length > SIZE_MAX / 8 )
return( PSA_ERROR_NOT_SUPPORTED );
+
/* Enforce a size limit, and in particular ensure that the bit
* size fits in its representation type. */
if( bit_size > PSA_MAX_KEY_BITS )
return( PSA_ERROR_NOT_SUPPORTED );
- status = prepare_raw_data_slot( slot->attr.type, bit_size,
- &slot->data.raw );
+
+ status = validate_unstructured_key_bit_size( slot->attr.type, bit_size );
if( status != PSA_SUCCESS )
return( status );
- if( data_length != 0 )
- memcpy( slot->data.raw.data, data, data_length );
- }
- else
-#if defined(MBEDTLS_ECP_C)
- if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->attr.type ) )
- {
- status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->attr.type ),
- data, data_length,
- &slot->data.ecp );
- }
- else if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( slot->attr.type ) )
- {
- status = psa_import_ec_public_key(
- PSA_KEY_TYPE_GET_CURVE( slot->attr.type ),
- data, data_length,
- &slot->data.ecp );
- }
- else
-#endif /* MBEDTLS_ECP_C */
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
- if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
- {
- status = psa_import_rsa_key( slot->attr.type,
- data, data_length,
- &slot->data.rsa );
- }
- else
-#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
- {
- return( PSA_ERROR_NOT_SUPPORTED );
- }
- if( status == PSA_SUCCESS )
- {
+ /* Allocate memory for the key */
+ status = psa_allocate_buffer_to_slot( slot, data_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ /* copy key into allocated buffer */
+ memcpy( slot->data.key.data, data, data_length );
+
/* Write the actual key size to the slot.
* psa_start_key_creation() wrote the size declared by the
* caller, which may be 0 (meaning unspecified) or wrong. */
- slot->attr.bits = psa_calculate_key_bits( slot );
+ slot->attr.bits = (psa_key_bits_t) bit_size;
}
+ else if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
+ {
+#if defined(MBEDTLS_ECP_C)
+ status = psa_import_ecp_key( slot,
+ data, data_length );
+#else
+ /* No drivers have been implemented yet, so without mbed TLS backing
+ * there's no way to do ECP with the current library. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* defined(MBEDTLS_ECP_C) */
+ }
+ else if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
+ {
+#if defined(MBEDTLS_RSA_C)
+ status = psa_import_rsa_key( slot,
+ data, data_length );
+#else
+ /* No drivers have been implemented yet, so without mbed TLS backing
+ * there's no way to do RSA with the current library. */
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* defined(MBEDTLS_RSA_C) */
+ }
+ else
+ {
+ /* Unknown key type */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
return( status );
}
@@ -965,35 +1204,14 @@
}
else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- if( slot->attr.type == PSA_KEY_TYPE_NONE )
{
- /* No key material to clean. */
- }
- else if( key_type_is_raw_bytes( slot->attr.type ) )
- {
- mbedtls_free( slot->data.raw.data );
- }
- else
-#if defined(MBEDTLS_RSA_C)
- if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
- {
- mbedtls_rsa_free( slot->data.rsa );
- mbedtls_free( slot->data.rsa );
- }
- else
-#endif /* defined(MBEDTLS_RSA_C) */
-#if defined(MBEDTLS_ECP_C)
- if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
- {
- mbedtls_ecp_keypair_free( slot->data.ecp );
- mbedtls_free( slot->data.ecp );
- }
- else
-#endif /* defined(MBEDTLS_ECP_C) */
- {
- /* Shouldn't happen: the key type is not any type that we
- * put in. */
- return( PSA_ERROR_CORRUPTION_DETECTED );
+ /* Data pointer will always be either a valid pointer or NULL in an
+ * initialized slot, so we can just free it. */
+ if( slot->data.key.data != NULL )
+ mbedtls_platform_zeroize( slot->data.key.data, slot->data.key.bytes);
+ mbedtls_free( slot->data.key.data );
+ slot->data.key.data = NULL;
+ slot->data.key.bytes = 0;
}
return( PSA_SUCCESS );
@@ -1229,7 +1447,21 @@
if( psa_key_slot_is_external( slot ) )
break;
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- status = psa_get_rsa_public_exponent( slot->data.rsa, attributes );
+ {
+ mbedtls_rsa_context *rsa = NULL;
+
+ status = psa_load_rsa_representation( slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ break;
+
+ status = psa_get_rsa_public_exponent( rsa,
+ attributes );
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+ }
break;
#endif /* MBEDTLS_RSA_C */
default:
@@ -1257,21 +1489,19 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C)
-static int pk_write_pubkey_simple( mbedtls_pk_context *key,
- unsigned char *buf, size_t size )
+static psa_status_t psa_internal_export_key_buffer( const psa_key_slot_t *slot,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length )
{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned char *c;
- size_t len = 0;
-
- c = buf + size;
-
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) );
-
- return( (int) len );
+ if( slot->data.key.bytes > data_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ memcpy( data, slot->data.key.data, slot->data.key.bytes );
+ memset( data + slot->data.key.bytes, 0,
+ data_size - slot->data.key.bytes );
+ *data_length = slot->data.key.bytes;
+ return( PSA_SUCCESS );
}
-#endif /* defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) */
static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot,
uint8_t *data,
@@ -1314,97 +1544,86 @@
if( key_type_is_raw_bytes( slot->attr.type ) )
{
- if( slot->data.raw.bytes > data_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- memcpy( data, slot->data.raw.data, slot->data.raw.bytes );
- memset( data + slot->data.raw.bytes, 0,
- data_size - slot->data.raw.bytes );
- *data_length = slot->data.raw.bytes;
- return( PSA_SUCCESS );
+ return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
}
-#if defined(MBEDTLS_ECP_C)
- if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->attr.type ) && !export_public_key )
+ else if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ||
+ PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
{
- psa_status_t status;
-
- size_t bytes = PSA_BITS_TO_BYTES( slot->attr.bits );
- if( bytes > data_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- status = mbedtls_to_psa_error(
- mbedtls_mpi_write_binary( &slot->data.ecp->d, data, bytes ) );
- if( status != PSA_SUCCESS )
- return( status );
- memset( data + bytes, 0, data_size - bytes );
- *data_length = bytes;
- return( PSA_SUCCESS );
- }
-#endif
- else
- {
-#if defined(MBEDTLS_PK_WRITE_C)
- if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ||
- PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) )
{
- mbedtls_pk_context pk;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
- {
+ /* Exporting public -> public */
+ return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
+ }
+ else if( !export_public_key )
+ {
+ /* Exporting private -> private */
+ return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
+ }
+ /* Need to export the public part of a private key,
+ * so conversion is needed */
+ if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
+ {
#if defined(MBEDTLS_RSA_C)
- mbedtls_pk_init( &pk );
- pk.pk_info = &mbedtls_rsa_info;
- pk.pk_ctx = slot->data.rsa;
+ mbedtls_rsa_context *rsa = NULL;
+ psa_status_t status = psa_load_rsa_representation(
+ slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_export_rsa_key( PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ rsa,
+ data,
+ data_size,
+ data_length );
+
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+
+ return( status );
#else
- return( PSA_ERROR_NOT_SUPPORTED );
+ /* We don't know how to convert a private RSA key to public. */
+ return( PSA_ERROR_NOT_SUPPORTED );
#endif
- }
- else
- {
-#if defined(MBEDTLS_ECP_C)
- mbedtls_pk_init( &pk );
- pk.pk_info = &mbedtls_eckey_info;
- pk.pk_ctx = slot->data.ecp;
-#else
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif
- }
- if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) )
- {
- ret = pk_write_pubkey_simple( &pk, data, data_size );
- }
- else
- {
- ret = mbedtls_pk_write_key_der( &pk, data, data_size );
- }
- if( ret < 0 )
- {
- memset( data, 0, data_size );
- return( mbedtls_to_psa_error( ret ) );
- }
- /* The mbedtls_pk_xxx functions write to the end of the buffer.
- * Move the data to the beginning and erase remaining data
- * at the original location. */
- if( 2 * (size_t) ret <= data_size )
- {
- memcpy( data, data + data_size - ret, ret );
- memset( data + data_size - ret, 0, ret );
- }
- else if( (size_t) ret < data_size )
- {
- memmove( data, data + data_size - ret, ret );
- memset( data + ret, 0, data_size - ret );
- }
- *data_length = ret;
- return( PSA_SUCCESS );
}
else
-#endif /* defined(MBEDTLS_PK_WRITE_C) */
{
- /* This shouldn't happen in the reference implementation, but
- it is valid for a special-purpose implementation to omit
- support for exporting certain key types. */
+#if defined(MBEDTLS_ECP_C)
+ mbedtls_ecp_keypair *ecp = NULL;
+ psa_status_t status = psa_load_ecp_representation(
+ slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &ecp );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_export_ecp_key( PSA_KEY_TYPE_ECC_PUBLIC_KEY(
+ PSA_KEY_TYPE_ECC_GET_FAMILY(
+ slot->attr.type ) ),
+ ecp,
+ data,
+ data_size,
+ data_length );
+
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+ return( status );
+#else
+ /* We don't know how to convert a private ECC key to public */
return( PSA_ERROR_NOT_SUPPORTED );
+#endif
}
}
+ else
+ {
+ /* This shouldn't happen in the reference implementation, but
+ it is valid for a special-purpose implementation to omit
+ support for exporting certain key types. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
}
psa_status_t psa_export_key( psa_key_handle_t handle,
@@ -1499,16 +1718,17 @@
const psa_key_attributes_t *attributes,
psa_se_drv_table_entry_t **p_drv )
{
- psa_status_t status;
+ psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE )
- {
- status = psa_validate_persistent_key_parameters(
- attributes->core.lifetime, attributes->core.id,
- p_drv, 1 );
- if( status != PSA_SUCCESS )
- return( status );
- }
+ status = psa_validate_key_location( psa_get_key_lifetime( attributes ),
+ p_drv );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_validate_key_persistence( psa_get_key_lifetime( attributes ),
+ psa_get_key_id( attributes ) );
+ if( status != PSA_SUCCESS )
+ return( status );
status = psa_validate_key_policy( &attributes->core.policy );
if( status != PSA_SUCCESS )
@@ -1594,11 +1814,14 @@
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
/* For a key in a secure element, we need to do three things
- * when creating or registering a key:
+ * when creating or registering a persistent key:
* create the key file in internal storage, create the
* key inside the secure element, and update the driver's
- * persistent data. Start a transaction that will encompass these
- * three actions. */
+ * persistent data. This is done by starting a transaction that will
+ * encompass these three actions.
+ * For registering a volatile key, we just need to find an appropriate
+ * slot number inside the SE. Since the key is designated volatile, creating
+ * a transaction is not required. */
/* The first thing to do is to find a slot number for the new key.
* We save the slot number in persistent storage as part of the
* transaction data. It will be needed to recover if the power
@@ -1613,15 +1836,19 @@
&slot->data.se.slot_number );
if( status != PSA_SUCCESS )
return( status );
- psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY );
- psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
- psa_crypto_transaction.key.slot = slot->data.se.slot_number;
- psa_crypto_transaction.key.id = slot->attr.id;
- status = psa_crypto_save_transaction( );
- if( status != PSA_SUCCESS )
+
+ if( ! PSA_KEY_LIFETIME_IS_VOLATILE( attributes->core.lifetime ) )
{
- (void) psa_crypto_stop_transaction( );
- return( status );
+ psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY );
+ psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
+ psa_crypto_transaction.key.slot = slot->data.se.slot_number;
+ psa_crypto_transaction.key.id = slot->attr.id;
+ status = psa_crypto_save_transaction( );
+ if( status != PSA_SUCCESS )
+ {
+ (void) psa_crypto_stop_transaction( );
+ return( status );
+ }
}
}
@@ -1661,7 +1888,7 @@
(void) driver;
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE )
+ if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
{
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
if( driver != NULL )
@@ -1709,8 +1936,8 @@
/* Finish the transaction for a key creation. This does not
* happen when registering an existing key. Detect this case
* by checking whether a transaction is in progress (actual
- * creation of a key in a secure element requires a transaction,
- * but registration doesn't use one). */
+ * creation of a persistent key in a secure element requires a transaction,
+ * but registration or volatile key creation doesn't use one). */
if( driver != NULL &&
psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY )
{
@@ -1793,12 +2020,24 @@
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
+ mbedtls_rsa_context *rsa = NULL;
mbedtls_mpi actual, required;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ psa_status_t status = psa_load_rsa_representation(
+ slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ return( status );
+
mbedtls_mpi_init( &actual );
mbedtls_mpi_init( &required );
- ret = mbedtls_rsa_export( slot->data.rsa,
+ ret = mbedtls_rsa_export( rsa,
NULL, NULL, NULL, NULL, &actual );
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
if( ret != 0 )
goto rsa_exit;
ret = mbedtls_mpi_read_binary( &required,
@@ -2717,7 +2956,7 @@
return( ret );
ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
- slot->data.raw.data,
+ slot->data.key.data,
key_bits );
return( ret );
}
@@ -2781,7 +3020,7 @@
status = psa_hash_update( &hmac->hash_ctx, ipad, block_size );
cleanup:
- mbedtls_platform_zeroize( ipad, sizeof(ipad) );
+ mbedtls_platform_zeroize( ipad, sizeof( ipad ) );
return( status );
}
@@ -2861,8 +3100,8 @@
}
status = psa_hmac_setup_internal( &operation->ctx.hmac,
- slot->data.raw.data,
- slot->data.raw.bytes,
+ slot->data.key.data,
+ slot->data.key.bytes,
hash_alg );
}
else
@@ -3372,6 +3611,14 @@
signature + curve_bytes,
curve_bytes ) );
+ /* Check whether the public part is loaded. If not, load it. */
+ if( mbedtls_ecp_is_zero( &ecp->Q ) )
+ {
+ MBEDTLS_MPI_CHK(
+ mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
+ mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
+ }
+
ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length,
&ecp->Q, &r, &s );
@@ -3435,11 +3682,23 @@
#if defined(MBEDTLS_RSA_C)
if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
- status = psa_rsa_sign( slot->data.rsa,
+ mbedtls_rsa_context *rsa = NULL;
+
+ status = psa_load_rsa_representation( slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_rsa_sign( rsa,
alg,
hash, hash_length,
signature, signature_size,
signature_length );
+
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
}
else
#endif /* defined(MBEDTLS_RSA_C) */
@@ -3454,11 +3713,22 @@
PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
#endif
)
- status = psa_ecdsa_sign( slot->data.ecp,
+ {
+ mbedtls_ecp_keypair *ecp = NULL;
+ status = psa_load_ecp_representation( slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &ecp );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ status = psa_ecdsa_sign( ecp,
alg,
hash, hash_length,
signature, signature_size,
signature_length );
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+ }
else
#endif /* defined(MBEDTLS_ECDSA_C) */
{
@@ -3521,10 +3791,22 @@
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
- return( psa_rsa_verify( slot->data.rsa,
- alg,
- hash, hash_length,
- signature, signature_length ) );
+ mbedtls_rsa_context *rsa = NULL;
+
+ status = psa_load_rsa_representation( slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_rsa_verify( rsa,
+ alg,
+ hash, hash_length,
+ signature, signature_length );
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+ return( status );
}
else
#endif /* defined(MBEDTLS_RSA_C) */
@@ -3533,9 +3815,21 @@
{
#if defined(MBEDTLS_ECDSA_C)
if( PSA_ALG_IS_ECDSA( alg ) )
- return( psa_ecdsa_verify( slot->data.ecp,
- hash, hash_length,
- signature, signature_length ) );
+ {
+ mbedtls_ecp_keypair *ecp = NULL;
+ status = psa_load_ecp_representation( slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &ecp );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_ecdsa_verify( ecp,
+ hash, hash_length,
+ signature, signature_length );
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+ return( status );
+ }
else
#endif /* defined(MBEDTLS_ECDSA_C) */
{
@@ -3594,20 +3888,30 @@
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
- mbedtls_rsa_context *rsa = slot->data.rsa;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_rsa_context *rsa = NULL;
+ status = psa_load_rsa_representation( slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ goto rsa_exit;
+
if( output_size < mbedtls_rsa_get_len( rsa ) )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto rsa_exit;
+ }
#if defined(MBEDTLS_PKCS1_V15)
if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
{
- ret = mbedtls_rsa_pkcs1_encrypt( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- MBEDTLS_RSA_PUBLIC,
- input_length,
- input,
- output );
+ status = mbedtls_to_psa_error(
+ mbedtls_rsa_pkcs1_encrypt( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PUBLIC,
+ input_length,
+ input,
+ output ) );
}
else
#endif /* MBEDTLS_PKCS1_V15 */
@@ -3615,23 +3919,29 @@
if( PSA_ALG_IS_RSA_OAEP( alg ) )
{
psa_rsa_oaep_set_padding_mode( alg, rsa );
- ret = mbedtls_rsa_rsaes_oaep_encrypt( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- MBEDTLS_RSA_PUBLIC,
- salt, salt_length,
- input_length,
- input,
- output );
+ status = mbedtls_to_psa_error(
+ mbedtls_rsa_rsaes_oaep_encrypt( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PUBLIC,
+ salt, salt_length,
+ input_length,
+ input,
+ output ) );
}
else
#endif /* MBEDTLS_PKCS1_V21 */
{
- return( PSA_ERROR_INVALID_ARGUMENT );
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto rsa_exit;
}
- if( ret == 0 )
+rsa_exit:
+ if( status == PSA_SUCCESS )
*output_length = mbedtls_rsa_get_len( rsa );
- return( mbedtls_to_psa_error( ret ) );
+
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+ return( status );
}
else
#endif /* defined(MBEDTLS_RSA_C) */
@@ -3673,23 +3983,32 @@
#if defined(MBEDTLS_RSA_C)
if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
- mbedtls_rsa_context *rsa = slot->data.rsa;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_rsa_context *rsa = NULL;
+ status = psa_load_rsa_representation( slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes,
+ &rsa );
+ if( status != PSA_SUCCESS )
+ return( status );
if( input_length != mbedtls_rsa_get_len( rsa ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto rsa_exit;
+ }
#if defined(MBEDTLS_PKCS1_V15)
if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
{
- ret = mbedtls_rsa_pkcs1_decrypt( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- MBEDTLS_RSA_PRIVATE,
- output_length,
- input,
- output,
- output_size );
+ status = mbedtls_to_psa_error(
+ mbedtls_rsa_pkcs1_decrypt( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PRIVATE,
+ output_length,
+ input,
+ output,
+ output_size ) );
}
else
#endif /* MBEDTLS_PKCS1_V15 */
@@ -3697,23 +4016,27 @@
if( PSA_ALG_IS_RSA_OAEP( alg ) )
{
psa_rsa_oaep_set_padding_mode( alg, rsa );
- ret = mbedtls_rsa_rsaes_oaep_decrypt( rsa,
- mbedtls_ctr_drbg_random,
- &global_data.ctr_drbg,
- MBEDTLS_RSA_PRIVATE,
- salt, salt_length,
- output_length,
- input,
- output,
- output_size );
+ status = mbedtls_to_psa_error(
+ mbedtls_rsa_rsaes_oaep_decrypt( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PRIVATE,
+ salt, salt_length,
+ output_length,
+ input,
+ output,
+ output_size ) );
}
else
#endif /* MBEDTLS_PKCS1_V21 */
{
- return( PSA_ERROR_INVALID_ARGUMENT );
+ status = PSA_ERROR_INVALID_ARGUMENT;
}
- return( mbedtls_to_psa_error( ret ) );
+rsa_exit:
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+ return( status );
}
else
#endif /* defined(MBEDTLS_RSA_C) */
@@ -3794,8 +4117,8 @@
{
/* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
uint8_t keys[24];
- memcpy( keys, slot->data.raw.data, 16 );
- memcpy( keys + 16, slot->data.raw.data, 8 );
+ memcpy( keys, slot->data.key.data, 16 );
+ memcpy( keys + 16, slot->data.key.data, 8 );
ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
keys,
192, cipher_operation );
@@ -3804,7 +4127,7 @@
#endif
{
ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
- slot->data.raw.data,
+ slot->data.key.data,
(int) key_bits, cipher_operation );
}
if( ret != 0 )
@@ -4136,7 +4459,7 @@
mbedtls_ccm_init( &operation->ctx.ccm );
status = mbedtls_to_psa_error(
mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
- operation->slot->data.raw.data,
+ operation->slot->data.key.data,
(unsigned int) key_bits ) );
if( status != 0 )
goto cleanup;
@@ -4155,7 +4478,7 @@
mbedtls_gcm_init( &operation->ctx.gcm );
status = mbedtls_to_psa_error(
mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
- operation->slot->data.raw.data,
+ operation->slot->data.key.data,
(unsigned int) key_bits ) );
if( status != 0 )
goto cleanup;
@@ -4172,7 +4495,7 @@
mbedtls_chachapoly_init( &operation->ctx.chachapoly );
status = mbedtls_to_psa_error(
mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
- operation->slot->data.raw.data ) );
+ operation->slot->data.key.data ) );
if( status != 0 )
goto cleanup;
break;
@@ -4476,7 +4799,7 @@
if( operation->alg == 0 )
{
/* This is a blank key derivation operation. */
- return PSA_ERROR_BAD_STATE;
+ return( PSA_ERROR_BAD_STATE );
}
*capacity = operation->capacity;
@@ -4723,7 +5046,7 @@
if( operation->alg == 0 )
{
/* This is a blank operation. */
- return PSA_ERROR_BAD_STATE;
+ return( PSA_ERROR_BAD_STATE );
}
if( output_length > operation->capacity )
@@ -5245,8 +5568,8 @@
return( psa_key_derivation_input_internal( operation,
step, slot->attr.type,
- slot->data.raw.data,
- slot->data.raw.bytes ) );
+ slot->data.key.data,
+ slot->data.key.bytes ) );
}
@@ -5267,12 +5590,13 @@
mbedtls_ecdh_context ecdh;
psa_status_t status;
size_t bits = 0;
- psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa( our_key->grp.id, &bits );
+ psa_ecc_family_t curve = mbedtls_ecc_group_to_psa( our_key->grp.id, &bits );
mbedtls_ecdh_init( &ecdh );
- status = psa_import_ec_public_key( curve,
- peer_key, peer_key_length,
- &their_key );
+ status = psa_load_ecp_representation( PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve),
+ peer_key,
+ peer_key_length,
+ &their_key );
if( status != PSA_SUCCESS )
goto exit;
@@ -5302,6 +5626,7 @@
mbedtls_ecdh_free( &ecdh );
mbedtls_ecp_keypair_free( their_key );
mbedtls_free( their_key );
+
return( status );
}
#endif /* MBEDTLS_ECDH_C */
@@ -5322,10 +5647,21 @@
case PSA_ALG_ECDH:
if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( private_key->attr.type ) )
return( PSA_ERROR_INVALID_ARGUMENT );
- return( psa_key_agreement_ecdh( peer_key, peer_key_length,
- private_key->data.ecp,
- shared_secret, shared_secret_size,
- shared_secret_length ) );
+ mbedtls_ecp_keypair *ecp = NULL;
+ psa_status_t status = psa_load_ecp_representation(
+ private_key->attr.type,
+ private_key->data.key.data,
+ private_key->data.key.bytes,
+ &ecp );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_key_agreement_ecdh( peer_key, peer_key_length,
+ ecp,
+ shared_secret, shared_secret_size,
+ shared_secret_length );
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+ return( status );
#endif /* MBEDTLS_ECDH_C */
default:
(void) private_key;
@@ -5524,17 +5860,26 @@
if( key_type_is_raw_bytes( type ) )
{
psa_status_t status;
- status = prepare_raw_data_slot( type, bits, &slot->data.raw );
+
+ status = validate_unstructured_key_bit_size( slot->attr.type, bits );
if( status != PSA_SUCCESS )
return( status );
- status = psa_generate_random( slot->data.raw.data,
- slot->data.raw.bytes );
+
+ /* Allocate memory for the key */
+ status = psa_allocate_buffer_to_slot( slot, PSA_BITS_TO_BYTES( bits ) );
if( status != PSA_SUCCESS )
return( status );
+
+ status = psa_generate_random( slot->data.key.data,
+ slot->data.key.bytes );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ slot->attr.bits = (psa_key_bits_t) bits;
#if defined(MBEDTLS_DES_C)
if( type == PSA_KEY_TYPE_DES )
- psa_des_set_key_parity( slot->data.raw.data,
- slot->data.raw.bytes );
+ psa_des_set_key_parity( slot->data.key.data,
+ slot->data.key.bytes );
#endif /* MBEDTLS_DES_C */
}
else
@@ -5542,7 +5887,7 @@
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
- mbedtls_rsa_context *rsa;
+ mbedtls_rsa_context rsa;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int exponent;
psa_status_t status;
@@ -5557,22 +5902,34 @@
&exponent );
if( status != PSA_SUCCESS )
return( status );
- rsa = mbedtls_calloc( 1, sizeof( *rsa ) );
- if( rsa == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- mbedtls_rsa_init( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
- ret = mbedtls_rsa_gen_key( rsa,
+ mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
+ ret = mbedtls_rsa_gen_key( &rsa,
mbedtls_ctr_drbg_random,
&global_data.ctr_drbg,
(unsigned int) bits,
exponent );
if( ret != 0 )
- {
- mbedtls_rsa_free( rsa );
- mbedtls_free( rsa );
return( mbedtls_to_psa_error( ret ) );
+
+ /* Make sure to always have an export representation available */
+ size_t bytes = PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE( bits );
+
+ status = psa_allocate_buffer_to_slot( slot, bytes );
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_rsa_free( &rsa );
+ return( status );
}
- slot->data.rsa = rsa;
+
+ status = psa_export_rsa_key( type,
+ &rsa,
+ slot->data.key.data,
+ bytes,
+ &slot->data.key.bytes );
+ mbedtls_rsa_free( &rsa );
+ if( status != PSA_SUCCESS )
+ psa_remove_key_data_from_memory( slot );
+ return( status );
}
else
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
@@ -5580,12 +5937,12 @@
#if defined(MBEDTLS_ECP_C)
if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
{
- psa_ecc_curve_t curve = PSA_KEY_TYPE_GET_CURVE( type );
+ psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
mbedtls_ecp_group_id grp_id =
mbedtls_ecc_group_of_psa( curve, PSA_BITS_TO_BYTES( bits ) );
const mbedtls_ecp_curve_info *curve_info =
mbedtls_ecp_curve_info_from_grp_id( grp_id );
- mbedtls_ecp_keypair *ecp;
+ mbedtls_ecp_keypair ecp;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( domain_parameters_size != 0 )
return( PSA_ERROR_NOT_SUPPORTED );
@@ -5593,25 +5950,41 @@
return( PSA_ERROR_NOT_SUPPORTED );
if( curve_info->bit_size != bits )
return( PSA_ERROR_INVALID_ARGUMENT );
- ecp = mbedtls_calloc( 1, sizeof( *ecp ) );
- if( ecp == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- mbedtls_ecp_keypair_init( ecp );
- ret = mbedtls_ecp_gen_key( grp_id, ecp,
+ mbedtls_ecp_keypair_init( &ecp );
+ ret = mbedtls_ecp_gen_key( grp_id, &ecp,
mbedtls_ctr_drbg_random,
&global_data.ctr_drbg );
if( ret != 0 )
{
- mbedtls_ecp_keypair_free( ecp );
- mbedtls_free( ecp );
+ mbedtls_ecp_keypair_free( &ecp );
return( mbedtls_to_psa_error( ret ) );
}
- slot->data.ecp = ecp;
+
+
+ /* Make sure to always have an export representation available */
+ size_t bytes = PSA_BITS_TO_BYTES( bits );
+ psa_status_t status = psa_allocate_buffer_to_slot( slot, bytes );
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_ecp_keypair_free( &ecp );
+ return( status );
+ }
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_write_key( &ecp, slot->data.key.data, bytes ) );
+
+ mbedtls_ecp_keypair_free( &ecp );
+ if( status != PSA_SUCCESS ) {
+ memset( slot->data.key.data, 0, bytes );
+ psa_remove_key_data_from_memory( slot );
+ }
+ return( status );
}
else
#endif /* MBEDTLS_ECP_C */
-
+ {
return( PSA_ERROR_NOT_SUPPORTED );
+ }
return( PSA_SUCCESS );
}
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index ef40f79..53fb61a 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -32,9 +32,6 @@
#include "psa/crypto.h"
#include "psa/crypto_se_driver.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/rsa.h"
-
/** The data structure representing a key slot, containing key material
* and metadata for one key.
*/
@@ -43,20 +40,13 @@
psa_core_key_attributes_t attr;
union
{
- /* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */
- struct raw_data
+ /* Dynamically allocated key data buffer.
+ * Format as specified in psa_export_key(). */
+ struct key_data
{
uint8_t *data;
size_t bytes;
- } raw;
-#if defined(MBEDTLS_RSA_C)
- /* RSA public key or key pair */
- mbedtls_rsa_context *rsa;
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
- /* EC public key or key pair */
- mbedtls_ecp_keypair *ecp;
-#endif /* MBEDTLS_ECP_C */
+ } key;
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
/* Any key type in a secure element */
struct se
diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c
index 53a2600..61e6c98 100644
--- a/library/psa_crypto_se.c
+++ b/library/psa_crypto_se.c
@@ -20,11 +20,7 @@
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 8ffb5a0..5ceac84 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -20,11 +20,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_PSA_CRYPTO_C)
@@ -184,36 +180,53 @@
}
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
-psa_status_t psa_validate_persistent_key_parameters(
- psa_key_lifetime_t lifetime,
- psa_key_file_id_t id,
- psa_se_drv_table_entry_t **p_drv,
- int creating )
+psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
+ psa_se_drv_table_entry_t **p_drv )
{
- if( p_drv != NULL )
- *p_drv = NULL;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- if( psa_key_lifetime_is_external( lifetime ) )
+ if ( psa_key_lifetime_is_external( lifetime ) )
{
- *p_drv = psa_get_se_driver_entry( lifetime );
- if( *p_drv == NULL )
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime );
+ if( driver == NULL )
return( PSA_ERROR_INVALID_ARGUMENT );
+ else
+ {
+ if (p_drv != NULL)
+ *p_drv = driver;
+ return( PSA_SUCCESS );
+ }
+#else
+ (void) p_drv;
+ return( PSA_ERROR_INVALID_ARGUMENT );
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
}
else
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- if( lifetime != PSA_KEY_LIFETIME_PERSISTENT )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ /* Local/internal keys are always valid */
+ return( PSA_SUCCESS );
+}
+psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
+ psa_key_id_t key_id )
+{
+ if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ /* Volatile keys are always supported */
+ return( PSA_SUCCESS );
+ }
+ else
+ {
+ /* Persistent keys require storage support */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- if( ! psa_is_key_id_valid( id, ! creating ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
- return( PSA_SUCCESS );
-
+ if( psa_is_key_id_valid( key_id,
+ psa_key_lifetime_is_external( lifetime ) ) )
+ return( PSA_SUCCESS );
+ else
+ return( PSA_ERROR_INVALID_ARGUMENT );
#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
- (void) id;
- (void) creating;
- return( PSA_ERROR_NOT_SUPPORTED );
+ (void) key_id;
+ return( PSA_ERROR_NOT_SUPPORTED );
#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
+ }
}
psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle )
@@ -224,10 +237,8 @@
*handle = 0;
- status = psa_validate_persistent_key_parameters(
- PSA_KEY_LIFETIME_PERSISTENT, id, NULL, 0 );
- if( status != PSA_SUCCESS )
- return( status );
+ if( ! psa_is_key_id_valid( id, 1 ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
status = psa_get_empty_key_slot( handle, &slot );
if( status != PSA_SUCCESS )
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index 6cb02f5..5bf0c0e 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -89,42 +89,40 @@
*/
static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime )
{
- return( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
- lifetime != PSA_KEY_LIFETIME_PERSISTENT );
+ return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime )
+ != PSA_KEY_LOCATION_LOCAL_STORAGE );
}
-/** Test whether the given parameters are acceptable for a persistent key.
+/** Validate a key's location.
*
- * This function does not access the storage in any way. It only tests
- * whether the parameters are meaningful and permitted by general policy.
- * It does not test whether the a file by the given id exists or could be
- * created.
+ * This function checks whether the key's attributes point to a location that
+ * is known to the PSA Core, and returns the driver function table if the key
+ * is to be found in an external location.
*
- * If the key is in external storage, this function returns the corresponding
- * driver.
+ * \param[in] lifetime The key lifetime attribute.
+ * \param[out] p_drv On success, when a key is located in external
+ * storage, returns a pointer to the driver table
+ * associated with the key's storage location.
*
- * \param lifetime The lifetime to test.
- * \param id The key id to test.
- * \param[out] p_drv On output, if \p lifetime designates a key
- * in an external processor, \c *p_drv is a pointer
- * to the driver table entry fot this lifetime.
- * If \p lifetime designates a transparent key,
- * \c *p_drv is \c NULL.
- * \param creating 0 if attempting to open an existing key.
- * Nonzero if attempting to create a key.
- *
- * \retval PSA_SUCCESS
- * The given parameters are valid.
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \p lifetime is volatile or is invalid.
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \p id is invalid.
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
*/
-psa_status_t psa_validate_persistent_key_parameters(
- psa_key_lifetime_t lifetime,
- psa_key_file_id_t id,
- psa_se_drv_table_entry_t **p_drv,
- int creating );
+psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
+ psa_se_drv_table_entry_t **p_drv );
+
+/** Validate that a key's persistence attributes are valid.
+ *
+ * This function checks whether a key's declared persistence level and key ID
+ * attributes are valid and known to the PSA Core in its actual configuration.
+ *
+ * \param[in] lifetime The key lifetime attribute.
+ * \param[in] key_id The key ID attribute
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ */
+psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
+ psa_key_id_t key_id );
#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */
diff --git a/library/ripemd160.c b/library/ripemd160.c
index a62f4b8..a2ad32c 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c
@@ -25,11 +25,7 @@
* http://ehash.iaik.tugraz.at/wiki/RIPEMD-160
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_RIPEMD160_C)
diff --git a/library/rsa.c b/library/rsa.c
index 6c45746..83ed3c9 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -37,11 +37,7 @@
*
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_RSA_C)
diff --git a/library/rsa_internal.c b/library/rsa_internal.c
index 9a42d47..b4098f4 100644
--- a/library/rsa_internal.c
+++ b/library/rsa_internal.c
@@ -20,11 +20,7 @@
*
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_RSA_C)
diff --git a/library/sha1.c b/library/sha1.c
index 9233943..79bac6b 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -24,11 +24,7 @@
* http://www.itl.nist.gov/fipspubs/fip180-1.htm
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SHA1_C)
diff --git a/library/sha256.c b/library/sha256.c
index 087a8e3..d8ddda5 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -24,11 +24,7 @@
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SHA256_C)
diff --git a/library/sha512.c b/library/sha512.c
index 30dd719..37fc96d 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -24,11 +24,7 @@
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SHA512_C)
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index 62a0a29..3a2df0c 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -23,11 +23,7 @@
* to store and retrieve the session information.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SSL_CACHE_C)
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 5da1294..726912e 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -21,11 +21,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SSL_TLS_C)
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 48ef30d..361e6e6 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SSL_CLI_C)
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 323784c..151f0c5 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -23,11 +23,7 @@
* to store and retrieve the session information.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SSL_COOKIE_C)
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 7fc4bf0..d32afac 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -28,11 +28,7 @@
* http://www.ietf.org/rfc/rfc4346.txt
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SSL_TLS_C)
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 9bfda16..91bd83a 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SSL_SRV_C)
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 6b50b55..bfa2546 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SSL_TICKET_C)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 250ef98..834c632 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -27,11 +27,7 @@
* http://www.ietf.org/rfc/rfc4346.txt
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SSL_TLS_C)
diff --git a/library/threading.c b/library/threading.c
index 7c90c7c..cb9026d 100644
--- a/library/threading.c
+++ b/library/threading.c
@@ -27,11 +27,7 @@
#define _POSIX_C_SOURCE 200112L
#endif
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_THREADING_C)
diff --git a/library/timing.c b/library/timing.c
index 4a65422..90cfe88 100644
--- a/library/timing.c
+++ b/library/timing.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
diff --git a/library/version.c b/library/version.c
index fd96750..1e17482 100644
--- a/library/version.c
+++ b/library/version.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_VERSION_C)
diff --git a/library/version_features.c b/library/version_features.c
index 16a0cd0..64e9e86 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_VERSION_C)
diff --git a/library/x509.c b/library/x509.c
index e969b8d..55afbab 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -29,11 +29,7 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_X509_USE_C)
diff --git a/library/x509_create.c b/library/x509_create.c
index 7df2f0e..8d58775 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_X509_CREATE_C)
diff --git a/library/x509_crl.c b/library/x509_crl.c
index 371c446..d89facc 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -29,11 +29,7 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_X509_CRL_PARSE_C)
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 04822e8..8fd8b86 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -31,11 +31,7 @@
* [SIRO] https://cabforum.org/wp-content/uploads/Chunghwatelecom201503cabforumV4.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_X509_CRT_PARSE_C)
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 7e2cfba..8385e50 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -29,11 +29,7 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_X509_CSR_PARSE_C)
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 5947e43..2baff35 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -25,11 +25,7 @@
* - attributes: PKCS#9 v2.0 aka RFC 2985
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_X509_CRT_WRITE_C)
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 7c51798..4c1e2fd 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -24,11 +24,7 @@
* - attributes: PKCS#9 v2.0 aka RFC 2985
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_X509_CSR_WRITE_C)
@@ -50,6 +46,14 @@
#include "mbedtls/pem.h"
#endif
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
{
memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
@@ -130,17 +134,18 @@
return( 0 );
}
-int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng )
+static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
+ unsigned char *buf,
+ size_t size,
+ unsigned char *sig,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const char *sig_oid;
size_t sig_oid_len = 0;
unsigned char *c, *c2;
unsigned char hash[64];
- unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
- unsigned char tmp_buf[2048];
size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0;
mbedtls_pk_type_t pk_alg;
@@ -149,56 +154,69 @@
size_t hash_len;
psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
- /*
- * Prepare data to be signed in tmp_buf
- */
- c = tmp_buf + sizeof( tmp_buf );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
+ /* Write the CSR backwards starting from the end of buf */
+ c = buf + size;
+
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf,
+ ctx->extensions ) );
if( len )
{
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+ MBEDTLS_ASN1_CHK_ADD( len,
+ mbedtls_asn1_write_tag(
+ &c, buf,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SET ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+ MBEDTLS_ASN1_CHK_ADD( len,
+ mbedtls_asn1_write_tag(
+ &c, buf,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( &c, tmp_buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
- MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
+ MBEDTLS_ASN1_CHK_ADD( len,
+ mbedtls_asn1_write_oid(
+ &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
+ MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+ MBEDTLS_ASN1_CHK_ADD( len,
+ mbedtls_asn1_write_tag(
+ &c, buf,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
}
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+ MBEDTLS_ASN1_CHK_ADD( len,
+ mbedtls_asn1_write_tag(
+ &c, buf,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key,
- tmp_buf, c - tmp_buf ) );
+ buf, c - buf ) );
c -= pub_len;
len += pub_len;
/*
* Subject ::= Name
*/
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf,
+ ctx->subject ) );
/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, tmp_buf, 0 ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+ MBEDTLS_ASN1_CHK_ADD( len,
+ mbedtls_asn1_write_tag(
+ &c, buf,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
/*
- * Prepare signature
+ * Sign the written CSR data into the sig buffer
* Note: hash errors can happen only after an internal error
*/
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -232,32 +250,68 @@
return( MBEDTLS_ERR_X509_INVALID_ALG );
if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
- &sig_oid, &sig_oid_len ) ) != 0 )
+ &sig_oid, &sig_oid_len ) ) != 0 )
{
return( ret );
}
/*
- * Write data to output buffer
+ * Move the written CSR data to the start of buf to create space for
+ * writing the signature into buf.
+ */
+ memmove( buf, c, len );
+
+ /*
+ * Write sig and its OID into buf backwards from the end of buf.
+ * Note: mbedtls_x509_write_sig will check for c2 - ( buf + len ) < sig_len
+ * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed.
*/
c2 = buf + size;
- MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
- sig_oid, sig_oid_len, sig, sig_len ) );
+ MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len,
+ mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len,
+ sig, sig_len ) );
- if( len > (size_t)( c2 - buf ) )
- return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
+ /*
+ * Compact the space between the CSR data and signature by moving the
+ * CSR data to the start of the signature.
+ */
c2 -= len;
- memcpy( c2, c, len );
+ memmove( c2, buf, len );
+ /* ASN encode the total size and tag the CSR data with it. */
len += sig_and_oid_len;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
- MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE ) );
+ MBEDTLS_ASN1_CHK_ADD( len,
+ mbedtls_asn1_write_tag(
+ &c2, buf,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+
+ /* Zero the unused bytes at the start of buf */
+ memset( buf, 0, c2 - buf);
return( (int) len );
}
+int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf,
+ size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
+{
+ int ret;
+ unsigned char *sig;
+
+ if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL )
+ {
+ return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+ }
+
+ ret = x509write_csr_der_internal( ctx, buf, size, sig, f_rng, p_rng );
+
+ mbedtls_free( sig );
+
+ return( ret );
+}
+
#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
diff --git a/library/xtea.c b/library/xtea.c
index a33707b..dab6cd3 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_XTEA_C)
diff --git a/programs/Makefile b/programs/Makefile
index 31e431b..f9c2608 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -7,9 +7,13 @@
WARNING_CXXFLAGS ?= -Wall -Wextra
LDFLAGS ?=
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+MBEDTLS_TEST_PATH:=../tests/src
+MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c))
+
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64
LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = -L../library \
+LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
+ -L../library \
-lmbedtls$(SHARED_SUFFIX) \
-lmbedx509$(SHARED_SUFFIX) \
-lmbedcrypto$(SHARED_SUFFIX)
@@ -18,10 +22,11 @@
LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
ifndef SHARED
-DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
+MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
else
-DEP=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
+MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
endif
+DEP=${MBEDLIBS} ${MBEDTLS_TEST_OBJS}
ifdef DEBUG
LOCAL_CFLAGS += -g3
@@ -127,12 +132,15 @@
all: fuzz
endif
-fuzz:
+fuzz: ${MBEDTLS_TEST_OBJS}
$(MAKE) -C fuzz THIRDPARTY_INCLUDES=$(THIRDPARTY_INCLUDES)
-$(DEP):
+$(MBEDLIBS):
$(MAKE) -C ../library
+${MBEDTLS_TEST_OBJS}:
+ $(MAKE) -C ../tests mbedtls_test
+
ifdef WINDOWS
EXTRA_GENERATED += psa\psa_constant_names_generated.c
else
diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
index 6c4c7e1..2309789 100644
--- a/programs/aes/CMakeLists.txt
+++ b/programs/aes/CMakeLists.txt
@@ -1,9 +1,13 @@
-add_executable(aescrypt2 aescrypt2.c)
-target_link_libraries(aescrypt2 mbedcrypto)
+set(executables
+ aescrypt2
+ crypt_and_hash
+)
-add_executable(crypt_and_hash crypt_and_hash.c)
-target_link_libraries(crypt_and_hash mbedcrypto)
+foreach(exe IN LISTS executables)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} mbedcrypto)
+endforeach()
-install(TARGETS aescrypt2 crypt_and_hash
+install(TARGETS ${executables}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt
index 17ec3f6..e2b0eac 100644
--- a/programs/fuzz/CMakeLists.txt
+++ b/programs/fuzz/CMakeLists.txt
@@ -11,70 +11,41 @@
endif(ENABLE_ZLIB_SUPPORT)
find_library(FUZZINGENGINE_LIB FuzzingEngine)
-
-if(NOT FUZZINGENGINE_LIB)
- add_executable(fuzz_x509csr fuzz_x509csr.c onefile.c)
- target_link_libraries(fuzz_x509csr ${libs})
-
- add_executable(fuzz_x509crl fuzz_x509crl.c onefile.c)
- target_link_libraries(fuzz_x509crl ${libs})
-
- add_executable(fuzz_x509crt fuzz_x509crt.c onefile.c)
- target_link_libraries(fuzz_x509crt ${libs})
-
- add_executable(fuzz_privkey fuzz_privkey.c onefile.c)
- target_link_libraries(fuzz_privkey ${libs})
-
- add_executable(fuzz_pubkey fuzz_pubkey.c onefile.c)
- target_link_libraries(fuzz_pubkey ${libs})
-
- add_executable(fuzz_client fuzz_client.c common.c onefile.c)
- target_link_libraries(fuzz_client ${libs})
-
- add_executable(fuzz_server fuzz_server.c common.c onefile.c)
- target_link_libraries(fuzz_server ${libs})
-
- add_executable(fuzz_dtlsclient fuzz_dtlsclient.c common.c onefile.c)
- target_link_libraries(fuzz_dtlsclient ${libs})
-
- add_executable(fuzz_dtlsserver fuzz_dtlsserver.c common.c onefile.c)
- target_link_libraries(fuzz_dtlsserver ${libs})
-else()
+if(FUZZINGENGINE_LIB)
project(fuzz CXX)
-
- add_executable(fuzz_x509csr fuzz_x509csr.c)
- target_link_libraries(fuzz_x509csr ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_x509csr PROPERTIES LINKER_LANGUAGE CXX)
-
- add_executable(fuzz_x509crl fuzz_x509crl.c)
- target_link_libraries(fuzz_x509crl ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_x509crl PROPERTIES LINKER_LANGUAGE CXX)
-
- add_executable(fuzz_x509crt fuzz_x509crt.c)
- target_link_libraries(fuzz_x509crt ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_x509crt PROPERTIES LINKER_LANGUAGE CXX)
-
- add_executable(fuzz_privkey fuzz_privkey.c)
- target_link_libraries(fuzz_privkey ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_privkey PROPERTIES LINKER_LANGUAGE CXX)
-
- add_executable(fuzz_pubkey fuzz_pubkey.c)
- target_link_libraries(fuzz_pubkey ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_pubkey PROPERTIES LINKER_LANGUAGE CXX)
-
- add_executable(fuzz_client fuzz_client.c common.c)
- target_link_libraries(fuzz_client ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_client PROPERTIES LINKER_LANGUAGE CXX)
-
- add_executable(fuzz_server fuzz_server.c common.c)
- target_link_libraries(fuzz_server ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_server PROPERTIES LINKER_LANGUAGE CXX)
-
- add_executable(fuzz_dtlsclient fuzz_dtlsclient.c common.c)
- target_link_libraries(fuzz_dtlsclient ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_dtlsclient PROPERTIES LINKER_LANGUAGE CXX)
-
- add_executable(fuzz_dtlsserver fuzz_dtlsserver.c common.c)
- target_link_libraries(fuzz_dtlsserver ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(fuzz_dtlsserver PROPERTIES LINKER_LANGUAGE CXX)
endif()
+
+set(executables_no_common_c
+ fuzz_privkey
+ fuzz_pubkey
+ fuzz_x509crl
+ fuzz_x509crt
+ fuzz_x509csr
+)
+
+set(executables_with_common_c
+ fuzz_client
+ fuzz_dtlsclient
+ fuzz_dtlsserver
+ fuzz_server
+)
+
+foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
+
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+
+ if (NOT FUZZINGENGINE_LIB)
+ target_link_libraries(${exe} ${libs})
+ target_sources(${exe} PRIVATE onefile.c)
+ else()
+ target_link_libraries(${exe} ${libs} FuzzingEngine)
+ SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
+ endif()
+
+ # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
+ list(FIND executables_with_common_c ${exe} exe_index)
+ if (${exe_index} GREATER -1)
+ target_sources(${exe} PRIVATE common.c)
+ endif()
+
+endforeach()
diff --git a/programs/fuzz/Makefile b/programs/fuzz/Makefile
index 24dc7ba..8196f39 100644
--- a/programs/fuzz/Makefile
+++ b/programs/fuzz/Makefile
@@ -1,6 +1,9 @@
+MBEDTLS_TEST_PATH:=../../tests/src
+MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c))
-LOCAL_CFLAGS = -I../../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = -L../../library \
+LOCAL_CFLAGS = -I../../tests/include -I../../include -D_FILE_OFFSET_BITS=64
+LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
+ -L../../library \
-lmbedtls$(SHARED_SUFFIX) \
-lmbedx509$(SHARED_SUFFIX) \
-lmbedcrypto$(SHARED_SUFFIX)
diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt
index 3c6cca9..ae29479 100644
--- a/programs/hash/CMakeLists.txt
+++ b/programs/hash/CMakeLists.txt
@@ -1,9 +1,13 @@
-add_executable(hello hello.c)
-target_link_libraries(hello mbedcrypto)
+set(executables
+ generic_sum
+ hello
+)
-add_executable(generic_sum generic_sum.c)
-target_link_libraries(generic_sum mbedcrypto)
+foreach(exe IN LISTS executables)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} mbedcrypto)
+endforeach()
-install(TARGETS hello generic_sum
+install(TARGETS ${executables}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index 8456228..b4b3d30 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -1,63 +1,39 @@
-add_executable(dh_client dh_client.c)
-target_link_libraries(dh_client mbedtls)
+set(executables_mbedtls
+ dh_client
+ dh_server
+)
-add_executable(dh_genprime dh_genprime.c)
-target_link_libraries(dh_genprime mbedcrypto)
+foreach(exe IN LISTS executables_mbedtls)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} mbedtls)
+endforeach()
-add_executable(dh_server dh_server.c)
-target_link_libraries(dh_server mbedtls)
+set(executables_mbedcrypto
+ dh_genprime
+ ecdh_curve25519
+ ecdsa
+ gen_key
+ key_app
+ key_app_writer
+ mpi_demo
+ pk_encrypt
+ pk_decrypt
+ pk_sign
+ pk_verify
+ rsa_decrypt
+ rsa_encrypt
+ rsa_genkey
+ rsa_sign
+ rsa_sign_pss
+ rsa_verify
+ rsa_verify_pss
+)
-add_executable(ecdh_curve25519 ecdh_curve25519.c)
-target_link_libraries(ecdh_curve25519 mbedcrypto)
+foreach(exe IN LISTS executables_mbedcrypto)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} mbedcrypto)
+endforeach()
-add_executable(ecdsa ecdsa.c)
-target_link_libraries(ecdsa mbedcrypto)
-
-add_executable(gen_key gen_key.c)
-target_link_libraries(gen_key mbedcrypto)
-
-add_executable(key_app key_app.c)
-target_link_libraries(key_app mbedcrypto)
-
-add_executable(key_app_writer key_app_writer.c)
-target_link_libraries(key_app_writer mbedcrypto)
-
-add_executable(mpi_demo mpi_demo.c)
-target_link_libraries(mpi_demo mbedcrypto)
-
-add_executable(rsa_genkey rsa_genkey.c)
-target_link_libraries(rsa_genkey mbedcrypto)
-
-add_executable(rsa_sign rsa_sign.c)
-target_link_libraries(rsa_sign mbedcrypto)
-
-add_executable(rsa_verify rsa_verify.c)
-target_link_libraries(rsa_verify mbedcrypto)
-
-add_executable(rsa_sign_pss rsa_sign_pss.c)
-target_link_libraries(rsa_sign_pss mbedcrypto)
-
-add_executable(rsa_verify_pss rsa_verify_pss.c)
-target_link_libraries(rsa_verify_pss mbedcrypto)
-
-add_executable(rsa_encrypt rsa_encrypt.c)
-target_link_libraries(rsa_encrypt mbedcrypto)
-
-add_executable(rsa_decrypt rsa_decrypt.c)
-target_link_libraries(rsa_decrypt mbedcrypto)
-
-add_executable(pk_sign pk_sign.c)
-target_link_libraries(pk_sign mbedcrypto)
-
-add_executable(pk_verify pk_verify.c)
-target_link_libraries(pk_verify mbedcrypto)
-
-add_executable(pk_encrypt pk_encrypt.c)
-target_link_libraries(pk_encrypt mbedcrypto)
-
-add_executable(pk_decrypt pk_decrypt.c)
-target_link_libraries(pk_decrypt mbedcrypto)
-
-install(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key
+install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt
index 4373ceb..e519696 100644
--- a/programs/psa/CMakeLists.txt
+++ b/programs/psa/CMakeLists.txt
@@ -1,12 +1,16 @@
-add_executable(crypto_examples crypto_examples.c)
-target_link_libraries(crypto_examples mbedtls)
+set(executables
+ crypto_examples
+ key_ladder_demo
+ psa_constant_names
+)
-add_executable(key_ladder_demo key_ladder_demo.c)
-target_link_libraries(key_ladder_demo mbedtls)
+foreach(exe IN LISTS executables)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} mbedcrypto)
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
+endforeach()
-add_executable(psa_constant_names psa_constant_names.c)
target_include_directories(psa_constant_names PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
-target_link_libraries(psa_constant_names mbedtls)
add_custom_target(
psa_constant_names_generated
@@ -15,10 +19,7 @@
)
add_dependencies(psa_constant_names psa_constant_names_generated)
-install(TARGETS
- crypto_examples
- key_ladder_demo
- psa_constant_names
+install(TARGETS ${executables}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c
index 964e7b3..5fc4f9e 100644
--- a/programs/psa/psa_constant_names.c
+++ b/programs/psa/psa_constant_names.c
@@ -82,21 +82,21 @@
}
/* The code of these function is automatically generated and included below. */
-static const char *psa_ecc_curve_name(psa_ecc_curve_t curve);
-static const char *psa_dh_group_name(psa_dh_group_t group);
+static const char *psa_ecc_family_name(psa_ecc_family_t curve);
+static const char *psa_dh_family_name(psa_dh_family_t group);
static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg);
static void append_with_curve(char **buffer, size_t buffer_size,
size_t *required_size,
const char *string, size_t length,
- psa_ecc_curve_t curve)
+ psa_ecc_family_t curve)
{
- const char *curve_name = psa_ecc_curve_name(curve);
+ const char *family_name = psa_ecc_family_name(curve);
append(buffer, buffer_size, required_size, string, length);
append(buffer, buffer_size, required_size, "(", 1);
- if (curve_name != NULL) {
+ if (family_name != NULL) {
append(buffer, buffer_size, required_size,
- curve_name, strlen(curve_name));
+ family_name, strlen(family_name));
} else {
append_integer(buffer, buffer_size, required_size,
"0x%02x", curve);
@@ -107,9 +107,9 @@
static void append_with_group(char **buffer, size_t buffer_size,
size_t *required_size,
const char *string, size_t length,
- psa_dh_group_t group)
+ psa_dh_family_t group)
{
- const char *group_name = psa_dh_group_name(group);
+ const char *group_name = psa_dh_family_name(group);
append(buffer, buffer_size, required_size, string, length);
append(buffer, buffer_size, required_size, "(", 1);
if (group_name != NULL) {
@@ -159,9 +159,9 @@
}
static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size,
- psa_ecc_curve_t curve)
+ psa_ecc_family_t curve)
{
- const char *name = psa_ecc_curve_name(curve);
+ const char *name = psa_ecc_family_name(curve);
if (name == NULL) {
return snprintf(buffer, buffer_size, "0x%02x", (unsigned) curve);
} else {
@@ -176,9 +176,9 @@
}
static int psa_snprint_dh_group(char *buffer, size_t buffer_size,
- psa_dh_group_t group)
+ psa_dh_family_t group)
{
- const char *name = psa_dh_group_name(group);
+ const char *name = psa_dh_family_name(group);
if (name == NULL) {
return snprintf(buffer, buffer_size, "0x%02x", (unsigned) group);
} else {
@@ -199,8 +199,8 @@
printf("Print the symbolic name whose numerical value is VALUE in TYPE.\n");
printf("Supported types (with = between aliases):\n");
printf(" alg=algorithm Algorithm (psa_algorithm_t)\n");
- printf(" curve=ecc_curve Elliptic curve identifier (psa_ecc_curve_t)\n");
- printf(" group=dh_group Diffie-Hellman group identifier (psa_dh_group_t)\n");
+ printf(" curve=ecc_curve Elliptic curve identifier (psa_ecc_family_t)\n");
+ printf(" group=dh_group Diffie-Hellman group identifier (psa_dh_family_t)\n");
printf(" type=key_type Key type (psa_key_type_t)\n");
printf(" usage=key_usage Key usage (psa_key_usage_t)\n");
printf(" error=status Status code (psa_status_t)\n");
@@ -271,11 +271,11 @@
break;
case TYPE_ECC_CURVE:
psa_snprint_ecc_curve(buffer, sizeof(buffer),
- (psa_ecc_curve_t) value);
+ (psa_ecc_family_t) value);
break;
case TYPE_DH_GROUP:
psa_snprint_dh_group(buffer, sizeof(buffer),
- (psa_dh_group_t) value);
+ (psa_dh_family_t) value);
break;
case TYPE_KEY_TYPE:
psa_snprint_key_type(buffer, sizeof(buffer),
@@ -311,10 +311,10 @@
return process_unsigned(TYPE_ALGORITHM, (psa_algorithm_t) (-1),
argv + 2);
} else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) {
- return process_unsigned(TYPE_ECC_CURVE, (psa_ecc_curve_t) (-1),
+ return process_unsigned(TYPE_ECC_CURVE, (psa_ecc_family_t) (-1),
argv + 2);
} else if (!strcmp(argv[1], "group") || !strcmp(argv[1], "dh_group")) {
- return process_unsigned(TYPE_DH_GROUP, (psa_dh_group_t) (-1),
+ return process_unsigned(TYPE_DH_GROUP, (psa_dh_family_t) (-1),
argv + 2);
} else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) {
return process_unsigned(TYPE_KEY_TYPE, (psa_key_type_t) (-1),
diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt
index 630c66e..95acb7e 100644
--- a/programs/random/CMakeLists.txt
+++ b/programs/random/CMakeLists.txt
@@ -1,12 +1,14 @@
-add_executable(gen_random_havege gen_random_havege.c)
-target_link_libraries(gen_random_havege mbedcrypto)
+set(executables
+ gen_entropy
+ gen_random_ctr_drbg
+ gen_random_havege
+)
-add_executable(gen_random_ctr_drbg gen_random_ctr_drbg.c)
-target_link_libraries(gen_random_ctr_drbg mbedcrypto)
+foreach(exe IN LISTS executables)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} mbedcrypto)
+endforeach()
-add_executable(gen_entropy gen_entropy.c)
-target_link_libraries(gen_entropy mbedcrypto)
-
-install(TARGETS gen_random_havege gen_random_ctr_drbg gen_entropy
+install(TARGETS ${executables}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index 32fb3c4..28fbfc5 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -5,17 +5,6 @@
mbedtls
)
-set(targets
- dtls_client
- dtls_server
- mini_client
- ssl_client1
- ssl_client2
- ssl_fork_server
- ssl_mail_client
- ssl_server
-)
-
if(USE_PKCS11_HELPER_LIBRARY)
set(libs ${libs} pkcs11-helper)
endif(USE_PKCS11_HELPER_LIBRARY)
@@ -24,44 +13,34 @@
set(libs ${libs} ${ZLIB_LIBRARIES})
endif(ENABLE_ZLIB_SUPPORT)
-add_executable(dtls_client dtls_client.c)
-target_link_libraries(dtls_client ${libs})
+set(executables
+ dtls_client
+ dtls_server
+ mini_client
+ ssl_client1
+ ssl_client2
+ ssl_context_info
+ ssl_fork_server
+ ssl_mail_client
+ ssl_server
+ ssl_server2
+)
-add_executable(dtls_server dtls_server.c)
-target_link_libraries(dtls_server ${libs})
+foreach(exe IN LISTS executables)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} ${libs})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
+endforeach()
-add_executable(ssl_client1 ssl_client1.c)
-target_link_libraries(ssl_client1 ${libs})
-
-add_executable(ssl_client2 ssl_client2.c)
-target_sources(ssl_client2 PUBLIC ../test/query_config.c)
-target_link_libraries(ssl_client2 ${libs})
-
-add_executable(ssl_server ssl_server.c)
-target_link_libraries(ssl_server ${libs})
-
-add_executable(ssl_server2 ssl_server2.c)
-target_sources(ssl_server2 PUBLIC ../test/query_config.c)
-target_link_libraries(ssl_server2 ${libs})
-
-add_executable(ssl_context_info ssl_context_info.c)
-target_link_libraries(ssl_context_info ${libs})
-
-add_executable(ssl_fork_server ssl_fork_server.c)
-target_link_libraries(ssl_fork_server ${libs})
-
-add_executable(ssl_mail_client ssl_mail_client.c)
-target_link_libraries(ssl_mail_client ${libs})
-
-add_executable(mini_client mini_client.c)
-target_link_libraries(mini_client ${libs})
+target_sources(ssl_client2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+target_sources(ssl_server2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
if(THREADS_FOUND)
- add_executable(ssl_pthread_server ssl_pthread_server.c)
+ add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})
- set(targets ${targets} ssl_pthread_server)
+ list(APPEND executables ssl_pthread_server)
endif(THREADS_FOUND)
-install(TARGETS ${targets}
+install(TARGETS ${executables}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 486b6a6..2e8e105 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -74,6 +74,8 @@
#include "mbedtls/psa_util.h"
#endif
+#include <test/helpers.h>
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -1016,45 +1018,6 @@
return( 0 );
}
-/* Unhexify `hex` into `dst`. `dst` must have
- * size at least `strlen( hex ) / 2`. */
-int unhexify( char const *hex, unsigned char *dst )
-{
- unsigned char c;
- size_t j;
- size_t len = strlen( hex );
-
- if( len % 2 != 0 )
- return( -1 );
-
- for( j = 0; j < len; j += 2 )
- {
- c = hex[j];
- if( c >= '0' && c <= '9' )
- c -= '0';
- else if( c >= 'a' && c <= 'f' )
- c -= 'a' - 10;
- else if( c >= 'A' && c <= 'F' )
- c -= 'A' - 10;
- else
- return( -1 );
- dst[ j / 2 ] = c << 4;
-
- c = hex[j + 1];
- if( c >= '0' && c <= '9' )
- c -= '0';
- else if( c >= 'a' && c <= 'f' )
- c -= 'a' - 10;
- else if( c >= 'A' && c <= 'F' )
- c -= 'A' - 10;
- else
- return( -1 );
- dst[ j / 2 ] |= c;
- }
-
- return( 0 );
-}
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage( mbedtls_ssl_context *ssl,
const char *additional_description )
@@ -1785,16 +1748,10 @@
*/
if( strlen( opt.psk ) )
{
- psk_len = strlen( opt.psk ) / 2;
- if( psk_len > sizeof( psk ) )
+ if( mbedtls_test_unhexify( psk, sizeof( psk ),
+ opt.psk, &psk_len ) != 0 )
{
- mbedtls_printf( "pre-shared key too long\n" );
- goto exit;
- }
-
- if( unhexify( opt.psk, psk ) != 0 )
- {
- mbedtls_printf( "pre-shared key not valid hex\n" );
+ mbedtls_printf( "pre-shared key not valid\n" );
goto exit;
}
}
@@ -1896,16 +1853,10 @@
}
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
- cid_len = strlen( opt.cid_val ) / 2;
- if( cid_len > sizeof( cid ) )
+ if( mbedtls_test_unhexify( cid, sizeof( cid ),
+ opt.cid_val, &cid_len ) != 0 )
{
- mbedtls_printf( "CID too long\n" );
- goto exit;
- }
-
- if( unhexify( opt.cid_val, cid ) != 0 )
- {
- mbedtls_printf( "CID not valid hex\n" );
+ mbedtls_printf( "CID not valid\n" );
goto exit;
}
@@ -1916,16 +1867,10 @@
if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO )
opt.cid_val_renego = opt.cid_val;
- cid_renego_len = strlen( opt.cid_val_renego ) / 2;
- if( cid_renego_len > sizeof( cid_renego ) )
+ if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ),
+ opt.cid_val_renego, &cid_renego_len ) != 0 )
{
- mbedtls_printf( "CID too long\n" );
- goto exit;
- }
-
- if( unhexify( opt.cid_val_renego, cid_renego ) != 0 )
- {
- mbedtls_printf( "CID not valid hex\n" );
+ mbedtls_printf( "CID not valid\n" );
goto exit;
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 3fd065e..1534607 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -70,6 +70,8 @@
#include "mbedtls/psa_util.h"
#endif
+#include <test/helpers.h>
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -1202,52 +1204,6 @@
#endif /* SNI_OPTION */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) || \
- defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-
-#define HEX2NUM( c ) \
- do \
- { \
- if( (c) >= '0' && (c) <= '9' ) \
- (c) -= '0'; \
- else if( (c) >= 'a' && (c) <= 'f' ) \
- (c) -= 'a' - 10; \
- else if( (c) >= 'A' && (c) <= 'F' ) \
- (c) -= 'A' - 10; \
- else \
- return( -1 ); \
- } while( 0 )
-
-/*
- * Convert a hex string to bytes.
- * Return 0 on success, -1 on error.
- */
-int unhexify( unsigned char *output, const char *input, size_t *olen )
-{
- unsigned char c;
- size_t j;
-
- *olen = strlen( input );
- if( *olen % 2 != 0 || *olen / 2 > MBEDTLS_PSK_MAX_LEN )
- return( -1 );
- *olen /= 2;
-
- for( j = 0; j < *olen * 2; j += 2 )
- {
- c = input[j];
- HEX2NUM( c );
- output[ j / 2 ] = c << 4;
-
- c = input[j + 1];
- HEX2NUM( c );
- output[ j / 2 ] |= c;
- }
-
- return( 0 );
-}
-
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
typedef struct _psk_entry psk_entry;
@@ -1319,7 +1275,8 @@
GET_ITEM( new->name );
GET_ITEM( key_hex );
- if( unhexify( new->key, key_hex, &new->key_len ) != 0 )
+ if( mbedtls_test_unhexify( new->key, MBEDTLS_PSK_MAX_LEN,
+ key_hex, &new->key_len ) != 0 )
goto error;
new->next = cur;
@@ -2632,7 +2589,8 @@
}
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
- if( unhexify( cid, opt.cid_val, &cid_len ) != 0 )
+ if( mbedtls_test_unhexify( cid, sizeof( cid ),
+ opt.cid_val, &cid_len ) != 0 )
{
mbedtls_printf( "CID not valid hex\n" );
goto exit;
@@ -2645,7 +2603,8 @@
if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO )
opt.cid_val_renego = opt.cid_val;
- if( unhexify( cid_renego, opt.cid_val_renego, &cid_renego_len ) != 0 )
+ if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ),
+ opt.cid_val_renego, &cid_renego_len ) != 0 )
{
mbedtls_printf( "CID not valid hex\n" );
goto exit;
@@ -2656,7 +2615,8 @@
/*
* Unhexify the pre-shared key and parse the list if any given
*/
- if( unhexify( psk, opt.psk, &psk_len ) != 0 )
+ if( mbedtls_test_unhexify( psk, sizeof( psk ),
+ opt.psk, &psk_len ) != 0 )
{
mbedtls_printf( "pre-shared key not valid hex\n" );
goto exit;
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index a26c096..0df0bec 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -10,27 +10,35 @@
set(libs ${libs} ${ZLIB_LIBRARIES})
endif(ENABLE_ZLIB_SUPPORT)
-add_executable(selftest selftest.c)
-target_link_libraries(selftest ${libs})
+set(executables_libs
+ selftest
+ udp_proxy
+)
-add_executable(benchmark benchmark.c)
-target_link_libraries(benchmark mbedcrypto)
+set(executables_mbedcrypto
+ benchmark
+ query_compile_time_config
+ zeroize
+)
if(TEST_CPP)
- add_executable(cpp_dummy_build cpp_dummy_build.cpp)
- target_link_libraries(cpp_dummy_build mbedcrypto)
+ list(APPEND executables_mbedcrypto cpp_dummy_build)
endif()
-add_executable(udp_proxy udp_proxy.c)
-target_link_libraries(udp_proxy ${libs})
+foreach(exe IN LISTS executables_libs executables_mbedcrypto)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-add_executable(zeroize zeroize.c)
-target_link_libraries(zeroize mbedcrypto)
+ # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
+ list(FIND executables_libs ${exe} exe_index)
+ if (${exe_index} GREATER -1)
+ target_link_libraries(${exe} ${libs})
+ else()
+ target_link_libraries(${exe} mbedcrypto)
+ endif()
+endforeach()
-add_executable(query_compile_time_config query_compile_time_config.c)
-target_sources(query_compile_time_config PUBLIC query_config.c)
-target_link_libraries(query_compile_time_config mbedcrypto)
+target_sources(query_compile_time_config PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
-install(TARGETS selftest benchmark udp_proxy query_compile_time_config
+install(TARGETS ${executables_libs} ${executables_mbedcrypto}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt
index 4c3fb0d..cb14a3e 100644
--- a/programs/util/CMakeLists.txt
+++ b/programs/util/CMakeLists.txt
@@ -2,12 +2,16 @@
mbedcrypto
)
-add_executable(strerror strerror.c)
-target_link_libraries(strerror ${libs})
+set(executables
+ pem2der
+ strerror
+)
-add_executable(pem2der pem2der.c)
-target_link_libraries(pem2der ${libs})
+foreach(exe IN LISTS executables)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} ${libs})
+endforeach()
-install(TARGETS strerror pem2der
+install(TARGETS ${executables}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt
index 68dec99..f7b5fe1 100644
--- a/programs/x509/CMakeLists.txt
+++ b/programs/x509/CMakeLists.txt
@@ -10,21 +10,21 @@
set(libs ${libs} ${ZLIB_LIBRARIES})
endif(ENABLE_ZLIB_SUPPORT)
-add_executable(cert_app cert_app.c)
-target_link_libraries(cert_app ${libs} mbedtls)
+set(executables
+ cert_app
+ cert_req
+ cert_write
+ crl_app
+ req_app
+)
-add_executable(crl_app crl_app.c)
-target_link_libraries(crl_app ${libs})
+foreach(exe IN LISTS executables)
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ target_link_libraries(${exe} ${libs})
+endforeach()
-add_executable(req_app req_app.c)
-target_link_libraries(req_app ${libs})
+target_link_libraries(cert_app mbedtls)
-add_executable(cert_req cert_req.c)
-target_link_libraries(cert_req ${libs})
-
-add_executable(cert_write cert_write.c)
-target_link_libraries(cert_write ${libs})
-
-install(TARGETS cert_app crl_app req_app cert_req cert_write
+install(TARGETS ${executables}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt
index f65881b..ddd1be7 100644
--- a/scripts/data_files/error.fmt
+++ b/scripts/data_files/error.fmt
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
#include <string.h>
diff --git a/scripts/data_files/version_features.fmt b/scripts/data_files/version_features.fmt
index 63ae94c..79d220e 100644
--- a/scripts/data_files/version_features.fmt
+++ b/scripts/data_files/version_features.fmt
@@ -19,11 +19,7 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "common.h"
#if defined(MBEDTLS_VERSION_C)
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index 3d2e681..c84b838 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -43,7 +43,7 @@
}
}
-static const char *psa_ecc_curve_name(psa_ecc_curve_t curve)
+static const char *psa_ecc_family_name(psa_ecc_family_t curve)
{
switch (curve) {
%(ecc_curve_cases)s
@@ -51,7 +51,7 @@
}
}
-static const char *psa_dh_group_name(psa_dh_group_t group)
+static const char *psa_dh_family_name(psa_dh_family_t group)
{
switch (group) {
%(dh_group_cases)s
@@ -179,13 +179,13 @@
KEY_TYPE_FROM_CURVE_TEMPLATE = '''if (%(tester)s(type)) {
append_with_curve(&buffer, buffer_size, &required_size,
"%(builder)s", %(builder_length)s,
- PSA_KEY_TYPE_GET_CURVE(type));
+ PSA_KEY_TYPE_ECC_GET_FAMILY(type));
} else '''
KEY_TYPE_FROM_GROUP_TEMPLATE = '''if (%(tester)s(type)) {
append_with_group(&buffer, buffer_size, &required_size,
"%(builder)s", %(builder_length)s,
- PSA_KEY_TYPE_GET_GROUP(type));
+ PSA_KEY_TYPE_DH_GET_FAMILY(type));
} else '''
ALGORITHM_FROM_HASH_TEMPLATE = '''if (%(tester)s(core_alg)) {
@@ -264,9 +264,9 @@
self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:]
elif name.startswith('PSA_KEY_TYPE_') and parameter == 'group':
self.key_types_from_group[name] = name[:13] + 'IS_' + name[13:]
- elif name.startswith('PSA_ECC_CURVE_') and not parameter:
+ elif name.startswith('PSA_ECC_FAMILY_') and not parameter:
self.ecc_curves.add(name)
- elif name.startswith('PSA_DH_GROUP_') and not parameter:
+ elif name.startswith('PSA_DH_FAMILY_') and not parameter:
self.dh_groups.add(name)
elif name.startswith('PSA_ALG_') and not parameter:
if name in ['PSA_ALG_ECDSA_BASE',
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index d72d19d..a3a2925 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -39,6 +39,8 @@
my $mbedtls_header_dir = 'include/mbedtls';
my $psa_header_dir = 'include/psa';
my $source_dir = 'library';
+my $test_source_dir = 'tests/src';
+my $test_header_dir = 'tests/include/test';
my @thirdparty_header_dirs = qw(
3rdparty/everest/include/everest
@@ -58,9 +60,19 @@
3rdparty/everest/include/everest
3rdparty/everest/include/everest/vs2010
3rdparty/everest/include/everest/kremlib
+ tests/include
);
my $include_directories = join(';', map {"../../$_"} @include_directories);
+# Directories to add to the include path when building the library, but not
+# when building tests or applications.
+my @library_include_directories = qw(
+ library
+);
+my $library_include_directories =
+ join(';', map {"../../$_"} (@library_include_directories,
+ @include_directories));
+
my @excluded_files = qw(
3rdparty/everest/library/Hacl_Curve25519.c
);
@@ -104,6 +116,8 @@
&& -d $mbedtls_header_dir
&& -d $psa_header_dir
&& -d $source_dir
+ && -d $test_source_dir
+ && -d $test_header_dir
&& -d $programs_dir;
}
@@ -197,7 +211,7 @@
my $out = slurp_file( $main_tpl );
$out =~ s/SOURCE_ENTRIES\r\n/$source_entries/m;
$out =~ s/HEADER_ENTRIES\r\n/$header_entries/m;
- $out =~ s/INCLUDE_DIRECTORIES\r\n/$include_directories/g;
+ $out =~ s/INCLUDE_DIRECTORIES\r\n/$library_include_directories/g;
content_to_file( $out, $main_out );
}
@@ -249,12 +263,14 @@
my @header_dirs = (
$mbedtls_header_dir,
$psa_header_dir,
+ $test_header_dir,
$source_dir,
@thirdparty_header_dirs,
);
my @headers = (map { <$_/*.h> } @header_dirs);
my @source_dirs = (
$source_dir,
+ $test_source_dir,
@thirdparty_source_dirs,
);
my @sources = (map { <$_/*.c> } @source_dirs);
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 39a7a2c..cc68663 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -46,9 +46,16 @@
DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data
)
- add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtests>)
+ add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(test_suite_${data_name} ${libs})
- target_include_directories(test_suite_${data_name} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include)
+ # Include test-specific header files from ./include and private header
+ # files (used by some invasive tests) from ../library. Public header
+ # files are automatically included because the library targets declare
+ # them as PUBLIC.
+ target_include_directories(test_suite_${data_name}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library)
+
if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX})
message(STATUS "The test suite ${data_name} will not be executed.")
else()
@@ -66,10 +73,6 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-")
endif(MSVC)
-file(GLOB MBEDTESTS_FILES ${CMAKE_CURRENT_SOURCE_DIR}/src/*.c)
-add_library(mbedtests OBJECT ${MBEDTESTS_FILES})
-target_include_directories(mbedtests PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include)
-
add_test_suite(aes aes.cbc)
add_test_suite(aes aes.cfb)
add_test_suite(aes aes.ecb)
diff --git a/tests/Makefile b/tests/Makefile
index 6f3179c..ffa4812 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -6,6 +6,9 @@
WARNING_CFLAGS ?= -Wall -Wextra
LDFLAGS ?=
+# Include public header files from ../include, test-specific header files
+# from ./include, and private header files (used by some invasive tests)
+# from ../library.
LOCAL_CFLAGS = $(WARNING_CFLAGS) -I./include -I../include -I../library -D_FILE_OFFSET_BITS=64
LOCAL_LDFLAGS = -L../library \
-lmbedtls$(SHARED_SUFFIX) \
@@ -77,7 +80,9 @@
$(MBEDLIBS):
$(MAKE) -C ../library
-MBEDTESTS_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c))
+MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c))
+
+mbedtls_test: $(MBEDTLS_TEST_OBJS)
# Rule to compile common test C files in src folder
src/%.o : src/%.c
@@ -112,9 +117,9 @@
-o .
-$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(MBEDTESTS_OBJS)
+$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(MBEDTLS_TEST_OBJS)
echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTESTS_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTLS_TEST_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
# Some test suites require additional header files.
$(filter test_suite_psa_crypto%, $(BINARIES)): include/test/psa_crypto_helpers.h
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index 36ec8e6..69d882c 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -54,7 +54,29 @@
int mbedtls_test_platform_setup( void );
void mbedtls_test_platform_teardown( void );
-int mbedtls_test_unhexify( unsigned char *obuf, const char *ibuf );
+/**
+ * \brief This function translates an ASCII string encoding an
+ * hexadecimal number into the encoded hexadecimal number. The
+ * hexadecimal number is represented as an array of
+ * unsigned char.
+ *
+ * \note The output buffer can be the same as the input buffer. For
+ * any other overlapping of the input and output buffers, the
+ * behavior is undefined.
+ *
+ * \param obuf Output buffer.
+ * \param obufmax Size in number of bytes of \p obuf.
+ * \param ibuf Input buffer.
+ * \param len The number of unsigned char written in \p obuf. This must
+ * not be \c NULL.
+ *
+ * \return \c 0 on success.
+ * \return \c -1 if the output buffer is too small or the input string
+ * is not a valid ASCII encoding of an hexadecimal number.
+ */
+int mbedtls_test_unhexify( unsigned char *obuf, size_t obufmax,
+ const char *ibuf, size_t *len );
+
void mbedtls_test_hexify( unsigned char *obuf,
const unsigned char *ibuf,
int len );
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 9a70438..558016d 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -680,7 +680,7 @@
component_check_files () {
msg "Check: file sanity checks (permissions, encodings)" # < 1s
- record_status tests/scripts/check-files.py
+ record_status tests/scripts/check_files.py
}
component_check_changelog () {
@@ -707,7 +707,7 @@
else
opt=''
fi
- record_status tests/scripts/check-test-cases.py $opt
+ record_status tests/scripts/check_test_cases.py $opt
unset opt
}
@@ -1001,6 +1001,25 @@
if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
}
+component_test_everest_curve25519_only () {
+ msg "build: Everest ECDH context, only Curve25519" # ~ 6 min
+ scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
+ scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
+ scripts/config.py unset MBEDTLS_ECDSA_C
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ # Disable all curves
+ for c in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do
+ scripts/config.py unset "$c"
+ done
+ scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED
+
+ make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+ msg "test: Everest ECDH context, only Curve25519" # ~ 50s
+ make test
+}
+
component_test_small_ssl_out_content_len () {
msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
new file mode 100755
index 0000000..73f16bd
--- /dev/null
+++ b/tests/scripts/analyze_outcomes.py
@@ -0,0 +1,131 @@
+#!/usr/bin/env python3
+
+"""Analyze the test outcomes from a full CI run.
+
+This script can also run on outcomes from a partial run, but the results are
+less likely to be useful.
+"""
+
+import argparse
+import re
+import sys
+import traceback
+
+import check_test_cases
+
+class Results:
+ """Process analysis results."""
+
+ def __init__(self):
+ self.error_count = 0
+ self.warning_count = 0
+
+ @staticmethod
+ def log(fmt, *args, **kwargs):
+ sys.stderr.write((fmt + '\n').format(*args, **kwargs))
+
+ def error(self, fmt, *args, **kwargs):
+ self.log('Error: ' + fmt, *args, **kwargs)
+ self.error_count += 1
+
+ def warning(self, fmt, *args, **kwargs):
+ self.log('Warning: ' + fmt, *args, **kwargs)
+ self.warning_count += 1
+
+class TestCaseOutcomes:
+ """The outcomes of one test case across many configurations."""
+ # pylint: disable=too-few-public-methods
+
+ def __init__(self):
+ # Collect a list of witnesses of the test case succeeding or failing.
+ # Currently we don't do anything with witnesses except count them.
+ # The format of a witness is determined by the read_outcome_file
+ # function; it's the platform and configuration joined by ';'.
+ self.successes = []
+ self.failures = []
+
+ def hits(self):
+ """Return the number of times a test case has been run.
+
+ This includes passes and failures, but not skips.
+ """
+ return len(self.successes) + len(self.failures)
+
+class TestDescriptions(check_test_cases.TestDescriptionExplorer):
+ """Collect the available test cases."""
+
+ def __init__(self):
+ super().__init__()
+ self.descriptions = set()
+
+ def process_test_case(self, _per_file_state,
+ file_name, _line_number, description):
+ """Record an available test case."""
+ base_name = re.sub(r'\.[^.]*$', '', re.sub(r'.*/', '', file_name))
+ key = ';'.join([base_name, description.decode('utf-8')])
+ self.descriptions.add(key)
+
+def collect_available_test_cases():
+ """Collect the available test cases."""
+ explorer = TestDescriptions()
+ explorer.walk_all()
+ return sorted(explorer.descriptions)
+
+def analyze_coverage(results, outcomes):
+ """Check that all available test cases are executed at least once."""
+ available = collect_available_test_cases()
+ for key in available:
+ hits = outcomes[key].hits() if key in outcomes else 0
+ if hits == 0:
+ # Make this a warning, not an error, as long as we haven't
+ # fixed this branch to have full coverage of test cases.
+ results.warning('Test case not executed: {}', key)
+
+def analyze_outcomes(outcomes):
+ """Run all analyses on the given outcome collection."""
+ results = Results()
+ analyze_coverage(results, outcomes)
+ return results
+
+def read_outcome_file(outcome_file):
+ """Parse an outcome file and return an outcome collection.
+
+An outcome collection is a dictionary mapping keys to TestCaseOutcomes objects.
+The keys are the test suite name and the test case description, separated
+by a semicolon.
+"""
+ outcomes = {}
+ with open(outcome_file, 'r', encoding='utf-8') as input_file:
+ for line in input_file:
+ (platform, config, suite, case, result, _cause) = line.split(';')
+ key = ';'.join([suite, case])
+ setup = ';'.join([platform, config])
+ if key not in outcomes:
+ outcomes[key] = TestCaseOutcomes()
+ if result == 'PASS':
+ outcomes[key].successes.append(setup)
+ elif result == 'FAIL':
+ outcomes[key].failures.append(setup)
+ return outcomes
+
+def analyze_outcome_file(outcome_file):
+ """Analyze the given outcome file."""
+ outcomes = read_outcome_file(outcome_file)
+ return analyze_outcomes(outcomes)
+
+def main():
+ try:
+ parser = argparse.ArgumentParser(description=__doc__)
+ parser.add_argument('outcomes', metavar='OUTCOMES.CSV',
+ help='Outcome file to analyze')
+ options = parser.parse_args()
+ results = analyze_outcome_file(options.outcomes)
+ if results.error_count > 0:
+ sys.exit(1)
+ except Exception: # pylint: disable=broad-except
+ # Print the backtrace and exit explicitly with our chosen status.
+ traceback.print_exc()
+ sys.exit(120)
+
+if __name__ == '__main__':
+ main()
diff --git a/tests/scripts/basic-in-docker.sh b/tests/scripts/basic-in-docker.sh
index 37ed5ea..83d6655 100755
--- a/tests/scripts/basic-in-docker.sh
+++ b/tests/scripts/basic-in-docker.sh
@@ -4,8 +4,10 @@
#
# Purpose
# -------
-# This runs a rough equivalent of the travis.yml in a Docker container.
-# The tests are run for both clang and gcc.
+# This runs sanity checks and library tests in a Docker container. The tests
+# are run for both clang and gcc. The testing includes a full test run
+# in the default configuration, partial test runs in the reference
+# configurations, and some dependency tests.
#
# Notes for users
# ---------------
@@ -30,12 +32,7 @@
source tests/scripts/docker_env.sh
-run_in_docker tests/scripts/recursion.pl library/*.c
-run_in_docker tests/scripts/check-generated-files.sh
-run_in_docker tests/scripts/check-doxy-blocks.pl
-run_in_docker tests/scripts/check-names.sh
-run_in_docker tests/scripts/check-files.py
-run_in_docker tests/scripts/doxygen.sh
+run_in_docker tests/scripts/all.sh 'check_*'
for compiler in clang gcc; do
run_in_docker -e CC=${compiler} cmake -D CMAKE_BUILD_TYPE:String="Check" .
diff --git a/tests/scripts/check-test-cases.py b/tests/scripts/check-test-cases.py
deleted file mode 100755
index 35a9987..0000000
--- a/tests/scripts/check-test-cases.py
+++ /dev/null
@@ -1,136 +0,0 @@
-#!/usr/bin/env python3
-
-"""Sanity checks for test data.
-"""
-
-# Copyright (C) 2019, Arm Limited, All Rights Reserved
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# This file is part of Mbed TLS (https://tls.mbed.org)
-
-import argparse
-import glob
-import os
-import re
-import sys
-
-class Results:
- """Store file and line information about errors or warnings in test suites."""
-
- def __init__(self, options):
- self.errors = 0
- self.warnings = 0
- self.ignore_warnings = options.quiet
-
- def error(self, file_name, line_number, fmt, *args):
- sys.stderr.write(('{}:{}:ERROR:' + fmt + '\n').
- format(file_name, line_number, *args))
- self.errors += 1
-
- def warning(self, file_name, line_number, fmt, *args):
- if not self.ignore_warnings:
- sys.stderr.write(('{}:{}:Warning:' + fmt + '\n')
- .format(file_name, line_number, *args))
- self.warnings += 1
-
-def collect_test_directories():
- """Get the relative path for the TLS and Crypto test directories."""
- if os.path.isdir('tests'):
- tests_dir = 'tests'
- elif os.path.isdir('suites'):
- tests_dir = '.'
- elif os.path.isdir('../suites'):
- tests_dir = '..'
- directories = [tests_dir]
- return directories
-
-def check_description(results, seen, file_name, line_number, description):
- """Check test case descriptions for errors."""
- if description in seen:
- results.error(file_name, line_number,
- 'Duplicate description (also line {})',
- seen[description])
- return
- if re.search(br'[\t;]', description):
- results.error(file_name, line_number,
- 'Forbidden character \'{}\' in description',
- re.search(br'[\t;]', description).group(0).decode('ascii'))
- if re.search(br'[^ -~]', description):
- results.error(file_name, line_number,
- 'Non-ASCII character in description')
- if len(description) > 66:
- results.warning(file_name, line_number,
- 'Test description too long ({} > 66)',
- len(description))
- seen[description] = line_number
-
-def check_test_suite(results, data_file_name):
- """Check the test cases in the given unit test data file."""
- in_paragraph = False
- descriptions = {}
- with open(data_file_name, 'rb') as data_file:
- for line_number, line in enumerate(data_file, 1):
- line = line.rstrip(b'\r\n')
- if not line:
- in_paragraph = False
- continue
- if line.startswith(b'#'):
- continue
- if not in_paragraph:
- # This is a test case description line.
- check_description(results, descriptions,
- data_file_name, line_number, line)
- in_paragraph = True
-
-def check_ssl_opt_sh(results, file_name):
- """Check the test cases in ssl-opt.sh or a file with a similar format."""
- descriptions = {}
- with open(file_name, 'rb') as file_contents:
- for line_number, line in enumerate(file_contents, 1):
- # Assume that all run_test calls have the same simple form
- # with the test description entirely on the same line as the
- # function name.
- m = re.match(br'\s*run_test\s+"((?:[^\\"]|\\.)*)"', line)
- if not m:
- continue
- description = m.group(1)
- check_description(results, descriptions,
- file_name, line_number, description)
-
-def main():
- parser = argparse.ArgumentParser(description=__doc__)
- parser.add_argument('--quiet', '-q',
- action='store_true',
- help='Hide warnings')
- parser.add_argument('--verbose', '-v',
- action='store_false', dest='quiet',
- help='Show warnings (default: on; undoes --quiet)')
- options = parser.parse_args()
- test_directories = collect_test_directories()
- results = Results(options)
- for directory in test_directories:
- for data_file_name in glob.glob(os.path.join(directory, 'suites',
- '*.data')):
- check_test_suite(results, data_file_name)
- ssl_opt_sh = os.path.join(directory, 'ssl-opt.sh')
- if os.path.exists(ssl_opt_sh):
- check_ssl_opt_sh(results, ssl_opt_sh)
- if (results.warnings or results.errors) and not options.quiet:
- sys.stderr.write('{}: {} errors, {} warnings\n'
- .format(sys.argv[0], results.errors, results.warnings))
- sys.exit(1 if results.errors else 0)
-
-if __name__ == '__main__':
- main()
diff --git a/tests/scripts/check-files.py b/tests/scripts/check_files.py
similarity index 100%
rename from tests/scripts/check-files.py
rename to tests/scripts/check_files.py
diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py
new file mode 100755
index 0000000..3360d28
--- /dev/null
+++ b/tests/scripts/check_test_cases.py
@@ -0,0 +1,194 @@
+#!/usr/bin/env python3
+
+"""Sanity checks for test data.
+
+This program contains a class for traversing test cases that can be used
+independently of the checks.
+"""
+
+# Copyright (C) 2019, Arm Limited, All Rights Reserved
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# This file is part of Mbed TLS (https://tls.mbed.org)
+
+import argparse
+import glob
+import os
+import re
+import sys
+
+class Results:
+ """Store file and line information about errors or warnings in test suites."""
+
+ def __init__(self, options):
+ self.errors = 0
+ self.warnings = 0
+ self.ignore_warnings = options.quiet
+
+ def error(self, file_name, line_number, fmt, *args):
+ sys.stderr.write(('{}:{}:ERROR:' + fmt + '\n').
+ format(file_name, line_number, *args))
+ self.errors += 1
+
+ def warning(self, file_name, line_number, fmt, *args):
+ if not self.ignore_warnings:
+ sys.stderr.write(('{}:{}:Warning:' + fmt + '\n')
+ .format(file_name, line_number, *args))
+ self.warnings += 1
+
+class TestDescriptionExplorer:
+ """An iterator over test cases with descriptions.
+
+The test cases that have descriptions are:
+* Individual unit tests (entries in a .data file) in test suites.
+* Individual test cases in ssl-opt.sh.
+
+This is an abstract class. To use it, derive a class that implements
+the process_test_case method, and call walk_all().
+"""
+
+ def process_test_case(self, per_file_state,
+ file_name, line_number, description):
+ """Process a test case.
+
+per_file_state: an object created by new_per_file_state() at the beginning
+ of each file.
+file_name: a relative path to the file containing the test case.
+line_number: the line number in the given file.
+description: the test case description as a byte string.
+"""
+ raise NotImplementedError
+
+ def new_per_file_state(self):
+ """Return a new per-file state object.
+
+The default per-file state object is None. Child classes that require per-file
+state may override this method.
+"""
+ #pylint: disable=no-self-use
+ return None
+
+ def walk_test_suite(self, data_file_name):
+ """Iterate over the test cases in the given unit test data file."""
+ in_paragraph = False
+ descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none
+ with open(data_file_name, 'rb') as data_file:
+ for line_number, line in enumerate(data_file, 1):
+ line = line.rstrip(b'\r\n')
+ if not line:
+ in_paragraph = False
+ continue
+ if line.startswith(b'#'):
+ continue
+ if not in_paragraph:
+ # This is a test case description line.
+ self.process_test_case(descriptions,
+ data_file_name, line_number, line)
+ in_paragraph = True
+
+ def walk_ssl_opt_sh(self, file_name):
+ """Iterate over the test cases in ssl-opt.sh or a file with a similar format."""
+ descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none
+ with open(file_name, 'rb') as file_contents:
+ for line_number, line in enumerate(file_contents, 1):
+ # Assume that all run_test calls have the same simple form
+ # with the test description entirely on the same line as the
+ # function name.
+ m = re.match(br'\s*run_test\s+"((?:[^\\"]|\\.)*)"', line)
+ if not m:
+ continue
+ description = m.group(1)
+ self.process_test_case(descriptions,
+ file_name, line_number, description)
+
+ @staticmethod
+ def collect_test_directories():
+ """Get the relative path for the TLS and Crypto test directories."""
+ if os.path.isdir('tests'):
+ tests_dir = 'tests'
+ elif os.path.isdir('suites'):
+ tests_dir = '.'
+ elif os.path.isdir('../suites'):
+ tests_dir = '..'
+ directories = [tests_dir]
+ return directories
+
+ def walk_all(self):
+ """Iterate over all named test cases."""
+ test_directories = self.collect_test_directories()
+ for directory in test_directories:
+ for data_file_name in glob.glob(os.path.join(directory, 'suites',
+ '*.data')):
+ self.walk_test_suite(data_file_name)
+ ssl_opt_sh = os.path.join(directory, 'ssl-opt.sh')
+ if os.path.exists(ssl_opt_sh):
+ self.walk_ssl_opt_sh(ssl_opt_sh)
+
+class DescriptionChecker(TestDescriptionExplorer):
+ """Check all test case descriptions.
+
+* Check that each description is valid (length, allowed character set, etc.).
+* Check that there is no duplicated description inside of one test suite.
+"""
+
+ def __init__(self, results):
+ self.results = results
+
+ def new_per_file_state(self):
+ """Dictionary mapping descriptions to their line number."""
+ return {}
+
+ def process_test_case(self, per_file_state,
+ file_name, line_number, description):
+ """Check test case descriptions for errors."""
+ results = self.results
+ seen = per_file_state
+ if description in seen:
+ results.error(file_name, line_number,
+ 'Duplicate description (also line {})',
+ seen[description])
+ return
+ if re.search(br'[\t;]', description):
+ results.error(file_name, line_number,
+ 'Forbidden character \'{}\' in description',
+ re.search(br'[\t;]', description).group(0).decode('ascii'))
+ if re.search(br'[^ -~]', description):
+ results.error(file_name, line_number,
+ 'Non-ASCII character in description')
+ if len(description) > 66:
+ results.warning(file_name, line_number,
+ 'Test description too long ({} > 66)',
+ len(description))
+ seen[description] = line_number
+
+def main():
+ parser = argparse.ArgumentParser(description=__doc__)
+ parser.add_argument('--quiet', '-q',
+ action='store_true',
+ help='Hide warnings')
+ parser.add_argument('--verbose', '-v',
+ action='store_false', dest='quiet',
+ help='Show warnings (default: on; undoes --quiet)')
+ options = parser.parse_args()
+ results = Results(options)
+ checker = DescriptionChecker(results)
+ checker.walk_all()
+ if (results.warnings or results.errors) and not options.quiet:
+ sys.stderr.write('{}: {} errors, {} warnings\n'
+ .format(sys.argv[0], results.errors, results.warnings))
+ sys.exit(1 if results.errors else 0)
+
+if __name__ == '__main__':
+ main()
diff --git a/tests/scripts/curves.pl b/tests/scripts/curves.pl
index cd6ea0d..8db4430 100755
--- a/tests/scripts/curves.pl
+++ b/tests/scripts/curves.pl
@@ -2,7 +2,7 @@
# curves.pl
#
-# Copyright (c) 2014-2016, ARM Limited, All Rights Reserved
+# Copyright (c) 2014-2020, ARM Limited, All Rights Reserved
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -21,21 +21,25 @@
#
# Purpose
#
-# To test the code dependencies on individual curves in each test suite. This
-# is a verification step to ensure we don't ship test suites that do not work
-# for some build options.
+# The purpose of this test script is to validate that the library works
+# with any combination of elliptic curves. To this effect, build the library
+# and run the test suite with each tested combination of elliptic curves.
#
-# The process is:
-# for each possible curve
-# build the library and test suites with the curve disabled
-# execute the test suites
+# Testing all 2^n combinations would be too much, so we only test 2*n:
#
-# And any test suite with the wrong dependencies will fail.
-#
+# 1. Test with a single curve, for each curve. This validates that the
+# library works with any curve, and in particular that curve-specific
+# code is guarded by the proper preprocessor conditionals.
+# 2. Test with all curves except one, for each curve. This validates that
+# the test cases have correct dependencies. Testing with a single curve
+# doesn't validate this for tests that require more than one curve.
+
# Usage: tests/scripts/curves.pl
#
# This script should be executed from the root of the project directory.
#
+# Only curves that are enabled in config.h will be tested.
+#
# For best effect, run either with cmake disabled, or cmake enabled in a mode
# that includes -Werror.
@@ -48,6 +52,25 @@
my $config_h = 'include/mbedtls/config.h';
my @curves = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` );
+# Determine which curves support ECDSA by checking the dependencies of
+# ECDSA in check_config.h.
+my %curve_supports_ecdsa = ();
+{
+ local $/ = "";
+ local *CHECK_CONFIG;
+ open(CHECK_CONFIG, '<', 'include/mbedtls/check_config.h')
+ or die "open include/mbedtls/check_config.h: $!";
+ while (my $stanza = <CHECK_CONFIG>) {
+ if ($stanza =~ /\A#if defined\(MBEDTLS_ECDSA_C\)/) {
+ for my $curve ($stanza =~ /(?<=\()MBEDTLS_ECP_DP_\w+_ENABLED(?=\))/g) {
+ $curve_supports_ecdsa{$curve} = 1;
+ }
+ last;
+ }
+ }
+ close(CHECK_CONFIG);
+}
+
system( "cp $config_h $config_h.bak" ) and die;
sub abort {
system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
@@ -56,6 +79,46 @@
exit 1;
}
+# Disable all the curves. We'll then re-enable them one by one.
+for my $curve (@curves) {
+ system( "scripts/config.pl unset $curve" )
+ and abort "Failed to disable $curve\n";
+}
+# Depends on a specific curve. Also, ignore error if it wasn't enabled.
+system( "scripts/config.pl unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" );
+
+# Test with only $curve enabled, for each $curve.
+for my $curve (@curves) {
+ system( "make clean" ) and die;
+
+ print "\n******************************************\n";
+ print "* Testing with only curve: $curve\n";
+ print "******************************************\n";
+ $ENV{MBEDTLS_TEST_CONFIGURATION} = "$curve";
+
+ system( "scripts/config.pl set $curve" )
+ and abort "Failed to enable $curve\n";
+
+ my $ecdsa = $curve_supports_ecdsa{$curve} ? "set" : "unset";
+ for my $dep (qw(MBEDTLS_ECDSA_C
+ MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) {
+ system( "scripts/config.pl $ecdsa $dep" )
+ and abort "Failed to $ecdsa $dep\n";
+ }
+
+ system( "CFLAGS='-Werror -Wall -Wextra' make" )
+ and abort "Failed to build: only $curve\n";
+ system( "make test" )
+ and abort "Failed test suite: only $curve\n";
+
+ system( "scripts/config.pl unset $curve" )
+ and abort "Failed to disable $curve\n";
+}
+
+system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
+
+# Test with $curve disabled but the others enabled, for each $curve.
for my $curve (@curves) {
system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
system( "make clean" ) and die;
@@ -71,10 +134,10 @@
system( "scripts/config.py unset $curve" )
and abort "Failed to disable $curve\n";
- system( "CFLAGS='-Werror -Wall -Wextra' make lib" )
- and abort "Failed to build lib: $curve\n";
- system( "make" ) and abort "Failed to build tests: $curve\n";
- system( "make test" ) and abort "Failed test suite: $curve\n";
+ system( "CFLAGS='-Werror -Wall -Wextra' make" )
+ and abort "Failed to build: all but $curve\n";
+ system( "make test" )
+ and abort "Failed test suite: all but $curve\n";
}
diff --git a/tests/scripts/depends-pkalgs.pl b/tests/scripts/depends-pkalgs.pl
index 1577fee..0d5d297 100755
--- a/tests/scripts/depends-pkalgs.pl
+++ b/tests/scripts/depends-pkalgs.pl
@@ -50,7 +50,8 @@
# Some algorithms can't be disabled on their own as others depend on them, so
# we list those reverse-dependencies here to keep check_config.h happy.
my %algs = (
- 'MBEDTLS_ECDSA_C' => ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'],
+ 'MBEDTLS_ECDSA_C' => ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+ 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED'],
'MBEDTLS_ECP_C' => ['MBEDTLS_ECDSA_C',
'MBEDTLS_ECDH_C',
'MBEDTLS_ECJPAKE_C',
@@ -68,6 +69,7 @@
'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT',
'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+ 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
);
diff --git a/tests/scripts/docker_env.sh b/tests/scripts/docker_env.sh
index 8bdc425..582a17d 100755
--- a/tests/scripts/docker_env.sh
+++ b/tests/scripts/docker_env.sh
@@ -60,12 +60,19 @@
DOCKER="sudo docker"
fi
+# Figure out the number of processors available
+if [ "$(uname)" == "Darwin" ]; then
+ NUM_PROC="$(sysctl -n hw.logicalcpu)"
+else
+ NUM_PROC="$(nproc)"
+fi
+
# Build the Docker image
echo "Getting docker image up to date (this may take a few minutes)..."
${DOCKER} image build \
-t ${DOCKER_IMAGE_TAG} \
--cache-from=${DOCKER_IMAGE_TAG} \
- --build-arg MAKEFLAGS_PARALLEL="-j $(nproc)" \
+ --build-arg MAKEFLAGS_PARALLEL="-j ${NUM_PROC}" \
--network host \
${http_proxy+--build-arg http_proxy=${http_proxy}} \
${https_proxy+--build-arg https_proxy=${https_proxy}} \
diff --git a/tests/src/helpers.c b/tests/src/helpers.c
index 08d88a5..b9abf19 100644
--- a/tests/src/helpers.c
+++ b/tests/src/helpers.c
@@ -41,38 +41,49 @@
#endif /* MBEDTLS_PLATFORM_C */
}
-int mbedtls_test_unhexify( unsigned char *obuf, const char *ibuf )
+static int ascii2uc(const char c, unsigned char *uc)
{
- unsigned char c, c2;
- int len = strlen( ibuf ) / 2;
- TEST_HELPER_ASSERT( strlen( ibuf ) % 2 == 0 ); /* must be even number of bytes */
+ if( ( c >= '0' ) && ( c <= '9' ) )
+ *uc = c - '0';
+ else if( ( c >= 'a' ) && ( c <= 'f' ) )
+ *uc = c - 'a' + 10;
+ else if( ( c >= 'A' ) && ( c <= 'F' ) )
+ *uc = c - 'A' + 10;
+ else
+ return( -1 );
+
+ return( 0 );
+}
+
+int mbedtls_test_unhexify( unsigned char *obuf,
+ size_t obufmax,
+ const char *ibuf,
+ size_t *len )
+{
+ unsigned char uc, uc2;
+
+ *len = strlen( ibuf );
+
+ /* Must be even number of bytes. */
+ if ( ( *len ) & 1 )
+ return( -1 );
+ *len /= 2;
+
+ if ( (*len) > obufmax )
+ return( -1 );
while( *ibuf != 0 )
{
- c = *ibuf++;
- if( c >= '0' && c <= '9' )
- c -= '0';
- else if( c >= 'a' && c <= 'f' )
- c -= 'a' - 10;
- else if( c >= 'A' && c <= 'F' )
- c -= 'A' - 10;
- else
- TEST_HELPER_ASSERT( 0 );
+ if ( ascii2uc( *(ibuf++), &uc ) != 0 )
+ return( -1 );
- c2 = *ibuf++;
- if( c2 >= '0' && c2 <= '9' )
- c2 -= '0';
- else if( c2 >= 'a' && c2 <= 'f' )
- c2 -= 'a' - 10;
- else if( c2 >= 'A' && c2 <= 'F' )
- c2 -= 'A' - 10;
- else
- TEST_HELPER_ASSERT( 0 );
+ if ( ascii2uc( *(ibuf++), &uc2 ) != 0 )
+ return( -1 );
- *obuf++ = ( c << 4 ) | c2;
+ *(obuf++) = ( uc << 4 ) | uc2;
}
- return len;
+ return( 0 );
}
void mbedtls_test_hexify( unsigned char *obuf,
@@ -117,6 +128,7 @@
unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen )
{
unsigned char *obuf;
+ size_t len;
*olen = strlen( ibuf ) / 2;
@@ -125,8 +137,7 @@
obuf = mbedtls_calloc( 1, *olen );
TEST_HELPER_ASSERT( obuf != NULL );
-
- (void) mbedtls_test_unhexify( obuf, ibuf );
+ TEST_HELPER_ASSERT( mbedtls_test_unhexify( obuf, *olen, ibuf, &len ) == 0 );
return( obuf );
}
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 8d28b63..5864a87 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -241,6 +241,33 @@
fi
}
+# maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...]
+# If CMD (call to a TLS client or server program) requires a specific
+# ciphersuite, arrange to only run the test case if this ciphersuite is
+# enabled. As an exception, do run the test case if it expects a ciphersuite
+# mismatch.
+maybe_requires_ciphersuite_enabled() {
+ case "$1" in
+ *\ force_ciphersuite=*) :;;
+ *) return;; # No specific required ciphersuite
+ esac
+ ciphersuite="${1##*\ force_ciphersuite=}"
+ ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}"
+ shift
+
+ case "$*" in
+ *"-s SSL - The server has no ciphersuites in common"*)
+ # This test case expects a ciphersuite mismatch, so it doesn't
+ # require the ciphersuite to be enabled.
+ ;;
+ *)
+ requires_ciphersuite_enabled "$ciphersuite"
+ ;;
+ esac
+
+ unset ciphersuite
+}
+
# skip next test if OpenSSL doesn't support FALLBACK_SCSV
requires_openssl_with_fallback_scsv() {
if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
@@ -658,17 +685,9 @@
requires_config_enabled MBEDTLS_FS_IO
fi
- # Check if server forces ciphersuite
- FORCE_CIPHERSUITE=$(echo "$SRV_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p')
- if [ ! -z "$FORCE_CIPHERSUITE" ]; then
- requires_ciphersuite_enabled $FORCE_CIPHERSUITE
- fi
-
- # Check if client forces ciphersuite
- FORCE_CIPHERSUITE=$(echo "$CLI_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p')
- if [ ! -z "$FORCE_CIPHERSUITE" ]; then
- requires_ciphersuite_enabled $FORCE_CIPHERSUITE
- fi
+ # If the client or serve requires a ciphersuite, check that it's enabled.
+ maybe_requires_ciphersuite_enabled "$SRV_CMD" "$@"
+ maybe_requires_ciphersuite_enabled "$CLI_CMD" "$@"
# should we skip?
if [ "X$SKIP_NEXT" = "XYES" ]; then
diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
index c57fa07..a459eed 100644
--- a/tests/suites/host_test.function
+++ b/tests/suites/host_test.function
@@ -277,8 +277,13 @@
{
if ( verify_string( &val ) == 0 )
{
- *int_params_store = mbedtls_test_unhexify(
- (unsigned char *) val, val );
+ size_t len;
+
+ TEST_HELPER_ASSERT(
+ mbedtls_test_unhexify( (unsigned char *) val, strlen( val ),
+ val, &len ) == 0 );
+
+ *int_params_store = len;
*out++ = val;
*out++ = (char *)(int_params_store++);
}
diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function
index f7a9f04..8354b96 100644
--- a/tests/suites/target_test.function
+++ b/tests/suites/target_test.function
@@ -70,12 +70,16 @@
{
uint8_t byte;
uint8_t c[3];
- char *endptr;
+ size_t len;
+
c[0] = greentea_getc();
c[1] = greentea_getc();
c[2] = '\0';
- TEST_HELPER_ASSERT( mbedtls_test_unhexify( &byte, c ) != 2 );
+ TEST_HELPER_ASSERT( mbedtls_test_unhexify( &byte, sizeof( byte ),
+ c, &len ) == 0 );
+ TEST_HELPER_ASSERT( len != 2 );
+
return( byte );
}
@@ -90,6 +94,7 @@
uint32_t receive_uint32()
{
uint32_t value;
+ size_t len;
const uint8_t c_be[8] = { greentea_getc(),
greentea_getc(),
greentea_getc(),
@@ -101,7 +106,11 @@
};
const uint8_t c[9] = { c_be[6], c_be[7], c_be[4], c_be[5], c_be[2],
c_be[3], c_be[0], c_be[1], '\0' };
- TEST_HELPER_ASSERT( mbedtls_test_unhexify( (uint8_t*)&value, c ) != 8 );
+
+ TEST_HELPER_ASSERT( mbedtls_test_unhexify( (uint8_t*)&value, sizeof( value ),
+ c, &len ) == 0 );
+ TEST_HELPER_ASSERT( len != 8 );
+
return( value );
}
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index f1be3ce..1d453db 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -327,51 +327,39 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */
-void aes_encrypt_ofb( int fragment_size, char *hex_key_string,
- char *hex_iv_string, char *hex_src_string,
- char *hex_dst_string )
+void aes_encrypt_ofb( int fragment_size, data_t *key_str,
+ data_t *iv_str, data_t *src_str,
+ char *expected_output_string)
{
- unsigned char key_str[32];
- unsigned char iv_str[16];
- unsigned char src_str[64];
- unsigned char dst_str[64];
unsigned char output[32];
+ unsigned char output_string[65];
mbedtls_aes_context ctx;
size_t iv_offset = 0;
int in_buffer_len;
unsigned char* src_str_next;
- int key_len;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( iv_str, 0x00, sizeof( iv_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
- memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
+ memset( output_string, 0x00, sizeof( output_string ) );
mbedtls_aes_init( &ctx );
- TEST_ASSERT( strlen( hex_key_string ) <= ( 32 * 2 ) );
- TEST_ASSERT( strlen( hex_iv_string ) <= ( 16 * 2 ) );
- TEST_ASSERT( strlen( hex_src_string ) <= ( 64 * 2 ) );
- TEST_ASSERT( strlen( hex_dst_string ) <= ( 64 * 2 ) );
+ TEST_ASSERT( (size_t)fragment_size < sizeof( output ) );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- mbedtls_test_unhexify( iv_str, hex_iv_string );
- in_buffer_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ) == 0 );
- src_str_next = src_str;
+ TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x,
+ key_str->len * 8 ) == 0 );
+ in_buffer_len = src_str->len;
+ src_str_next = src_str->x;
while( in_buffer_len > 0 )
{
TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset,
- iv_str, src_str_next, output ) == 0 );
+ iv_str->x, src_str_next, output ) == 0 );
- mbedtls_test_hexify( dst_str, output, fragment_size );
- TEST_ASSERT( strncmp( (char *) dst_str, hex_dst_string,
+ mbedtls_test_hexify( output_string, output, fragment_size );
+ TEST_ASSERT( strncmp( (char *) output_string, expected_output_string,
( 2 * fragment_size ) ) == 0 );
in_buffer_len -= fragment_size;
- hex_dst_string += ( fragment_size * 2 );
+ expected_output_string += ( fragment_size * 2 );
src_str_next += fragment_size;
if( in_buffer_len < fragment_size )
diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function
index 89de82f..d08c39d 100644
--- a/tests/suites/test_suite_aria.function
+++ b/tests/suites/test_suite_aria.function
@@ -206,35 +206,28 @@
/* END_CASE */
/* BEGIN_CASE */
-void aria_encrypt_ecb( char *hex_key_string, char *hex_src_string,
+void aria_encrypt_ecb( data_t *key_str, data_t *src_str,
char *hex_dst_string, int setkey_result )
{
- unsigned char key_str[ARIA_MAX_KEY_STR];
- unsigned char src_str[ARIA_MAX_DATA_STR];
unsigned char dst_str[ARIA_MAX_DATA_STR];
unsigned char output[ARIA_MAX_DATASIZE];
mbedtls_aria_context ctx;
- int key_len, data_len, i;
+ size_t i;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aria_init( &ctx );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- data_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 )
+ TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 )
== setkey_result );
if( setkey_result == 0 )
{
- for( i = 0; i < data_len; i += MBEDTLS_ARIA_BLOCKSIZE )
+ for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE )
{
- TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str + i, output + i )
- == 0 );
+ TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i,
+ output + i ) == 0 );
}
- mbedtls_test_hexify( dst_str, output, data_len );
+ mbedtls_test_hexify( dst_str, output, src_str->len );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
@@ -245,35 +238,28 @@
/* END_CASE */
/* BEGIN_CASE */
-void aria_decrypt_ecb( char *hex_key_string, char *hex_src_string,
+void aria_decrypt_ecb( data_t *key_str, data_t *src_str,
char *hex_dst_string, int setkey_result )
{
- unsigned char key_str[ARIA_MAX_KEY_STR];
- unsigned char src_str[ARIA_MAX_DATA_STR];
unsigned char dst_str[ARIA_MAX_DATA_STR];
unsigned char output[ARIA_MAX_DATASIZE];
mbedtls_aria_context ctx;
- int key_len, data_len, i;
+ size_t i;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aria_init( &ctx );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- data_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str, key_len * 8 )
+ TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 )
== setkey_result );
if( setkey_result == 0 )
{
- for( i = 0; i < data_len; i += MBEDTLS_ARIA_BLOCKSIZE )
+ for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE )
{
- TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str + i, output + i )
- == 0 );
+ TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i,
+ output + i ) == 0 );
}
- mbedtls_test_hexify( dst_str, output, data_len );
+ mbedtls_test_hexify( dst_str, output, src_str->len );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
@@ -284,36 +270,25 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aria_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void aria_encrypt_cbc( data_t *key_str, data_t *iv_str,
+ data_t *src_str, char *hex_dst_string,
int cbc_result )
{
- unsigned char key_str[ARIA_MAX_KEY_STR];
- unsigned char iv_str[ARIA_BLOCK_STR];
- unsigned char src_str[ARIA_MAX_DATA_STR];
unsigned char dst_str[ARIA_MAX_DATA_STR];
unsigned char output[ARIA_MAX_DATASIZE];
mbedtls_aria_context ctx;
- int key_len, data_len;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( iv_str, 0x00, sizeof( iv_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aria_init( &ctx );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- mbedtls_test_unhexify( iv_str, hex_iv_string );
- data_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, data_len,
- iv_str, src_str, output )
- == cbc_result );
+ mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT,
+ src_str->len, iv_str->x, src_str->x,
+ output ) == cbc_result );
if( cbc_result == 0 )
{
- mbedtls_test_hexify( dst_str, output, data_len );
+ mbedtls_test_hexify( dst_str, output, src_str->len );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
@@ -324,36 +299,25 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aria_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void aria_decrypt_cbc( data_t *key_str, data_t *iv_str,
+ data_t *src_str, char *hex_dst_string,
int cbc_result )
{
- unsigned char key_str[ARIA_MAX_KEY_STR];
- unsigned char iv_str[ARIA_BLOCK_STR];
- unsigned char src_str[ARIA_MAX_DATA_STR];
unsigned char dst_str[ARIA_MAX_DATA_STR];
unsigned char output[ARIA_MAX_DATASIZE];
mbedtls_aria_context ctx;
- int key_len, data_len;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( iv_str, 0x00, sizeof( iv_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aria_init( &ctx );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- mbedtls_test_unhexify( iv_str, hex_iv_string );
- data_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- mbedtls_aria_setkey_dec( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, data_len,
- iv_str, src_str, output )
- == cbc_result );
+ mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT,
+ src_str->len, iv_str->x, src_str->x,
+ output ) == cbc_result );
if( cbc_result == 0 )
{
- mbedtls_test_hexify( dst_str, output, data_len );
+ mbedtls_test_hexify( dst_str, output, src_str->len );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
@@ -364,36 +328,25 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aria_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void aria_encrypt_cfb128( data_t *key_str, data_t *iv_str,
+ data_t *src_str, char *hex_dst_string,
int result )
{
- unsigned char key_str[ARIA_MAX_KEY_STR];
- unsigned char iv_str[ARIA_BLOCK_STR];
- unsigned char src_str[ARIA_MAX_DATA_STR];
unsigned char dst_str[ARIA_MAX_DATA_STR];
unsigned char output[ARIA_MAX_DATASIZE];
mbedtls_aria_context ctx;
size_t iv_offset = 0;
- int key_len, data_len;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( iv_str, 0x00, sizeof( iv_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aria_init( &ctx );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- mbedtls_test_unhexify( iv_str, hex_iv_string );
- data_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
+ mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT,
- data_len, &iv_offset, iv_str,
- src_str, output )
+ src_str->len, &iv_offset,
+ iv_str->x, src_str->x, output )
== result );
- mbedtls_test_hexify( dst_str, output, data_len );
+ mbedtls_test_hexify( dst_str, output, src_str->len );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
@@ -403,36 +356,25 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aria_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void aria_decrypt_cfb128( data_t *key_str, data_t *iv_str,
+ data_t *src_str, char *hex_dst_string,
int result )
{
- unsigned char key_str[ARIA_MAX_KEY_STR];
- unsigned char iv_str[ARIA_BLOCK_STR];
- unsigned char src_str[ARIA_MAX_DATA_STR];
unsigned char dst_str[ARIA_MAX_DATA_STR];
unsigned char output[ARIA_MAX_DATASIZE];
mbedtls_aria_context ctx;
size_t iv_offset = 0;
- int key_len, data_len;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( iv_str, 0x00, sizeof( iv_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aria_init( &ctx );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- mbedtls_test_unhexify( iv_str, hex_iv_string );
- data_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
+ mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT,
- data_len, &iv_offset, iv_str,
- src_str, output )
+ src_str->len, &iv_offset,
+ iv_str->x, src_str->x, output )
== result );
- mbedtls_test_hexify( dst_str, output, data_len );
+ mbedtls_test_hexify( dst_str, output, src_str->len );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
@@ -442,36 +384,25 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void aria_encrypt_ctr( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void aria_encrypt_ctr( data_t *key_str, data_t *iv_str,
+ data_t *src_str, char *hex_dst_string,
int result )
{
- unsigned char key_str[ARIA_MAX_KEY_STR];
- unsigned char iv_str[ARIA_BLOCK_STR];
- unsigned char src_str[ARIA_MAX_DATA_STR];
unsigned char dst_str[ARIA_MAX_DATA_STR];
unsigned char output[ARIA_MAX_DATASIZE];
unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
mbedtls_aria_context ctx;
size_t iv_offset = 0;
- int key_len, data_len;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( iv_str, 0x00, sizeof( iv_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aria_init( &ctx );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- mbedtls_test_unhexify( iv_str, hex_iv_string );
- data_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, data_len, &iv_offset, iv_str,
- blk, src_str, output )
+ mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset,
+ iv_str->x, blk, src_str->x, output )
== result );
- mbedtls_test_hexify( dst_str, output, data_len );
+ mbedtls_test_hexify( dst_str, output, src_str->len );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
@@ -481,36 +412,25 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void aria_decrypt_ctr( char *hex_key_string, char *hex_iv_string,
- char *hex_src_string, char *hex_dst_string,
+void aria_decrypt_ctr( data_t *key_str, data_t *iv_str,
+ data_t *src_str, char *hex_dst_string,
int result )
{
- unsigned char key_str[ARIA_MAX_KEY_STR];
- unsigned char iv_str[ARIA_BLOCK_STR];
- unsigned char src_str[ARIA_MAX_DATA_STR];
unsigned char dst_str[ARIA_MAX_DATA_STR];
unsigned char output[ARIA_MAX_DATASIZE];
unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
mbedtls_aria_context ctx;
size_t iv_offset = 0;
- int key_len, data_len;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( iv_str, 0x00, sizeof( iv_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aria_init( &ctx );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- mbedtls_test_unhexify( iv_str, hex_iv_string );
- data_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
- mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
- TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, data_len, &iv_offset, iv_str,
- blk, src_str, output )
+ mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+ TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset,
+ iv_str->x, blk, src_str->x, output )
== result );
- mbedtls_test_hexify( dst_str, output, data_len );
+ mbedtls_test_hexify( dst_str, output, src_str->len );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index 01e1a17..5724d8b 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -192,66 +192,51 @@
/* BEGIN_CASE */
void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
- char *key_hex, char *msg_hex,
- char *source_address_hex, char *frame_counter_hex,
- int sec_level, char *add_hex,
- char *result_hex, int output_ret )
+ data_t *key, data_t *msg,
+ data_t *source_address, data_t *frame_counter,
+ int sec_level, data_t *add,
+ data_t *expected_result, int output_ret )
{
- unsigned char key[32];
- unsigned char msg[50];
unsigned char iv[13];
- unsigned char add[32];
unsigned char result[50];
- unsigned char source_address[8];
- unsigned char frame_counter[4];
mbedtls_ccm_context ctx;
- size_t i, key_len, msg_len, iv_len, add_len, result_len, source_address_len, frame_counter_len, tag_len;
+ size_t i, iv_len, tag_len;
int ret;
mbedtls_ccm_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( msg, 0x00, sizeof( msg ) );
memset( iv, 0x00, sizeof( iv ) );
- memset( add, 0x00, sizeof( add ) );
memset( result, 0x00, sizeof( result ) );
- memset( source_address, 0x00, sizeof( source_address ) );
- memset( frame_counter, 0x00, sizeof( frame_counter ) );
-
- key_len = mbedtls_test_unhexify( key, key_hex );
- msg_len = mbedtls_test_unhexify( msg, msg_hex );
- add_len = mbedtls_test_unhexify( add, add_hex );
- result_len = mbedtls_test_unhexify( result, result_hex );
- source_address_len = mbedtls_test_unhexify( source_address,
- source_address_hex );
- frame_counter_len = mbedtls_test_unhexify( frame_counter,
- frame_counter_hex );
if( sec_level % 4 == 0)
tag_len = 0;
else
tag_len = 1 << ( sec_level % 4 + 1);
- for( i = 0; i < source_address_len; i++ )
- iv[i] = source_address[i];
+ for( i = 0; i < source_address->len; i++ )
+ iv[i] = source_address->x[i];
- for( i = 0; i < frame_counter_len; i++ )
- iv[source_address_len + i] = frame_counter[i];
+ for( i = 0; i < frame_counter->len; i++ )
+ iv[source_address->len + i] = frame_counter->x[i];
- iv[source_address_len + frame_counter_len] = sec_level;
+ iv[source_address->len + frame_counter->len] = sec_level;
iv_len = sizeof( iv );
- TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
+ TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id,
+ key->x, key->len * 8 ) == 0 );
- ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
- add, add_len, msg, msg, msg + msg_len, tag_len );
+ ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len,
+ add->x, add->len, msg->x,
+ result, result + msg->len, tag_len );
TEST_ASSERT( ret == output_ret );
- TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
+ TEST_ASSERT( memcmp( result,
+ expected_result->x, expected_result->len ) == 0 );
/* Check we didn't write past the end */
- TEST_ASSERT( msg[result_len] == 0 && msg[result_len + 1] == 0 );
+ TEST_ASSERT( result[expected_result->len] == 0 &&
+ result[expected_result->len + 1] == 0 );
exit:
mbedtls_ccm_free( &ctx );
@@ -260,71 +245,51 @@
/* BEGIN_CASE */
void mbedtls_ccm_star_auth_decrypt( int cipher_id,
- char *key_hex, char *msg_hex,
- char *source_address_hex, char *frame_counter_hex,
- int sec_level, char *add_hex,
- char *result_hex, int output_ret )
+ data_t *key, data_t *msg,
+ data_t *source_address, data_t *frame_counter,
+ int sec_level, data_t *add,
+ data_t *expected_result, int output_ret )
{
- unsigned char key[32];
- unsigned char msg[50];
unsigned char iv[13];
- unsigned char add[32];
- unsigned char tag[16];
unsigned char result[50];
- unsigned char source_address[8];
- unsigned char frame_counter[4];
mbedtls_ccm_context ctx;
- size_t i, key_len, msg_len, iv_len, add_len, tag_len, result_len, source_address_len, frame_counter_len;
+ size_t i, iv_len, tag_len;
int ret;
mbedtls_ccm_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( msg, 0x00, sizeof( msg ) );
memset( iv, 0x00, sizeof( iv ) );
- memset( add, 0x00, sizeof( add ) );
- memset( result, 0x00, sizeof( result ) );
- memset( source_address, 0x00, sizeof( source_address ) );
- memset( frame_counter, 0x00, sizeof( frame_counter ) );
- memset( tag, 0x00, sizeof( tag ) );
-
- key_len = mbedtls_test_unhexify( key, key_hex );
- msg_len = mbedtls_test_unhexify( msg, msg_hex );
- add_len = mbedtls_test_unhexify( add, add_hex );
- result_len = mbedtls_test_unhexify( result, result_hex );
- source_address_len = mbedtls_test_unhexify( source_address,
- source_address_hex );
- frame_counter_len = mbedtls_test_unhexify( frame_counter,
- frame_counter_hex );
+ memset( result, '+', sizeof( result ) );
if( sec_level % 4 == 0)
tag_len = 0;
else
tag_len = 1 << ( sec_level % 4 + 1);
- for( i = 0; i < source_address_len; i++ )
- iv[i] = source_address[i];
+ for( i = 0; i < source_address->len; i++ )
+ iv[i] = source_address->x[i];
- for( i = 0; i < frame_counter_len; i++ )
- iv[source_address_len + i] = frame_counter[i];
+ for( i = 0; i < frame_counter->len; i++ )
+ iv[source_address->len + i] = frame_counter->x[i];
- iv[source_address_len + frame_counter_len] = sec_level;
+ iv[source_address->len + frame_counter->len] = sec_level;
iv_len = sizeof( iv );
- msg_len -= tag_len;
- memcpy( tag, msg + msg_len, tag_len );
+ TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
- TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
-
- ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len,
- add, add_len, msg, msg, msg + msg_len, tag_len );
+ ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg->len - tag_len, iv, iv_len,
+ add->x, add->len, msg->x, result,
+ msg->x + msg->len - tag_len, tag_len );
TEST_ASSERT( ret == output_ret );
- TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
+ TEST_ASSERT( memcmp( result, expected_result->x,
+ expected_result->len ) == 0 );
/* Check we didn't write past the end (where the original tag is) */
- TEST_ASSERT( memcmp( msg + msg_len, tag, tag_len ) == 0 );
+ TEST_ASSERT( ( msg->len + 2 ) <= sizeof( result ) );
+ TEST_EQUAL( result[msg->len], '+' );
+ TEST_EQUAL( result[msg->len + 1], '+' );
exit:
mbedtls_ccm_free( &ctx );
diff --git a/tests/suites/test_suite_chacha20.function b/tests/suites/test_suite_chacha20.function
index 48ac975..afe2418 100644
--- a/tests/suites/test_suite_chacha20.function
+++ b/tests/suites/test_suite_chacha20.function
@@ -8,60 +8,55 @@
*/
/* BEGIN_CASE */
-void chacha20_crypt( char *hex_key_string,
- char *hex_nonce_string,
+void chacha20_crypt( data_t *key_str,
+ data_t *nonce_str,
int counter,
- char *hex_src_string,
- char *hex_dst_string )
+ data_t *src_str,
+ data_t *expected_output_str )
{
- unsigned char key_str[32]; /* size set by the standard */
- unsigned char nonce_str[12]; /* size set by the standard */
- unsigned char src_str[375]; /* max size of binary input */
- unsigned char dst_str[751]; /* hex expansion of the above */
- unsigned char output[751];
- size_t key_len;
- size_t nonce_len;
- size_t src_len;
- size_t dst_len;
+ unsigned char output[375];
mbedtls_chacha20_context ctx;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( nonce_str, 0x00, sizeof( nonce_str ) );
- memset( src_str, 0x00, sizeof( src_str ) );
- memset( dst_str, 0x00, sizeof( dst_str ) );
- memset( output, 0x00, sizeof( output ) );
+ /*
+ * Buffers to store the ASCII string representation of output and
+ * expected_output_str.
+ */
+ unsigned char output_string[751] = { '\0' };
+ unsigned char expected_output_string[751] = { '\0' };
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- nonce_len = mbedtls_test_unhexify( nonce_str, hex_nonce_string );
- src_len = mbedtls_test_unhexify( src_str, hex_src_string );
- dst_len = mbedtls_test_unhexify( dst_str, hex_dst_string );
+ memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( src_len == dst_len );
- TEST_ASSERT( key_len == 32U );
- TEST_ASSERT( nonce_len == 12U );
+ TEST_ASSERT( src_str->len == expected_output_str->len );
+ TEST_ASSERT( key_str->len == 32U );
+ TEST_ASSERT( nonce_str->len == 12U );
/*
* Test the integrated API
*/
- TEST_ASSERT( mbedtls_chacha20_crypt( key_str, nonce_str, counter, src_len, src_str, output ) == 0 );
+ TEST_ASSERT( mbedtls_chacha20_crypt( key_str->x, nonce_str->x, counter, src_str->len, src_str->x, output ) == 0 );
- mbedtls_test_hexify( dst_str, output, src_len );
- TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+ mbedtls_test_hexify( expected_output_string,
+ expected_output_str->x,
+ expected_output_str->len);
+ mbedtls_test_hexify( output_string, output, src_str->len );
+ TEST_ASSERT( strcmp( (char *)output_string,
+ (char *)expected_output_string ) == 0 );
/*
* Test the streaming API
*/
mbedtls_chacha20_init( &ctx );
- TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, key_str ) == 0 );
+ TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, key_str->x ) == 0 );
- TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str, counter ) == 0 );
+ TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_len, src_str, output ) == 0 );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len, src_str->x, output ) == 0 );
- mbedtls_test_hexify( dst_str, output, src_len );
- TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+ mbedtls_test_hexify( output_string, output, src_str->len );
+ TEST_ASSERT( strcmp( (char *)output_string,
+ (char *)expected_output_string ) == 0 );
/*
* Test the streaming API again, piecewise
@@ -69,14 +64,16 @@
/* Don't free/init the context nor set the key again,
* in order to test that starts() does the right thing. */
- TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str, counter ) == 0 );
+ TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str, output ) == 0 );
- TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_len - 1, src_str + 1, output + 1 ) == 0 );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str->x, output ) == 0 );
+ TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len - 1,
+ src_str->x + 1, output + 1 ) == 0 );
- mbedtls_test_hexify( dst_str, output, src_len );
- TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+ mbedtls_test_hexify( output_string, output, src_str->len );
+ TEST_ASSERT( strcmp( (char *)output_string,
+ (char *)expected_output_string ) == 0 );
mbedtls_chacha20_free( &ctx );
}
diff --git a/tests/suites/test_suite_chachapoly.function b/tests/suites/test_suite_chachapoly.function
index aeaf1d74..96128e4 100644
--- a/tests/suites/test_suite_chachapoly.function
+++ b/tests/suites/test_suite_chachapoly.function
@@ -8,53 +8,27 @@
*/
/* BEGIN_CASE */
-void mbedtls_chachapoly_enc( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string )
+void mbedtls_chachapoly_enc( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str )
{
- unsigned char key_str[32]; /* size set by the standard */
- unsigned char nonce_str[12]; /* size set by the standard */
- unsigned char aad_str[12]; /* max size of test data so far */
- unsigned char input_str[265]; /* max size of binary input/output so far */
- unsigned char output_str[265];
unsigned char output[265];
- unsigned char mac_str[16]; /* size set by the standard */
unsigned char mac[16]; /* size set by the standard */
- size_t input_len;
- size_t output_len;
- size_t aad_len;
- size_t key_len;
- size_t nonce_len;
- size_t mac_len;
mbedtls_chachapoly_context ctx;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( nonce_str, 0x00, sizeof( nonce_str ) );
- memset( aad_str, 0x00, sizeof( aad_str ) );
- memset( input_str, 0x00, sizeof( input_str ) );
- memset( output_str, 0x00, sizeof( output_str ) );
- memset( mac_str, 0x00, sizeof( mac_str ) );
-
- aad_len = mbedtls_test_unhexify( aad_str, hex_aad_string );
- input_len = mbedtls_test_unhexify( input_str, hex_input_string );
- output_len = mbedtls_test_unhexify( output_str, hex_output_string );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- nonce_len = mbedtls_test_unhexify( nonce_str, hex_nonce_string );
- mac_len = mbedtls_test_unhexify( mac_str, hex_mac_string );
-
- TEST_ASSERT( key_len == 32 );
- TEST_ASSERT( nonce_len == 12 );
- TEST_ASSERT( mac_len == 16 );
+ TEST_ASSERT( key_str->len == 32 );
+ TEST_ASSERT( nonce_str->len == 12 );
+ TEST_ASSERT( mac_str->len == 16 );
mbedtls_chachapoly_init( &ctx );
- TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str ) == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
- input_len, nonce_str,
- aad_str, aad_len,
- input_str, output, mac ) == 0 );
+ input_str->len, nonce_str->x,
+ aad_str->x, aad_str->len,
+ input_str->x, output, mac ) == 0 );
- TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
- TEST_ASSERT( memcmp( mac_str, mac, 16U ) == 0 );
+ TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
+ TEST_ASSERT( memcmp( mac_str->x, mac, 16U ) == 0 );
exit:
mbedtls_chachapoly_free( &ctx );
@@ -62,55 +36,29 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_chachapoly_dec( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string, int ret_exp )
+void mbedtls_chachapoly_dec( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str, int ret_exp )
{
- unsigned char key_str[32]; /* size set by the standard */
- unsigned char nonce_str[12]; /* size set by the standard */
- unsigned char aad_str[12]; /* max size of test data so far */
- unsigned char input_str[265]; /* max size of binary input/output so far */
- unsigned char output_str[265];
unsigned char output[265];
- unsigned char mac_str[16]; /* size set by the standard */
- size_t input_len;
- size_t output_len;
- size_t aad_len;
- size_t key_len;
- size_t nonce_len;
- size_t mac_len;
int ret;
mbedtls_chachapoly_context ctx;
- memset( key_str, 0x00, sizeof( key_str ) );
- memset( nonce_str, 0x00, sizeof( nonce_str ) );
- memset( aad_str, 0x00, sizeof( aad_str ) );
- memset( input_str, 0x00, sizeof( input_str ) );
- memset( output_str, 0x00, sizeof( output_str ) );
- memset( mac_str, 0x00, sizeof( mac_str ) );
-
- aad_len = mbedtls_test_unhexify( aad_str, hex_aad_string );
- input_len = mbedtls_test_unhexify( input_str, hex_input_string );
- output_len = mbedtls_test_unhexify( output_str, hex_output_string );
- key_len = mbedtls_test_unhexify( key_str, hex_key_string );
- nonce_len = mbedtls_test_unhexify( nonce_str, hex_nonce_string );
- mac_len = mbedtls_test_unhexify( mac_str, hex_mac_string );
-
- TEST_ASSERT( key_len == 32 );
- TEST_ASSERT( nonce_len == 12 );
- TEST_ASSERT( mac_len == 16 );
+ TEST_ASSERT( key_str->len == 32 );
+ TEST_ASSERT( nonce_str->len == 12 );
+ TEST_ASSERT( mac_str->len == 16 );
mbedtls_chachapoly_init( &ctx );
- TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str ) == 0 );
+ TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
ret = mbedtls_chachapoly_auth_decrypt( &ctx,
- input_len, nonce_str,
- aad_str, aad_len,
- mac_str, input_str, output );
+ input_str->len, nonce_str->x,
+ aad_str->x, aad_str->len,
+ mac_str->x, input_str->x, output );
TEST_ASSERT( ret == ret_exp );
if( ret_exp == 0 )
{
- TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
+ TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
}
exit:
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 8b2956f..ea1e9ad 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -1125,26 +1125,17 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
-void test_vec_crypt( int cipher_id, int operation, char *hex_key,
- char *hex_iv, char *hex_input, char *hex_result,
+void test_vec_crypt( int cipher_id, int operation, data_t *key,
+ data_t *iv, data_t *input, data_t *result,
int finish_result, int use_psa )
{
- unsigned char key[50];
- unsigned char input[16];
- unsigned char result[16];
- unsigned char iv[16];
- size_t key_len, iv_len, inputlen, resultlen;
mbedtls_cipher_context_t ctx;
unsigned char output[32];
size_t outlen;
mbedtls_cipher_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( input, 0x00, sizeof( input ) );
- memset( result, 0x00, sizeof( result ) );
memset( output, 0x00, sizeof( output ) );
- memset( iv, 0x00, sizeof( iv ) );
/* Prepare context */
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -1161,23 +1152,17 @@
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
mbedtls_cipher_info_from_type( cipher_id ) ) );
- key_len = mbedtls_test_unhexify( key, hex_key );
- inputlen = mbedtls_test_unhexify( input, hex_input );
- resultlen = mbedtls_test_unhexify( result, hex_result );
-
- TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, operation ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode )
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) );
- iv_len = mbedtls_test_unhexify( iv, hex_iv );
-
- TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv_len ? iv : NULL,
- iv_len, input, inputlen,
+ TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv->len ? iv->x : NULL,
+ iv->len, input->x, input->len,
output, &outlen ) );
- TEST_ASSERT( resultlen == outlen );
+ TEST_ASSERT( result->len == outlen );
/* check plaintext only if everything went fine */
if( 0 == finish_result )
- TEST_ASSERT( 0 == memcmp( output, result, outlen ) );
+ TEST_ASSERT( 0 == memcmp( output, result->x, outlen ) );
exit:
mbedtls_cipher_free( &ctx );
diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data
index 8d728bd..a4cebd2 100644
--- a/tests/suites/test_suite_cipher.gcm.data
+++ b/tests/suites/test_suite_cipher.gcm.data
@@ -3,7 +3,7 @@
dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM:0:0
AES GCM Decrypt empty buffer
-depends_on:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_GCM_C
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
dec_empty_buf:MBEDTLS_CIPHER_AES_128_GCM:0:0
Aria GCM Decrypt empty buffer
diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function
index 0caf091..3ab96fa 100644
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@@ -346,7 +346,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
-void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
+void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z,
int enable, int max_ops, int min_restart, int max_restart )
{
int ret;
@@ -354,10 +354,6 @@
unsigned char buf[1000];
const unsigned char *vbuf;
size_t len;
- unsigned char z[MBEDTLS_ECP_MAX_BYTES];
- size_t z_len;
- unsigned char rnd_buf_A[MBEDTLS_ECP_MAX_BYTES];
- unsigned char rnd_buf_B[MBEDTLS_ECP_MAX_BYTES];
mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
int cnt_restart;
mbedtls_ecp_group grp;
@@ -366,13 +362,11 @@
mbedtls_ecdh_init( &srv );
mbedtls_ecdh_init( &cli );
- z_len = mbedtls_test_unhexify( z, z_str );
+ rnd_info_A.buf = dA->x;
+ rnd_info_A.length = dA->len;
- rnd_info_A.buf = rnd_buf_A;
- rnd_info_A.length = mbedtls_test_unhexify( rnd_buf_A, dA_str );
-
- rnd_info_B.buf = rnd_buf_B;
- rnd_info_B.length = mbedtls_test_unhexify( rnd_buf_B, dB_str );
+ rnd_info_B.buf = dB->x;
+ rnd_info_B.length = dB->len;
/* The ECDH context is not guaranteed ot have an mbedtls_ecp_group structure
* in every configuration, therefore we load it separately. */
@@ -444,8 +438,8 @@
TEST_ASSERT( cnt_restart >= min_restart );
TEST_ASSERT( cnt_restart <= max_restart );
- TEST_ASSERT( len == z_len );
- TEST_ASSERT( memcmp( buf, z, len ) == 0 );
+ TEST_ASSERT( len == z->len );
+ TEST_ASSERT( memcmp( buf, z->x, len ) == 0 );
/* client computes shared secret */
memset( buf, 0, sizeof( buf ) );
@@ -461,8 +455,8 @@
TEST_ASSERT( cnt_restart >= min_restart );
TEST_ASSERT( cnt_restart <= max_restart );
- TEST_ASSERT( len == z_len );
- TEST_ASSERT( memcmp( buf, z, len ) == 0 );
+ TEST_ASSERT( len == z->len );
+ TEST_ASSERT( memcmp( buf, z->x, len ) == 0 );
exit:
mbedtls_ecp_group_free( &grp );
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index 76f72e2..e6da884 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -411,33 +411,26 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
-void ecdsa_read_restart( int id, char *k_str, char *h_str, char *s_str,
+void ecdsa_read_restart( int id, data_t *pk, data_t *hash, data_t *sig,
int max_ops, int min_restart, int max_restart )
{
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_restart_ctx rs_ctx;
- unsigned char hash[64];
- unsigned char sig[200];
- unsigned char pk[65];
- size_t sig_len, hash_len, pk_len;
int ret, cnt_restart;
mbedtls_ecdsa_init( &ctx );
mbedtls_ecdsa_restart_init( &rs_ctx );
- hash_len = mbedtls_test_unhexify(hash, h_str);
- sig_len = mbedtls_test_unhexify(sig, s_str);
- pk_len = mbedtls_test_unhexify(pk, k_str);
-
TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
- TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q, pk, pk_len ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q,
+ pk->x, pk->len ) == 0 );
mbedtls_ecp_set_max_ops( max_ops );
cnt_restart = 0;
do {
ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
- hash, hash_len, sig, sig_len, &rs_ctx );
+ hash->x, hash->len, sig->x, sig->len, &rs_ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
@@ -445,29 +438,31 @@
TEST_ASSERT( cnt_restart <= max_restart );
/* try modifying r */
- sig[10]++;
+
+ TEST_ASSERT( sig->len > 10 );
+ sig->x[10]++;
do {
ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
- hash, hash_len, sig, sig_len, &rs_ctx );
+ hash->x, hash->len, sig->x, sig->len, &rs_ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
- sig[10]--;
+ sig->x[10]--;
/* try modifying s */
- sig[sig_len - 1]++;
+ sig->x[sig->len - 1]++;
do {
ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
- hash, hash_len, sig, sig_len, &rs_ctx );
+ hash->x, hash->len, sig->x, sig->len, &rs_ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
- sig[sig_len - 1]--;
+ sig->x[sig->len - 1]--;
/* Do we leak memory when aborting an operation?
* This test only makes sense when we actually restart */
if( min_restart > 0 )
{
ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
- hash, hash_len, sig, sig_len, &rs_ctx );
+ hash->x, hash->len, sig->x, sig->len, &rs_ctx );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
}
@@ -479,7 +474,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_DETERMINISTIC */
void ecdsa_write_restart( int id, char *d_str, int md_alg,
- char *msg, char *sig_str,
+ char *msg, data_t *sig_check,
int max_ops, int min_restart, int max_restart )
{
int ret, cnt_restart;
@@ -487,19 +482,16 @@
mbedtls_ecdsa_context ctx;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
- unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
- size_t hlen, slen, slen_check;
+ size_t hlen, slen;
const mbedtls_md_info_t *md_info;
mbedtls_ecdsa_restart_init( &rs_ctx );
mbedtls_ecdsa_init( &ctx );
memset( hash, 0, sizeof( hash ) );
memset( sig, 0, sizeof( sig ) );
- memset( sig_check, 0, sizeof( sig_check ) );
TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.d, 16, d_str ) == 0 );
- slen_check = mbedtls_test_unhexify( sig_check, sig_str );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
@@ -519,8 +511,8 @@
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
- TEST_ASSERT( slen == slen_check );
- TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
+ TEST_ASSERT( slen == sig_check->len );
+ TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 );
TEST_ASSERT( cnt_restart >= min_restart );
TEST_ASSERT( cnt_restart <= max_restart );
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index b84868c..408a9b7 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -278,65 +278,69 @@
ECP read key #1 (short weierstrass, too small)
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0
ECP read key #2 (short weierstrass, smallest)
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"01":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"01":0:1
ECP read key #3 (short weierstrass, biggest)
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0:1
ECP read key #4 (short weierstrass, too big)
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY:0
ECP read key #5 (Curve25519, most significant bit set)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"000000000000000000000000000000000000000000000000000000000000000C":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000C0":0:0
ECP read key #6 (Curve25519, second most significant bit unset)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3F":0:0
ECP read key #7 (Curve25519, msb OK)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0000000000000000000000000000000000000000000000000000000000000004":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0000000000000000000000000000000000000000000000000000000000000040":0:1
ECP read key #8 (Curve25519, bit 0 set)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"1000000000000000000000000000000000000000000000000000000000000000":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0100000000000000000000000000000000000000000000000000000000000040":0:0
ECP read key #9 (Curve25519, bit 1 set)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"2000000000000000000000000000000000000000000000000000000000000004":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0200000000000000000000000000000000000000000000000000000000000040":0:0
ECP read key #10 (Curve25519, bit 2 set)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000004":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0400000000000000000000000000000000000000000000000000000000000040":0:0
ECP read key #11 (Curve25519, OK)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":0
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":0:1
ECP read key #12 (Curve25519, too long)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000000C":MBEDTLS_ERR_ECP_INVALID_KEY
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000000C":MBEDTLS_ERR_ECP_INVALID_KEY:0
ECP read key #13 (Curve25519, not long enough)
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3":MBEDTLS_ERR_ECP_INVALID_KEY
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3F":MBEDTLS_ERR_ECP_INVALID_KEY:0
ECP read key #14 (Curve448, not supported)
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
ECP read key #15 (Curve25519, not supported)
depends_on:!MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
ECP read key #15 (invalid curve)
-mbedtls_ecp_read_key:INT_MAX:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
+mbedtls_ecp_read_key:INT_MAX:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
+
+ECP read key #16 (Curve25519 RFC, OK)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":0:1
ECP mod p192 small (more than 192 bits, less limbs than 2 * 192 bits)
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 07b3eea..4ee75a6 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -1100,12 +1100,14 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected )
+void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected, int canonical )
{
int ret = 0;
mbedtls_ecp_keypair key;
+ mbedtls_ecp_keypair key2;
mbedtls_ecp_keypair_init( &key );
+ mbedtls_ecp_keypair_init( &key2 );
ret = mbedtls_ecp_read_key( grp_id, &key, in_key->x, in_key->len );
TEST_ASSERT( ret == expected );
@@ -1114,10 +1116,39 @@
{
ret = mbedtls_ecp_check_privkey( &key.grp, &key.d );
TEST_ASSERT( ret == 0 );
+
+ if( canonical )
+ {
+ unsigned char buf[MBEDTLS_ECP_MAX_BYTES];
+
+ ret = mbedtls_ecp_write_key( &key, buf, in_key->len );
+ TEST_ASSERT( ret == 0 );
+
+ ASSERT_COMPARE( in_key->x, in_key->len,
+ buf, in_key->len );
+ }
+ else
+ {
+ unsigned char export1[MBEDTLS_ECP_MAX_BYTES];
+ unsigned char export2[MBEDTLS_ECP_MAX_BYTES];
+
+ ret = mbedtls_ecp_write_key( &key, export1, in_key->len );
+ TEST_ASSERT( ret == 0 );
+
+ ret = mbedtls_ecp_read_key( grp_id, &key2, export1, in_key->len );
+ TEST_ASSERT( ret == expected );
+
+ ret = mbedtls_ecp_write_key( &key2, export2, in_key->len );
+ TEST_ASSERT( ret == 0 );
+
+ ASSERT_COMPARE( export1, in_key->len,
+ export2, in_key->len );
+ }
}
exit:
mbedtls_ecp_keypair_free( &key );
+ mbedtls_ecp_keypair_free( &key2 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function
index 47e8ee6..967df36 100644
--- a/tests/suites/test_suite_hkdf.function
+++ b/tests/suites/test_suite_hkdf.function
@@ -9,40 +9,36 @@
*/
/* BEGIN_CASE */
-void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string,
- char *hex_info_string, char *hex_okm_string )
+void test_hkdf( int md_alg, data_t *ikm, data_t *salt, data_t *info,
+ data_t *expected_okm )
{
int ret;
- size_t ikm_len, salt_len, info_len, okm_len;
- unsigned char ikm[128] = { '\0' };
- unsigned char salt[128] = { '\0' };
- unsigned char info[128] = { '\0' };
- unsigned char expected_okm[128] = { '\0' };
unsigned char okm[128] = { '\0' };
/*
- * okm_hex is the string representation of okm,
- * so its size is twice the size of okm, and an extra null-termination.
+ * okm_string and expected_okm_string are the ASCII string representations
+ * of km and expected_okm, so their size should be twice the size of
+ * okm and expected_okm, and an extra null-termination.
*/
- unsigned char okm_hex[257] = { '\0' };
+ unsigned char okm_string[257] = { '\0' };
+ unsigned char expected_okm_string[257] = { '\0' };
const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != NULL );
- ikm_len = mbedtls_test_unhexify( ikm, hex_ikm_string );
- salt_len = mbedtls_test_unhexify( salt, hex_salt_string );
- info_len = mbedtls_test_unhexify( info, hex_info_string );
- okm_len = mbedtls_test_unhexify( expected_okm, hex_okm_string );
+ TEST_ASSERT( expected_okm->len <= sizeof( okm ) );
- ret = mbedtls_hkdf( md, salt, salt_len, ikm, ikm_len, info, info_len, okm,
- okm_len);
+ ret = mbedtls_hkdf( md, salt->x, salt->len, ikm->x, ikm->len,
+ info->x, info->len, okm, expected_okm->len );
TEST_ASSERT( ret == 0 );
/*
- * Run mbedtls_test_hexify on it so that it looks nicer if the assertion
- * fails.
+ * Run mbedtls_test_hexify on okm and expected_okm so that it looks nicer
+ * if the assertion fails.
*/
- mbedtls_test_hexify( okm_hex, okm, okm_len );
- TEST_ASSERT( !strcmp( (char *)okm_hex, hex_okm_string ) );
+ mbedtls_test_hexify( okm_string, okm, expected_okm->len );
+ mbedtls_test_hexify( expected_okm_string,
+ expected_okm->x, expected_okm->len );
+ TEST_ASSERT( !strcmp( (char *)okm_string, (char *)expected_okm_string ) );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_nist_kw.function b/tests/suites/test_suite_nist_kw.function
index 827c690..6a81052 100644
--- a/tests/suites/test_suite_nist_kw.function
+++ b/tests/suites/test_suite_nist_kw.function
@@ -242,42 +242,31 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_nist_kw_wrap( int cipher_id, int mode,
- char *key_hex, char *msg_hex,
- char *result_hex )
+void mbedtls_nist_kw_wrap( int cipher_id, int mode, data_t *key, data_t *msg,
+ data_t *expected_result )
{
- unsigned char key[32];
- unsigned char msg[512];
unsigned char result[528];
- unsigned char expected_result[528];
mbedtls_nist_kw_context ctx;
- size_t key_len, msg_len, output_len, result_len, i, padlen;
+ size_t result_len, i, padlen;
mbedtls_nist_kw_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( msg, 0x00, sizeof( msg ) );
memset( result, '+', sizeof( result ) );
- key_len = mbedtls_test_unhexify( key, key_hex );
- msg_len = mbedtls_test_unhexify( msg, msg_hex );
- result_len = mbedtls_test_unhexify( expected_result, result_hex );
- output_len = sizeof( result );
-
- TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_len * 8, 1 )
- == 0 );
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id,
+ key->x, key->len * 8, 1 ) == 0 );
/* Test with input == output */
- TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg, msg_len,
- result, &output_len, sizeof( result ) ) == 0 );
+ TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg->x, msg->len,
+ result, &result_len, sizeof( result ) ) == 0 );
- TEST_ASSERT( output_len == result_len );
+ TEST_ASSERT( result_len == expected_result->len );
- TEST_ASSERT( memcmp( expected_result, result, result_len ) == 0 );
+ TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 );
- padlen = ( msg_len % 8 != 0 ) ? 8 - (msg_len % 8 ) : 0;
+ padlen = ( msg->len % 8 != 0 ) ? 8 - (msg->len % 8 ) : 0;
/* Check that the function didn't write beyond the end of the buffer. */
- for( i = msg_len + 8 + padlen; i < sizeof( result ); i++ )
+ for( i = msg->len + 8 + padlen; i < sizeof( result ); i++ )
{
TEST_ASSERT( result[i] == '+' );
}
@@ -288,47 +277,35 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_nist_kw_unwrap( int cipher_id, int mode,
- char *key_hex, char *msg_hex,
- char *result_hex, int expected_ret )
+void mbedtls_nist_kw_unwrap( int cipher_id, int mode, data_t *key, data_t *msg,
+ data_t *expected_result, int expected_ret )
{
- unsigned char key[32];
- unsigned char msg[528];
unsigned char result[528];
- unsigned char expected_result[528];
mbedtls_nist_kw_context ctx;
- size_t key_len, msg_len, output_len, result_len, i;
+ size_t result_len, i;
mbedtls_nist_kw_init( &ctx );
- memset( key, 0x00, sizeof( key ) );
- memset( msg, 0x00, sizeof( msg ) );
memset( result, '+', sizeof( result ) );
- memset( expected_result, 0x00, sizeof( expected_result ) );
- key_len = mbedtls_test_unhexify( key, key_hex );
- msg_len = mbedtls_test_unhexify( msg, msg_hex );
- result_len = mbedtls_test_unhexify( expected_result, result_hex );
- output_len = sizeof( result );
-
- TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_len * 8, 0 )
- == 0 );
+ TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id,
+ key->x, key->len * 8, 0 ) == 0 );
/* Test with input == output */
- TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg, msg_len,
- result, &output_len, sizeof( result ) ) == expected_ret );
+ TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg->x, msg->len,
+ result, &result_len, sizeof( result ) ) == expected_ret );
if( expected_ret == 0 )
{
- TEST_ASSERT( output_len == result_len );
- TEST_ASSERT( memcmp( expected_result, result, result_len ) == 0 );
+ TEST_ASSERT( result_len == expected_result->len );
+ TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 );
}
else
{
- TEST_ASSERT( output_len == 0 );
+ TEST_ASSERT( result_len == 0 );
}
/* Check that the function didn't write beyond the end of the buffer. */
- for( i = msg_len - 8; i < sizeof( result ); i++ )
+ for( i = msg->len - 8; i < sizeof( result ); i++ )
{
TEST_ASSERT( result[i] == '+' );
}
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index f441896..9ebdc7e 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -273,37 +273,37 @@
PSA wrapped sign: SECP256R1
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_CURVE_SECP_R1:256
+pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_FAMILY_SECP_R1:256
PSA wrapped sign: SECP384R1
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_CURVE_SECP_R1:384
+pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_FAMILY_SECP_R1:384
PSA wrapped sign: SECP521R1
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_CURVE_SECP_R1:521
+pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_FAMILY_SECP_R1:521
PSA wrapped sign: SECP192K1
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_CURVE_SECP_K1:192
+pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_FAMILY_SECP_K1:192
## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336
# PSA wrapped sign: SECP224K1
# depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
-# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_CURVE_SECP_K1:224
+# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_FAMILY_SECP_K1:224
PSA wrapped sign: SECP256K1
depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_CURVE_SECP_K1:256
+pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_FAMILY_SECP_K1:256
PSA wrapped sign: BP256R1
depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_CURVE_BRAINPOOL_P_R1:256
+pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:256
PSA wrapped sign: BP384R1
depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_CURVE_BRAINPOOL_P_R1:384
+pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:384
PSA wrapped sign: BP512R1
depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_CURVE_BRAINPOOL_P_R1:512
+pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:512
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index dbc52e5..43b4914 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -109,7 +109,7 @@
psa_key_handle_t key;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const psa_key_type_t type =
- PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 );
+ PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 );
const size_t bits = 256;
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
@@ -788,7 +788,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
char *QX_str, char *QY_str,
- int md_alg, char *msg, char *sig_str,
+ int md_alg, char *msg, data_t *sig_check,
int max_ops, int min_restart, int max_restart )
{
int ret, cnt_restart;
@@ -796,8 +796,7 @@
mbedtls_pk_context prv, pub;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
- unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
- size_t hlen, slen, slen_check;
+ size_t hlen, slen;
const mbedtls_md_info_t *md_info;
mbedtls_pk_restart_init( &rs_ctx );
@@ -805,7 +804,6 @@
mbedtls_pk_init( &pub );
memset( hash, 0, sizeof( hash ) );
memset( sig, 0, sizeof( sig ) );
- memset( sig_check, 0, sizeof( sig_check ) );
TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
@@ -815,8 +813,6 @@
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 );
- slen_check = mbedtls_test_unhexify( sig_check, sig_str );
-
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
@@ -835,8 +831,8 @@
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
- TEST_ASSERT( slen == slen_check );
- TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
+ TEST_ASSERT( slen == sig_check->len );
+ TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 );
TEST_ASSERT( cnt_restart >= min_restart );
TEST_ASSERT( cnt_restart <= max_restart );
diff --git a/tests/suites/test_suite_poly1305.function b/tests/suites/test_suite_poly1305.function
index eadb992..44617d9 100644
--- a/tests/suites/test_suite_poly1305.function
+++ b/tests/suites/test_suite_poly1305.function
@@ -9,27 +9,20 @@
*/
/* BEGIN_CASE */
-void mbedtls_poly1305( char *hex_key_string, char *hex_mac_string, char *hex_src_string )
+void mbedtls_poly1305( data_t *key, char *hex_mac_string, data_t *src_str )
{
- unsigned char src_str[375]; /* max size of binary input */
- unsigned char key[32]; /* size set by the standard */
unsigned char mac[16]; /* size set by the standard */
unsigned char mac_str[33]; /* hex expansion of the above */
- size_t src_len;
mbedtls_poly1305_context ctx;
- memset( src_str, 0x00, sizeof( src_str ) );
memset( mac_str, 0x00, sizeof( mac_str ) );
- memset( key, 0x00, sizeof( key ) );
memset( mac, 0x00, sizeof( mac ) );
- src_len = mbedtls_test_unhexify( src_str, hex_src_string );
- mbedtls_test_unhexify( key, hex_key_string );
-
/*
* Test the integrated API
*/
- TEST_ASSERT( mbedtls_poly1305_mac( key, src_str, src_len, mac ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_mac( key->x, src_str->x,
+ src_str->len, mac ) == 0 );
mbedtls_test_hexify( mac_str, mac, 16 );
TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
@@ -39,9 +32,9 @@
*/
mbedtls_poly1305_init( &ctx );
- TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
- TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, src_len ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, src_str->len ) == 0 );
TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
@@ -54,12 +47,12 @@
/* Don't free/init the context, in order to test that starts() does the
* right thing. */
- if( src_len >= 1 )
+ if( src_str->len >= 1 )
{
- TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
- TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, 1 ) == 0 );
- TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 1, src_len - 1 ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, src_str->len - 1 ) == 0 );
TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
@@ -70,13 +63,13 @@
/*
* Again with more pieces
*/
- if( src_len >= 2 )
+ if( src_str->len >= 2 )
{
- TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
- TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, 1 ) == 0 );
- TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 1, 1 ) == 0 );
- TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 2, src_len - 2 ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 2, src_str->len - 2 ) == 0 );
TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 48bdbed..d982f81 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -166,59 +166,75 @@
PSA import/export EC secp224r1 key pair: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1
+import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1
PSA import/export-public EC secp224r1: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
+import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
PSA import/export EC secp256r1 key pair: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
PSA import/export-public EC secp256r1: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
PSA import/export EC secp384r1 key pair: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
+import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
PSA import/export-public EC secp384r1: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
PSA import/export EC secp521r1 key pair: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
+import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
PSA import/export-public EC secp521r1: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
PSA import/export EC brainpool256r1 key pair: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
PSA import/export-public EC brainpool256r1: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
PSA import/export EC brainpool384r1 key pair: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
-import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
+import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
PSA import/export-public EC brainpool384r1: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
-import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
PSA import/export EC brainpool512r1 key pair: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1
+import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1
PSA import/export-public EC brainpool512r1: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA import/export EC curve25519 key pair: good (already properly masked)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1
+
+PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:0
+
+PSA import/export-public EC curve25519: accept unmasked input
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+PSA import/export-public EC curve25519: accept masked input
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
PSA import/export-public: cannot export-public a symmetric key
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
@@ -226,15 +242,19 @@
PSA import/export EC secp256r1 public key: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
PSA import/export EC secp521r1 public key: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
+import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
PSA import/export EC brainpoolP256r1 public key: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+
+PSA import/export curve25519 public key: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1
PSA import/export AES key: policy forbids export
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
@@ -276,39 +296,39 @@
PSA import EC keypair: DER format
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: too short
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: public key
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: secp256r1, all-bits-zero (bad)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: secp256r1, d == n - 1 (good)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_SUCCESS
+import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_SUCCESS
PSA import EC keypair: secp256r1, d == n (bad)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: secp256r1, d > n (bad)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC public key: key pair
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: valid key but RSA
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
-import_with_data:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):0:PSA_ERROR_INVALID_ARGUMENT
+import_with_data:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import AES: bits=0 ok
depends_on:MBEDTLS_AES_C
@@ -352,11 +372,11 @@
PSA key policy: ECC SECP256R1, sign
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY
PSA key policy: ECC SECP256R1, sign+verify
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
Key attributes initializers zero properly
key_attributes_init:
@@ -483,7 +503,7 @@
PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32
PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256
depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
@@ -539,47 +559,47 @@
PSA key policy: agreement + KDF, permitted
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
PSA key policy: agreement + KDF, not permitted
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
+agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
PSA key policy: agreement + KDF, wrong agreement algorithm
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
PSA key policy: agreement + KDF, wrong KDF algorithm
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224))
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224))
PSA key policy: agreement + KDF, key only permits raw agreement
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
PSA key policy: raw agreement, permitted
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH
+raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH
PSA key policy: raw agreement, not permitted
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH
+raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH
PSA key policy: raw agreement, wrong algorithm
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH
+raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH
PSA key policy: raw agreement, key only permits a KDF
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
+raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
PSA key policy algorithm2: CTR, CBC
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC_NOPAD
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
PSA key policy algorithm2: ECDH, ECDSA
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C
-key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY
Copy key: raw, 1 byte
copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0
@@ -650,23 +670,23 @@
Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
Copy key: source=ECDSA+ECDH, target=ECDSA+0
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0
Copy key: source=ECDSA+ECDH, target=0+ECDH
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH
Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
Copy fail: raw data, no COPY flag
copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_NOT_PERMITTED
@@ -703,11 +723,11 @@
Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
Hash operation object initializers zero properly
hash_operation_init:
@@ -1598,15 +1618,15 @@
PSA import/exercise: ECP SECP256R1 keypair, ECDSA
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_ALG_ECDSA_ANY
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA_ANY
PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
PSA import/exercise: ECP SECP256R1 keypair, ECDH
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_ALG_ECDH
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDH
PSA import/exercise: HKDF SHA-256
depends_on:MBEDTLS_SHA256_C
@@ -1626,15 +1646,15 @@
PSA sign: deterministic ECDSA SECP256R1 SHA-256
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
PSA sign: deterministic ECDSA SECP256R1 SHA-384
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca"
+sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca"
PSA sign: deterministic ECDSA SECP384R1 SHA-256
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f"
+sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f"
PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
@@ -1656,7 +1676,7 @@
PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
PSA sign: RSA PKCS#1 v1.5 SHA-256, empty output buffer
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
@@ -1664,15 +1684,15 @@
PSA sign: deterministic ECDSA SECP256R1 SHA-256, empty output buffer
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL
PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
PSA sign: invalid key type, signing with a public key
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
@@ -1680,7 +1700,7 @@
PSA sign: invalid algorithm for ECC key
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
PSA sign/verify: RSA PKCS#1 v1.5, raw
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
@@ -1704,27 +1724,27 @@
PSA sign/verify: randomized ECDSA SECP256R1 SHA-256
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
PSA sign/verify: randomized ECDSA SECP256R1 SHA-384
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
+sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
PSA sign/verify: deterministic ECDSA SECP256R1 SHA-384
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
+sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
PSA sign/verify: randomized ECDSA SECP384R1 SHA-256
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
PSA sign/verify: deterministic ECDSA SECP384R1 SHA-256
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
@@ -1772,39 +1792,39 @@
PSA verify: ECDSA SECP256R1, good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
PSA verify with keypair: ECDSA SECP256R1, good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+asymmetric_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
PSA verify: ECDSA SECP256R1, wrong signature of correct size
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
PSA verify: ECDSA SECP256R1, wrong signature (empty)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE
PSA verify: ECDSA SECP256R1, wrong signature (truncated)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE
PSA verify: ECDSA SECP256R1, wrong signature (trailing junk)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE
PSA verify: ECDSA SECP256R1, wrong signature (leading junk)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
PSA verify: invalid algorithm for ECC key
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
PSA encrypt: RSA PKCS#1 v1.5, good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -2391,79 +2411,83 @@
PSA key agreement setup: ECDH + HKDF-SHA-256: good
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
+
+PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ff":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: ECDH, unknown KDF
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
PSA key agreement setup: bad key agreement algorithm
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: KDF instead of a key agreement algorithm
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
PSA raw key agreement: ECDH SECP256R1 (RFC 5903)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
PSA raw key agreement: ECDH SECP384R1 (RFC 5903)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746"
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746"
PSA raw key agreement: ECDH SECP521R1 (RFC 5903)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea"
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea"
PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b"
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b"
PSA raw key agreement: ECDH brainpoolP384r1 (RFC 7027)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42"
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42"
PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027)
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f"
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160
+key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41"
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992"
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992"
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":""
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":""
PSA generate random: 0 bytes
generate_random:0
@@ -2590,13 +2614,13 @@
PSA generate key: ECC, SECP256R1, good
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS
PSA generate key: ECC, SECP256R1, incorrect bit size
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
# INVALID_ARGUMENT would make more sense, but our code as currently structured
# doesn't fully relate the curve with its size.
-generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED
PSA generate key: RSA, default e
generate_key_rsa:512:"":PSA_SUCCESS
@@ -2650,7 +2674,7 @@
PSA generate persistent key: ECC, SECP256R1, exportable
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY
PSA derive persistent key: HKDF SHA-256, exportable
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index ae4045c..f4b9a8f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -961,14 +961,23 @@
#if defined(MBEDTLS_ECP_C)
if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
{
- /* The representation of an ECC public key is:
- * - The byte 0x04;
- * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
- * - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
- * - where m is the bit size associated with the curve.
- */
- TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end );
- TEST_EQUAL( p[0], 4 );
+ if( PSA_KEY_TYPE_ECC_GET_FAMILY( type ) == PSA_ECC_FAMILY_MONTGOMERY )
+ {
+ /* The representation of an ECC Montgomery public key is
+ * the raw compressed point */
+ TEST_EQUAL( p + PSA_BITS_TO_BYTES( bits ), end );
+ }
+ else
+ {
+ /* The representation of an ECC Weierstrass public key is:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - where m is the bit size associated with the curve.
+ */
+ TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end );
+ TEST_EQUAL( p[0], 4 );
+ }
}
else
#endif /* MBEDTLS_ECP_C */
@@ -1259,42 +1268,54 @@
TEST_EQUAL( PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH );
TEST_EQUAL( PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE );
- TEST_EQUAL( PSA_ECC_CURVE_SECP160K1, PSA_ECC_CURVE_SECP_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP192K1, PSA_ECC_CURVE_SECP_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP224K1, PSA_ECC_CURVE_SECP_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP256K1, PSA_ECC_CURVE_SECP_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP160R1, PSA_ECC_CURVE_SECP_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP192R1, PSA_ECC_CURVE_SECP_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP224R1, PSA_ECC_CURVE_SECP_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP256R1, PSA_ECC_CURVE_SECP_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP384R1, PSA_ECC_CURVE_SECP_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP521R1, PSA_ECC_CURVE_SECP_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECP160R2, PSA_ECC_CURVE_SECP_R2 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT163K1, PSA_ECC_CURVE_SECT_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT233K1, PSA_ECC_CURVE_SECT_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT239K1, PSA_ECC_CURVE_SECT_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT283K1, PSA_ECC_CURVE_SECT_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT409K1, PSA_ECC_CURVE_SECT_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT571K1, PSA_ECC_CURVE_SECT_K1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT163R1, PSA_ECC_CURVE_SECT_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT193R1, PSA_ECC_CURVE_SECT_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT233R1, PSA_ECC_CURVE_SECT_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT283R1, PSA_ECC_CURVE_SECT_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT409R1, PSA_ECC_CURVE_SECT_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT571R1, PSA_ECC_CURVE_SECT_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT163R2, PSA_ECC_CURVE_SECT_R2 );
- TEST_EQUAL( PSA_ECC_CURVE_SECT193R2, PSA_ECC_CURVE_SECT_R2 );
- TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_CURVE_BRAINPOOL_P_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_CURVE_BRAINPOOL_P_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_CURVE_BRAINPOOL_P_R1 );
- TEST_EQUAL( PSA_ECC_CURVE_CURVE25519, PSA_ECC_CURVE_MONTGOMERY );
- TEST_EQUAL( PSA_ECC_CURVE_CURVE448, PSA_ECC_CURVE_MONTGOMERY );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP160K1, PSA_ECC_FAMILY_SECP_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP192K1, PSA_ECC_FAMILY_SECP_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP224K1, PSA_ECC_FAMILY_SECP_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP256K1, PSA_ECC_FAMILY_SECP_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP160R1, PSA_ECC_FAMILY_SECP_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP192R1, PSA_ECC_FAMILY_SECP_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP224R1, PSA_ECC_FAMILY_SECP_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP256R1, PSA_ECC_FAMILY_SECP_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP384R1, PSA_ECC_FAMILY_SECP_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP521R1, PSA_ECC_FAMILY_SECP_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP160R2, PSA_ECC_FAMILY_SECP_R2 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT163K1, PSA_ECC_FAMILY_SECT_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT233K1, PSA_ECC_FAMILY_SECT_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT239K1, PSA_ECC_FAMILY_SECT_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT283K1, PSA_ECC_FAMILY_SECT_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT409K1, PSA_ECC_FAMILY_SECT_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT571K1, PSA_ECC_FAMILY_SECT_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT163R1, PSA_ECC_FAMILY_SECT_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT193R1, PSA_ECC_FAMILY_SECT_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT233R1, PSA_ECC_FAMILY_SECT_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT283R1, PSA_ECC_FAMILY_SECT_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT409R1, PSA_ECC_FAMILY_SECT_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT571R1, PSA_ECC_FAMILY_SECT_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT163R2, PSA_ECC_FAMILY_SECT_R2 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT193R2, PSA_ECC_FAMILY_SECT_R2 );
+ TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY );
+ TEST_EQUAL( PSA_ECC_CURVE_CURVE448, PSA_ECC_FAMILY_MONTGOMERY );
- TEST_EQUAL( PSA_DH_GROUP_FFDHE2048, PSA_DH_GROUP_RFC7919 );
- TEST_EQUAL( PSA_DH_GROUP_FFDHE3072, PSA_DH_GROUP_RFC7919 );
- TEST_EQUAL( PSA_DH_GROUP_FFDHE4096, PSA_DH_GROUP_RFC7919 );
- TEST_EQUAL( PSA_DH_GROUP_FFDHE6144, PSA_DH_GROUP_RFC7919 );
- TEST_EQUAL( PSA_DH_GROUP_FFDHE8192, PSA_DH_GROUP_RFC7919 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP_K1, PSA_ECC_FAMILY_SECP_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP_R1, PSA_ECC_FAMILY_SECP_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECP_R2, PSA_ECC_FAMILY_SECP_R2 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT_K1, PSA_ECC_FAMILY_SECT_K1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT_R1, PSA_ECC_FAMILY_SECT_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_SECT_R2, PSA_ECC_FAMILY_SECT_R2 );
+ TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P_R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
+ TEST_EQUAL( PSA_ECC_CURVE_MONTGOMERY, PSA_ECC_FAMILY_MONTGOMERY );
+
+ TEST_EQUAL( PSA_DH_GROUP_FFDHE2048, PSA_DH_FAMILY_RFC7919 );
+ TEST_EQUAL( PSA_DH_GROUP_FFDHE3072, PSA_DH_FAMILY_RFC7919 );
+ TEST_EQUAL( PSA_DH_GROUP_FFDHE4096, PSA_DH_FAMILY_RFC7919 );
+ TEST_EQUAL( PSA_DH_GROUP_FFDHE6144, PSA_DH_FAMILY_RFC7919 );
+ TEST_EQUAL( PSA_DH_GROUP_FFDHE8192, PSA_DH_FAMILY_RFC7919 );
+
+ TEST_EQUAL( PSA_DH_GROUP_RFC7919, PSA_DH_FAMILY_RFC7919 );
+ TEST_EQUAL( PSA_DH_GROUP_CUSTOM, PSA_DH_FAMILY_CUSTOM );
#endif
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index b771e58..f2b16e4 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -34,30 +34,6 @@
depends_on:MBEDTLS_SHA512_C
hash_algorithm:PSA_ALG_SHA_512:64
-Hash: SHA-2 SHA-512/224
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
-hash_algorithm:PSA_ALG_SHA_512_224:28
-
-Hash: SHA-2 SHA-512/256
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
-hash_algorithm:PSA_ALG_SHA_512_256:32
-
-Hash: SHA-3 SHA3-224
-depends_on:MBEDTLS_SHA3_C
-hash_algorithm:PSA_ALG_SHA3_224:28
-
-Hash: SHA-3 SHA3-256
-depends_on:MBEDTLS_SHA3_C
-hash_algorithm:PSA_ALG_SHA3_256:32
-
-Hash: SHA-3 SHA3-384
-depends_on:MBEDTLS_SHA3_C
-hash_algorithm:PSA_ALG_SHA3_384:48
-
-Hash: SHA-3 SHA3-512
-depends_on:MBEDTLS_SHA3_C
-hash_algorithm:PSA_ALG_SHA3_512:64
-
MAC: HMAC-MD2
depends_on:MBEDTLS_MD2_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
@@ -94,30 +70,6 @@
depends_on:MBEDTLS_SHA512_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
-MAC: HMAC-SHA-512/224
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):28:128
-
-MAC: HMAC-SHA-512/256
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):32:128
-
-MAC: HMAC-SHA3-224
-depends_on:MBEDTLS_SHA3_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):28:144
-
-MAC: HMAC-SHA3-256
-depends_on:MBEDTLS_SHA3_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):32:136
-
-MAC: HMAC-SHA3-384
-depends_on:MBEDTLS_SHA3_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):48:104
-
-MAC: HMAC-SHA3-512
-depends_on:MBEDTLS_SHA3_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):64:72
-
MAC: CBC_MAC-AES-128
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
@@ -155,7 +107,7 @@
cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER
Cipher: ChaCha20
-depends_on:MBEDTLS_CHACHA_C
+depends_on:MBEDTLS_CHACHA20_C
cipher_algorithm:PSA_ALG_CHACHA20:ALG_IS_STREAM_CIPHER
Cipher: CTR
@@ -206,14 +158,6 @@
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_HASH_AND_SIGN
-Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256
-depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C
-asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA | ALG_IS_HASH_AND_SIGN
-
-Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 [#1]
-depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC
-asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
-
Asymmetric signature: randomized ECDSA (no hashing)
depends_on:MBEDTLS_ECDSA_C
asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
@@ -222,7 +166,7 @@
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
-Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 [#2]
+Asymmetric signature: SHA-256 + deterministic ECDSA using SHA-256
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
@@ -234,19 +178,11 @@
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
asymmetric_signature_wildcard:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PSS
-Asymmetric signature: randomized DSA with wildcard hash
-depends_on:MBEDTLS_DSA_C
-asymmetric_signature_wildcard:PSA_ALG_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA
-
-Asymmetric signature: deterministic DSA with wildcard hash [#1]
-depends_on:MBEDTLS_DSA_C:MBEDTLS_DSA_DETERMINISTIC
-asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC
-
Asymmetric signature: randomized ECDSA with wildcard hash
depends_on:MBEDTLS_ECDSA_C
asymmetric_signature_wildcard:PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
-Asymmetric signature: deterministic DSA with wildcard hash [#2]
+Asymmetric signature: deterministic ECDSA with wildcard hash
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC
asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
@@ -343,37 +279,29 @@
depends_on:MBEDTLS_RSA_C
key_type:PSA_KEY_TYPE_RSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_RSA
-Key type: DSA public key
-depends_on:MBEDTLS_DSA_C
-key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA
-
-Key type: DSA key pair
-depends_on:MBEDTLS_DSA_C
-key_type:PSA_KEY_TYPE_DSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_DSA
-
ECC key family: SECP K1
-ecc_key_family:PSA_ECC_CURVE_SECP_K1
+ecc_key_family:PSA_ECC_FAMILY_SECP_K1
ECC key family: SECP R1
-ecc_key_family:PSA_ECC_CURVE_SECP_R1
+ecc_key_family:PSA_ECC_FAMILY_SECP_R1
ECC key family: SECP R2
-ecc_key_family:PSA_ECC_CURVE_SECP_R2
+ecc_key_family:PSA_ECC_FAMILY_SECP_R2
ECC key family: SECT K1
-ecc_key_family:PSA_ECC_CURVE_SECT_K1
+ecc_key_family:PSA_ECC_FAMILY_SECT_K1
ECC key family: SECT R1
-ecc_key_family:PSA_ECC_CURVE_SECT_R1
+ecc_key_family:PSA_ECC_FAMILY_SECT_R1
ECC key family: SECT R2
-ecc_key_family:PSA_ECC_CURVE_SECT_R2
+ecc_key_family:PSA_ECC_FAMILY_SECT_R2
ECC key family: Brainpool P R1
-ecc_key_family:PSA_ECC_CURVE_BRAINPOOL_P_R1
+ecc_key_family:PSA_ECC_FAMILY_BRAINPOOL_P_R1
ECC key family: Montgomery (Curve25519, Curve448)
-ecc_key_family:PSA_ECC_CURVE_MONTGOMERY
+ecc_key_family:PSA_ECC_FAMILY_MONTGOMERY
DH group family: RFC 7919
-dh_key_family:PSA_DH_GROUP_RFC7919
+dh_key_family:PSA_DH_FAMILY_RFC7919
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index ed41f3b..1ba8466 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -493,7 +493,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
void ecc_key_family( int curve_arg )
{
- psa_ecc_curve_t curve = curve_arg;
+ psa_ecc_family_t curve = curve_arg;
psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve );
@@ -502,15 +502,15 @@
test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY );
test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR );
- TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( public_type ), curve );
- TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( pair_type ), curve );
+ TEST_EQUAL( PSA_KEY_TYPE_ECC_GET_FAMILY( public_type ), curve );
+ TEST_EQUAL( PSA_KEY_TYPE_ECC_GET_FAMILY( pair_type ), curve );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_DHM_C */
void dh_key_family( int group_arg )
{
- psa_dh_group_t group = group_arg;
+ psa_dh_family_t group = group_arg;
psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group );
psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR( group );
@@ -519,7 +519,7 @@
test_key_type( public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY );
test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR );
- TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( public_type ), group );
- TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( pair_type ), group );
+ TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( public_type ), group );
+ TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
index 55c3426..32e2ecb 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
@@ -24,17 +24,29 @@
Register SE driver: maximum number of drivers
register_max:
-SE key import-export (p_allocate allows all slots)
-key_creation_import_export:0:0
+SE key import-export persistent (p_allocate allows all slots)
+key_creation_import_export:TEST_SE_PERSISTENT_LIFETIME:0:0
-SE key import-export (p_allocate allows 1 slot)
-key_creation_import_export:ARRAY_LENGTH( ram_slots ) - 1:0
+SE key import-export persistent (p_allocate allows 1 slot)
+key_creation_import_export:TEST_SE_PERSISTENT_LIFETIME:ARRAY_LENGTH( ram_slots ) - 1:0
-SE key import-export, check after restart (slot 0)
-key_creation_import_export:0:1
+SE key import-export persistent, check after restart (slot 0)
+key_creation_import_export:TEST_SE_PERSISTENT_LIFETIME:0:1
-SE key import-export, check after restart (slot 3)
-key_creation_import_export:3:1
+SE key import-export persistent, check after restart (slot 3)
+key_creation_import_export:TEST_SE_PERSISTENT_LIFETIME:3:1
+
+SE key import-export volatile (p_allocate allows all slots)
+key_creation_import_export:TEST_SE_VOLATILE_LIFETIME:0:0
+
+SE key import-export volatile (p_allocate allows 1 slot)
+key_creation_import_export:TEST_SE_VOLATILE_LIFETIME:ARRAY_LENGTH( ram_slots ) - 1:0
+
+SE key import-export volatile, check after restart (slot 0)
+key_creation_import_export:TEST_SE_VOLATILE_LIFETIME:0:1
+
+SE key import-export volatile, check after restart (slot 3)
+key_creation_import_export:TEST_SE_VOLATILE_LIFETIME:3:1
Key creation in a specific slot (0)
key_creation_in_chosen_slot:0:0:PSA_SUCCESS
@@ -97,13 +109,13 @@
import_key_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
Key import smoke test: ECDSA secp256r1
-import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
Key import smoke test: ECDH secp256r1
-import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDH:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDH:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
Key import smoke test: ECDH secp256r1 with HKDF
-import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
Generate key: not supported
generate_key_not_supported:PSA_KEY_TYPE_AES:128
@@ -118,43 +130,49 @@
generate_key_smoke:PSA_KEY_TYPE_HMAC:256:PSA_ALG_HMAC( PSA_ALG_SHA_256 )
Key registration: smoke test
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:PSA_SUCCESS
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:1:PSA_SUCCESS
-Key registration: invalid lifetime (volatile)
-register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
+Key registration: invalid lifetime (volatile internal storage)
+register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:1:PSA_ERROR_INVALID_ARGUMENT
Key registration: invalid lifetime (internal storage)
-register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_INVALID_ARGUMENT
+register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:1:PSA_ERROR_INVALID_ARGUMENT
Key registration: invalid lifetime (no registered driver)
-register_key_smoke_test:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION + 1 ):1:PSA_ERROR_INVALID_ARGUMENT
+register_key_smoke_test:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION + 1 ):1:1:PSA_ERROR_INVALID_ARGUMENT
Key registration: rejected
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:0:PSA_ERROR_NOT_PERMITTED
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:0:PSA_ERROR_NOT_PERMITTED
Key registration: not supported
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:-1:PSA_ERROR_NOT_SUPPORTED
+
+Key registration: key id out of range
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_ARGUMENT
+
+Key registration: key id in vendor range
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:PSA_KEY_ID_VENDOR_MAX:1:PSA_SUCCESS
Import-sign-verify: sign in driver, ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
+sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Import-sign-verify: sign in driver then export_public, ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
+sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Import-sign-verify: sign in software, ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
+sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Generate-sign-verify: sign in driver, ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
+sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Generate-sign-verify: sign in driver then export_public, ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
+sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
Generate-sign-verify: sign in software, ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
+sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index 9f44b88..c9ce866 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -27,6 +27,10 @@
( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \
PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) )
+#define TEST_SE_VOLATILE_LIFETIME \
+ ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \
+ PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ) )
+
/** The driver detected a condition that shouldn't happen.
* This is probably a bug in the library. */
#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t)( -500 ))
@@ -93,15 +97,15 @@
/****************************************************************/
/* Return the exact bit size given a curve family and a byte length. */
-static size_t ecc_curve_bits( psa_ecc_curve_t curve, size_t data_length )
+static size_t ecc_curve_bits( psa_ecc_family_t curve, size_t data_length )
{
switch( curve )
{
- case PSA_ECC_CURVE_SECP_R1:
+ case PSA_ECC_FAMILY_SECP_R1:
if( data_length == PSA_BYTES_TO_BITS( 521 ) )
return( 521 );
break;
- case PSA_ECC_CURVE_MONTGOMERY:
+ case PSA_ECC_FAMILY_MONTGOMERY:
if( data_length == PSA_BYTES_TO_BITS( 255 ) )
return( 255 );
}
@@ -323,7 +327,7 @@
*bits = PSA_BYTES_TO_BITS( data_length );
else if ( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
{
- *bits = ecc_curve_bits( PSA_KEY_TYPE_GET_CURVE( type ), data_length );
+ *bits = ecc_curve_bits( PSA_KEY_TYPE_ECC_GET_FAMILY( type ), data_length );
if( *bits == 0 )
return( PSA_ERROR_DETECTED_BY_DRIVER );
}
@@ -609,6 +613,20 @@
return( ok );
}
+/* Check that no persistent data exists for the given location. */
+static int check_no_persistent_data( psa_key_location_t location )
+{
+ psa_storage_uid_t uid = file_uid_for_location( location );
+ struct psa_storage_info_t info;
+ int ok = 0;
+
+ TEST_EQUAL( psa_its_get_info( uid, &info ), PSA_ERROR_DOES_NOT_EXIST );
+ ok = 1;
+
+exit:
+ return( ok );
+}
+
/* Check that a function's return status is "smoke-free", i.e. that
* it's an acceptable error code when calling an API function that operates
* on a key with potentially bogus parameters. */
@@ -829,11 +847,11 @@
/* END_CASE */
/* BEGIN_CASE */
-void key_creation_import_export( int min_slot, int restart )
+void key_creation_import_export( int lifetime_arg, int min_slot, int restart )
{
psa_drv_se_t driver;
psa_drv_se_key_management_t key_management;
- psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+ psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
psa_key_id_t id = 1;
psa_key_handle_t handle = 0;
@@ -864,10 +882,25 @@
PSA_ASSERT( psa_import_key( &attributes,
key_material, sizeof( key_material ),
&handle ) );
- if( ! check_persistent_data( location,
- &ram_shadow_slot_usage,
- sizeof( ram_shadow_slot_usage ) ) )
- goto exit;
+
+
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ /* For volatile keys, check no persistent data was created */
+ if( ! check_no_persistent_data( location ) )
+ goto exit;
+ }
+ else
+ {
+ /* For persistent keys, check persistent data */
+ if( ! check_persistent_data( location,
+ &ram_shadow_slot_usage,
+ sizeof( ram_shadow_slot_usage ) ) )
+ goto exit;
+ }
+
+ /* Test that the key was created in the expected slot. */
+ TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA );
/* Maybe restart, to check that the information is saved correctly. */
if( restart )
@@ -875,15 +908,37 @@
mbedtls_psa_crypto_free( );
PSA_ASSERT( psa_register_se_driver( location, &driver ) );
PSA_ASSERT( psa_crypto_init( ) );
- if( ! check_persistent_data( location,
- &ram_shadow_slot_usage,
- sizeof( ram_shadow_slot_usage ) ) )
- goto exit;
- PSA_ASSERT( psa_open_key( id, &handle ) );
+
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ /* Check that the PSA core has no knowledge of the volatile key */
+ TEST_ASSERT( psa_open_key( id, &handle ) == PSA_ERROR_DOES_NOT_EXIST );
+
+ /* Drop data from our mockup driver */
+ ram_slots_reset();
+ ram_min_slot = min_slot;
+
+ /* Re-import key */
+ PSA_ASSERT( psa_import_key( &attributes,
+ key_material, sizeof( key_material ),
+ &handle ) );
+ }
+ else
+ {
+
+ /* Check we can re-open the persistent key */
+ if( ! check_persistent_data( location,
+ &ram_shadow_slot_usage,
+ sizeof( ram_shadow_slot_usage ) ) )
+ goto exit;
+
+ /* Check that the PSA core still knows about the key */
+ PSA_ASSERT( psa_open_key( id, &handle ) );
+ }
}
/* Test that the key was created in the expected slot. */
- TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA );
+ TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA );
/* Test the key attributes, including the reported slot number. */
psa_set_key_bits( &attributes,
@@ -909,7 +964,7 @@
PSA_ERROR_DOES_NOT_EXIST );
/* Test that the key has been erased from the designated slot. */
- TEST_ASSERT( ram_slots[min_slot].type == 0 );
+ TEST_EQUAL( ram_slots[min_slot].type, 0 );
exit:
PSA_DONE( );
@@ -1263,7 +1318,7 @@
* generate material, store the desired result of generation in
* the mock secure element storage. */
PSA_ASSERT( psa_get_key_attributes( drv_handle, &drv_attributes ) );
- TEST_ASSERT( key_material->len == PSA_BITS_TO_BYTES( bits ) );
+ TEST_EQUAL( key_material->len, PSA_BITS_TO_BYTES( bits ) );
memcpy( ram_slots[ram_min_slot].content, key_material->x,
key_material->len );
}
@@ -1355,6 +1410,7 @@
/* BEGIN_CASE */
void register_key_smoke_test( int lifetime_arg,
+ int id_arg,
int validate,
int expected_status_arg )
{
@@ -1364,7 +1420,7 @@
psa_drv_se_t driver;
psa_drv_se_key_management_t key_management;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_id_t id = 1;
+ psa_key_id_t id = id_arg;
size_t bit_size = 48;
psa_key_slot_number_t wanted_slot = 0x123456789;
psa_key_handle_t handle = 0;
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index e01ba85..84caef9 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -39,27 +39,27 @@
Persistent slot: ECP keypair (ECDSA, exportable), close
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
Persistent slot: ECP keypair (ECDSA, exportable), close+restart
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
Persistent slot: ECP keypair (ECDSA, exportable), restart
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
Attempt to overwrite: close before
create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE
diff --git a/visualc/VS2010/aescrypt2.vcxproj b/visualc/VS2010/aescrypt2.vcxproj
index 3ae59dc..0707e12 100644
--- a/visualc/VS2010/aescrypt2.vcxproj
+++ b/visualc/VS2010/aescrypt2.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/benchmark.vcxproj b/visualc/VS2010/benchmark.vcxproj
index 2836f14..0be32fc 100644
--- a/visualc/VS2010/benchmark.vcxproj
+++ b/visualc/VS2010/benchmark.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/cert_app.vcxproj b/visualc/VS2010/cert_app.vcxproj
index 84ec4b7..3fbcb52 100644
--- a/visualc/VS2010/cert_app.vcxproj
+++ b/visualc/VS2010/cert_app.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/cert_req.vcxproj b/visualc/VS2010/cert_req.vcxproj
index c45125c..41fdf31 100644
--- a/visualc/VS2010/cert_req.vcxproj
+++ b/visualc/VS2010/cert_req.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/cert_write.vcxproj b/visualc/VS2010/cert_write.vcxproj
index 982e412..f1f93ea 100644
--- a/visualc/VS2010/cert_write.vcxproj
+++ b/visualc/VS2010/cert_write.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/crl_app.vcxproj b/visualc/VS2010/crl_app.vcxproj
index 5a7c854..4b8b216 100644
--- a/visualc/VS2010/crl_app.vcxproj
+++ b/visualc/VS2010/crl_app.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/crypt_and_hash.vcxproj b/visualc/VS2010/crypt_and_hash.vcxproj
index 0c95587..885935b 100644
--- a/visualc/VS2010/crypt_and_hash.vcxproj
+++ b/visualc/VS2010/crypt_and_hash.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj
index 65826bd..3899f0e 100644
--- a/visualc/VS2010/crypto_examples.vcxproj
+++ b/visualc/VS2010/crypto_examples.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dh_client.vcxproj b/visualc/VS2010/dh_client.vcxproj
index c778e8a..043ab1a 100644
--- a/visualc/VS2010/dh_client.vcxproj
+++ b/visualc/VS2010/dh_client.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dh_genprime.vcxproj b/visualc/VS2010/dh_genprime.vcxproj
index 3b4fead..f0366cb 100644
--- a/visualc/VS2010/dh_genprime.vcxproj
+++ b/visualc/VS2010/dh_genprime.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dh_server.vcxproj b/visualc/VS2010/dh_server.vcxproj
index bf930de..5a986bc 100644
--- a/visualc/VS2010/dh_server.vcxproj
+++ b/visualc/VS2010/dh_server.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dtls_client.vcxproj b/visualc/VS2010/dtls_client.vcxproj
index 5bd7a8a..3fd6545 100644
--- a/visualc/VS2010/dtls_client.vcxproj
+++ b/visualc/VS2010/dtls_client.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dtls_server.vcxproj b/visualc/VS2010/dtls_server.vcxproj
index ce0c6da..b10ec4d 100644
--- a/visualc/VS2010/dtls_server.vcxproj
+++ b/visualc/VS2010/dtls_server.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ecdh_curve25519.vcxproj b/visualc/VS2010/ecdh_curve25519.vcxproj
index 32eda34..578e43b 100644
--- a/visualc/VS2010/ecdh_curve25519.vcxproj
+++ b/visualc/VS2010/ecdh_curve25519.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ecdsa.vcxproj b/visualc/VS2010/ecdsa.vcxproj
index 49d54c6..f7ad2e9 100644
--- a/visualc/VS2010/ecdsa.vcxproj
+++ b/visualc/VS2010/ecdsa.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/gen_entropy.vcxproj b/visualc/VS2010/gen_entropy.vcxproj
index 61942c9..b7e45f9 100644
--- a/visualc/VS2010/gen_entropy.vcxproj
+++ b/visualc/VS2010/gen_entropy.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/gen_key.vcxproj b/visualc/VS2010/gen_key.vcxproj
index e6ce33e..fa02614 100644
--- a/visualc/VS2010/gen_key.vcxproj
+++ b/visualc/VS2010/gen_key.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/gen_random_ctr_drbg.vcxproj b/visualc/VS2010/gen_random_ctr_drbg.vcxproj
index b7a7823..a385841 100644
--- a/visualc/VS2010/gen_random_ctr_drbg.vcxproj
+++ b/visualc/VS2010/gen_random_ctr_drbg.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/gen_random_havege.vcxproj b/visualc/VS2010/gen_random_havege.vcxproj
index 3c5eb67..d4c008a 100644
--- a/visualc/VS2010/gen_random_havege.vcxproj
+++ b/visualc/VS2010/gen_random_havege.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/generic_sum.vcxproj b/visualc/VS2010/generic_sum.vcxproj
index b049916..faad775 100644
--- a/visualc/VS2010/generic_sum.vcxproj
+++ b/visualc/VS2010/generic_sum.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/hello.vcxproj b/visualc/VS2010/hello.vcxproj
index ecdabf1..6a81d91 100644
--- a/visualc/VS2010/hello.vcxproj
+++ b/visualc/VS2010/hello.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/key_app.vcxproj b/visualc/VS2010/key_app.vcxproj
index aca1a03..bba5841 100644
--- a/visualc/VS2010/key_app.vcxproj
+++ b/visualc/VS2010/key_app.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/key_app_writer.vcxproj b/visualc/VS2010/key_app_writer.vcxproj
index 64f2e27..0d70137 100644
--- a/visualc/VS2010/key_app_writer.vcxproj
+++ b/visualc/VS2010/key_app_writer.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj
index a3b6b4a..8584aee 100644
--- a/visualc/VS2010/key_ladder_demo.vcxproj
+++ b/visualc/VS2010/key_ladder_demo.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 11c7e38..4422b7a 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -84,7 +84,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
<CompileAs>CompileAsC</CompileAs>
</ClCompile>
<Link>
@@ -98,7 +98,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
<CompileAs>CompileAsC</CompileAs>
</ClCompile>
<Link>
@@ -114,7 +114,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
@@ -232,6 +232,11 @@
<ClInclude Include="..\..\include\psa\crypto_struct.h" />
<ClInclude Include="..\..\include\psa\crypto_types.h" />
<ClInclude Include="..\..\include\psa\crypto_values.h" />
+ <ClInclude Include="..\..\tests\include\test\helpers.h" />
+ <ClInclude Include="..\..\tests\include\test\macros.h" />
+ <ClInclude Include="..\..\tests\include\test\psa_crypto_helpers.h" />
+ <ClInclude Include="..\..\tests\include\test\psa_helpers.h" />
+ <ClInclude Include="..\..\tests\include\test\random.h" />
<ClInclude Include="..\..\library\common.h" />
<ClInclude Include="..\..\library\psa_crypto_core.h" />
<ClInclude Include="..\..\library\psa_crypto_invasive.h" />
@@ -330,6 +335,8 @@
<ClCompile Include="..\..\library\x509write_crt.c" />
<ClCompile Include="..\..\library\x509write_csr.c" />
<ClCompile Include="..\..\library\xtea.c" />
+ <ClCompile Include="..\..\tests\src\helpers.c" />
+ <ClCompile Include="..\..\tests\src\random.c" />
<ClCompile Include="..\..\3rdparty\everest\library\everest.c" />
<ClCompile Include="..\..\3rdparty\everest\library\Hacl_Curve25519_joined.c" />
<ClCompile Include="..\..\3rdparty\everest\library\x25519.c" />
diff --git a/visualc/VS2010/mini_client.vcxproj b/visualc/VS2010/mini_client.vcxproj
index 50f4b22..e4ee166 100644
--- a/visualc/VS2010/mini_client.vcxproj
+++ b/visualc/VS2010/mini_client.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/mpi_demo.vcxproj b/visualc/VS2010/mpi_demo.vcxproj
index 2fe56c5..b0fee89 100644
--- a/visualc/VS2010/mpi_demo.vcxproj
+++ b/visualc/VS2010/mpi_demo.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pem2der.vcxproj b/visualc/VS2010/pem2der.vcxproj
index 4c854a6..84c2e8c 100644
--- a/visualc/VS2010/pem2der.vcxproj
+++ b/visualc/VS2010/pem2der.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pk_decrypt.vcxproj b/visualc/VS2010/pk_decrypt.vcxproj
index 360f2c3..da3e8d8 100644
--- a/visualc/VS2010/pk_decrypt.vcxproj
+++ b/visualc/VS2010/pk_decrypt.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pk_encrypt.vcxproj b/visualc/VS2010/pk_encrypt.vcxproj
index 20d663a..829e072 100644
--- a/visualc/VS2010/pk_encrypt.vcxproj
+++ b/visualc/VS2010/pk_encrypt.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pk_sign.vcxproj b/visualc/VS2010/pk_sign.vcxproj
index ad33afa..d93d114 100644
--- a/visualc/VS2010/pk_sign.vcxproj
+++ b/visualc/VS2010/pk_sign.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pk_verify.vcxproj b/visualc/VS2010/pk_verify.vcxproj
index 8856dc2..5933b92 100644
--- a/visualc/VS2010/pk_verify.vcxproj
+++ b/visualc/VS2010/pk_verify.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj
index 418c8fb..d35dd19 100644
--- a/visualc/VS2010/psa_constant_names.vcxproj
+++ b/visualc/VS2010/psa_constant_names.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj
index de793db..d0e0a6d 100644
--- a/visualc/VS2010/query_compile_time_config.vcxproj
+++ b/visualc/VS2010/query_compile_time_config.vcxproj
@@ -94,7 +94,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -112,7 +112,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -132,7 +132,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -151,7 +151,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/req_app.vcxproj b/visualc/VS2010/req_app.vcxproj
index 9259871..900e415 100644
--- a/visualc/VS2010/req_app.vcxproj
+++ b/visualc/VS2010/req_app.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_decrypt.vcxproj b/visualc/VS2010/rsa_decrypt.vcxproj
index e7fe01b..188b17e 100644
--- a/visualc/VS2010/rsa_decrypt.vcxproj
+++ b/visualc/VS2010/rsa_decrypt.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_encrypt.vcxproj b/visualc/VS2010/rsa_encrypt.vcxproj
index 6e1b96b..a44f676 100644
--- a/visualc/VS2010/rsa_encrypt.vcxproj
+++ b/visualc/VS2010/rsa_encrypt.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_genkey.vcxproj b/visualc/VS2010/rsa_genkey.vcxproj
index 1038db5..35b27b7 100644
--- a/visualc/VS2010/rsa_genkey.vcxproj
+++ b/visualc/VS2010/rsa_genkey.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_sign.vcxproj b/visualc/VS2010/rsa_sign.vcxproj
index b1bd170..90a7ac8 100644
--- a/visualc/VS2010/rsa_sign.vcxproj
+++ b/visualc/VS2010/rsa_sign.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_sign_pss.vcxproj b/visualc/VS2010/rsa_sign_pss.vcxproj
index 5007881..5d2ac82 100644
--- a/visualc/VS2010/rsa_sign_pss.vcxproj
+++ b/visualc/VS2010/rsa_sign_pss.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_verify.vcxproj b/visualc/VS2010/rsa_verify.vcxproj
index 3409753..a413ba8 100644
--- a/visualc/VS2010/rsa_verify.vcxproj
+++ b/visualc/VS2010/rsa_verify.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_verify_pss.vcxproj b/visualc/VS2010/rsa_verify_pss.vcxproj
index 4769958..369b145 100644
--- a/visualc/VS2010/rsa_verify_pss.vcxproj
+++ b/visualc/VS2010/rsa_verify_pss.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/selftest.vcxproj b/visualc/VS2010/selftest.vcxproj
index 3dcc8c8..6feb593 100644
--- a/visualc/VS2010/selftest.vcxproj
+++ b/visualc/VS2010/selftest.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_client1.vcxproj b/visualc/VS2010/ssl_client1.vcxproj
index cdf9ec8..860334e 100644
--- a/visualc/VS2010/ssl_client1.vcxproj
+++ b/visualc/VS2010/ssl_client1.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj
index e950550..9021602 100644
--- a/visualc/VS2010/ssl_client2.vcxproj
+++ b/visualc/VS2010/ssl_client2.vcxproj
@@ -94,7 +94,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -112,7 +112,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -132,7 +132,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -151,7 +151,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_context_info.vcxproj b/visualc/VS2010/ssl_context_info.vcxproj
index ff1ba98..1c98d34 100644
--- a/visualc/VS2010/ssl_context_info.vcxproj
+++ b/visualc/VS2010/ssl_context_info.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_fork_server.vcxproj b/visualc/VS2010/ssl_fork_server.vcxproj
index 7a18c99..6d44ef0 100644
--- a/visualc/VS2010/ssl_fork_server.vcxproj
+++ b/visualc/VS2010/ssl_fork_server.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_mail_client.vcxproj b/visualc/VS2010/ssl_mail_client.vcxproj
index 37dad21..e2253c6 100644
--- a/visualc/VS2010/ssl_mail_client.vcxproj
+++ b/visualc/VS2010/ssl_mail_client.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_server.vcxproj b/visualc/VS2010/ssl_server.vcxproj
index f0038d7..23ad7ec 100644
--- a/visualc/VS2010/ssl_server.vcxproj
+++ b/visualc/VS2010/ssl_server.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj
index b8788ef..61eedaa 100644
--- a/visualc/VS2010/ssl_server2.vcxproj
+++ b/visualc/VS2010/ssl_server2.vcxproj
@@ -94,7 +94,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -112,7 +112,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -132,7 +132,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -151,7 +151,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/strerror.vcxproj b/visualc/VS2010/strerror.vcxproj
index 31e19bb..9e70dec 100644
--- a/visualc/VS2010/strerror.vcxproj
+++ b/visualc/VS2010/strerror.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/udp_proxy.vcxproj b/visualc/VS2010/udp_proxy.vcxproj
index 6b2ed36..69678f6 100644
--- a/visualc/VS2010/udp_proxy.vcxproj
+++ b/visualc/VS2010/udp_proxy.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/zeroize.vcxproj b/visualc/VS2010/zeroize.vcxproj
index 4fa6bac..9e0746d 100644
--- a/visualc/VS2010/zeroize.vcxproj
+++ b/visualc/VS2010/zeroize.vcxproj
@@ -93,7 +93,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>