Merge pull request #4676 from JoeSubbiani/MissingContextFree-test_suite_aes.function
Add missing free context in at the end of aes_crypt_xts_size()
diff --git a/ChangeLog.d/issue4083.txt b/ChangeLog.d/issue4083.txt
new file mode 100644
index 0000000..8457337
--- /dev/null
+++ b/ChangeLog.d/issue4083.txt
@@ -0,0 +1,4 @@
+Removals
+ * Remove the following functions: mbedtls_timing_self_test(),
+ mbedtls_hardclock_poll(), mbedtls_timing_hardclock() and
+ mbedtls_set_alarm(). Fixes #4083.
diff --git a/ChangeLog.d/issue4084.txt b/ChangeLog.d/issue4084.txt
new file mode 100644
index 0000000..75273c1
--- /dev/null
+++ b/ChangeLog.d/issue4084.txt
@@ -0,0 +1,4 @@
+Removals
+ * Remove all support for MD2, MD4, RC4, Blowfish and XTEA. This removes the
+ corresponding modules and all their APIs and related configuration
+ options. Fixes #4084.
diff --git a/ChangeLog.d/mandatory-rng-param.txt b/ChangeLog.d/mandatory-rng-param.txt
new file mode 100644
index 0000000..39ee335
--- /dev/null
+++ b/ChangeLog.d/mandatory-rng-param.txt
@@ -0,0 +1,14 @@
+API changes
+ * For all functions that take a random number generator (RNG) as a
+ parameter, this parameter is now mandatory (that is, NULL is not an
+ acceptable value). Functions which previously accepted NULL and now
+ reject it are: the X.509 CRT and CSR writing functions; the PK and RSA
+ sign and decrypt function; mbedtls_rsa_private(); the functions
+ in DHM and ECDH that compute the shared secret; the scalar multiplication
+ functions in ECP.
+ * The following functions now require an RNG parameter:
+ mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(),
+ mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile().
+Removals
+ * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as
+ it no longer had any effect.
diff --git a/ChangeLog.d/remove-rsa-mode-parameter.txt b/ChangeLog.d/remove-rsa-mode-parameter.txt
index 854dda3..2590d3a 100644
--- a/ChangeLog.d/remove-rsa-mode-parameter.txt
+++ b/ChangeLog.d/remove-rsa-mode-parameter.txt
@@ -6,4 +6,3 @@
decryption functions now always use the private key and verification and
encryption use the public key. Verification functions also no longer have
RNG parameters.
- * The RNG is now mandatory for all private-key RSA operations.
diff --git a/ChangeLog.d/winsock.txt b/ChangeLog.d/winsock.txt
new file mode 100644
index 0000000..0b42e69
--- /dev/null
+++ b/ChangeLog.d/winsock.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with
+ MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465.
+
diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h
index 29e77b5..5b10063 100644
--- a/configs/config-symmetric-only.h
+++ b/configs/config-symmetric-only.h
@@ -47,11 +47,9 @@
/* Mbed Crypto modules */
#define MBEDTLS_AES_C
-#define MBEDTLS_ARC4_C
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C
#define MBEDTLS_BASE64_C
-#define MBEDTLS_BLOWFISH_C
#define MBEDTLS_CAMELLIA_C
#define MBEDTLS_ARIA_C
#define MBEDTLS_CCM_C
@@ -68,8 +66,6 @@
#define MBEDTLS_HMAC_DRBG_C
#define MBEDTLS_NIST_KW_C
#define MBEDTLS_MD_C
-#define MBEDTLS_MD2_C
-#define MBEDTLS_MD4_C
#define MBEDTLS_MD5_C
#define MBEDTLS_OID_C
#define MBEDTLS_PEM_PARSE_C
@@ -94,7 +90,6 @@
//#define MBEDTLS_THREADING_C
#define MBEDTLS_TIMING_C
#define MBEDTLS_VERSION_C
-#define MBEDTLS_XTEA_C
#include "mbedtls/config_psa.h"
diff --git a/docs/3.0-migration-guide.d/mandatory-rng-param.md b/docs/3.0-migration-guide.d/mandatory-rng-param.md
new file mode 100644
index 0000000..f6aba08
--- /dev/null
+++ b/docs/3.0-migration-guide.d/mandatory-rng-param.md
@@ -0,0 +1,40 @@
+The RNG parameter is now mandatory for all functions that accept one
+--------------------------------------------------------------------
+
+This change affects all users who called a function accepting a `f_rng`
+parameter with `NULL` as the value of this argument; this is no longer
+supported.
+
+The changed functions are: the X.509 CRT and CSR writing functions; the PK and
+RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM
+and ECDH that compute the shared secret; the scalar multiplication functions in
+ECP.
+
+You now need to pass a properly seeded, cryptographically secure RNG to all
+functions that accept a `f_rng` parameter. It is of course still possible to
+pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a
+context.
+
+Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT`
+configuration options) may have their own internal and are free to ignore the
+`f_rng` argument but must allow users to pass one anyway.
+
+Some functions gained an RNG parameter
+--------------------------------------
+
+This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`,
+`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and
+`mbedtls_pk_parse_keyfile()`.
+
+You now need to pass a properly seeded, cryptographically secure RNG when
+calling these functions. It is used for blinding, a counter-measure against
+side-channel attacks.
+
+The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed
+------------------------------------------------------------------
+
+This doesn't affect users of the default configuration; it only affects people
+who were explicitly setting this option.
+
+This was a trade-off between code size and counter-measures; it is no longer
+relevant as the counter-measure is now always on at no cost in code size.
diff --git a/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md
new file mode 100644
index 0000000..fa61e27
--- /dev/null
+++ b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md
@@ -0,0 +1,9 @@
+Move part of timing module out of the library
+--
+
+The change affects users who use any of the following functions:
+`mbedtls_timing_self_test()`, `mbedtls_hardclock_poll()`,
+`mbedtls_timing_hardclock()` and `mbedtls_set_alarm()`.
+
+If you were relying on these functions, you'll now need to change to using your
+platform's corresponding functions directly.
diff --git a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md
index e400650..d21d5ed 100644
--- a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md
+++ b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md
@@ -19,11 +19,3 @@
was only needed when using a private key). This affects all applications using
the RSA verify functions.
-RNG is now mandatory in all RSA private key operations
-------------------------------------------------------
-
-The random generator is now mandatory for blinding in all RSA private-key
-operations (`mbedtls_rsa_private`, `mbedtls_rsa_xxx_sign`,
-`mbedtls_rsa_xxx_decrypt`) as well as for encryption
-(`mbedtls_rsa_xxx_encrypt`). This means that passing a null `f_rng` is no longer
-supported.
diff --git a/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md b/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md
new file mode 100644
index 0000000..a4a4895
--- /dev/null
+++ b/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md
@@ -0,0 +1,23 @@
+Remove the SSL API mbedtls_ssl_get_session_pointer()
+-----------------------------------------------------------------
+
+This affects two classes of users:
+
+1. Users who manually inspect parts of the current session through
+ direct structure field access.
+
+2. Users of session resumption who query the current session
+ via `mbedtls_ssl_get_session_pointer()` prior to saving or exporting
+ it via `mbedtls_ssl_session_copy()` or `mbedtls_ssl_session_save()`,
+ respectively.
+
+Migration paths:
+
+1. Mbed TLS 3.0 does not offer a migration path for the usecase 1: Like many
+ other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no
+ longer part of the public API in Mbed TLS 3.0, and direct structure field
+ access is no longer supported. Please see the corresponding migration guide.
+
+2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by
+ calls to `mbedtls_ssl_get_session()` as demonstrated in the example
+ program `programs/ssl/ssl_client2.c`.
diff --git a/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md
new file mode 100644
index 0000000..d199f2f
--- /dev/null
+++ b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md
@@ -0,0 +1,8 @@
+Remove MD2, MD4, RC4, Blowfish and XTEA algorithms
+--
+
+This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms.
+
+They are already niche or obsolete and most of them are weak or broken. For
+those reasons possible users should consider switching to modern and safe
+alternatives to be found in literature.
diff --git a/docs/3.0-migration-guide.d/rename_the__ret_functions.md b/docs/3.0-migration-guide.d/rename_the__ret_functions.md
index 44435f8..875164b 100644
--- a/docs/3.0-migration-guide.d/rename_the__ret_functions.md
+++ b/docs/3.0-migration-guide.d/rename_the__ret_functions.md
@@ -13,14 +13,6 @@
|------------------------------|--------------------------|
| mbedtls_ctr_drbg_update_ret | mbedtls_ctr_drbg_update |
| mbedtls_hmac_drbg_update_ret | mbedtls_hmac_drbg_update |
-| mbedtls_md2_starts_ret | mbedtls_md2_starts |
-| mbedtls_md2_update_ret | mbedtls_md2_update |
-| mbedtls_md2_finish_ret | mbedtls_md2_finish |
-| mbedtls_md2_ret | mbedtls_md2 |
-| mbedtls_md4_starts_ret | mbedtls_md4_starts |
-| mbedtls_md4_update_ret | mbedtls_md4_update |
-| mbedtls_md4_finish_ret | mbedtls_md4_finish |
-| mbedtls_md4_ret | mbedtls_md4 |
| mbedtls_md5_starts_ret | mbedtls_md5_starts |
| mbedtls_md5_update_ret | mbedtls_md5_update |
| mbedtls_md5_finish_ret | mbedtls_md5_finish |
diff --git a/docs/3.0-migration-guide.d/ssl-ticket-api.md b/docs/3.0-migration-guide.d/ssl-ticket-api.md
new file mode 100644
index 0000000..23c53d6
--- /dev/null
+++ b/docs/3.0-migration-guide.d/ssl-ticket-api.md
@@ -0,0 +1,30 @@
+Modified semantics of mbedtls_ssl_{get,set}_session()
+-----------------------------------------------------------------
+
+This affects users who call `mbedtls_ssl_get_session()` or
+`mbedtls_ssl_set_session()` multiple times on the same SSL context
+representing an established TLS 1.2 connection.
+Those users will now observe the second call to fail with
+`MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE`.
+
+Migration path:
+- Exporting the same TLS 1.2 connection multiple times via
+ `mbedtls_ssl_get_session()` leads to multiple copies of
+ the same session. This use of `mbedtls_ssl_get_session()`
+ is discouraged, and the following should be considered:
+ * If the various session copies are later loaded into
+ fresh SSL contexts via `mbedtls_ssl_set_session()`,
+ export via `mbedtls_ssl_get_session()` only once and
+ load the same session into different contexts via
+ `mbedtls_ssl_set_session()`. Since `mbedtls_ssl_set_session()`
+ makes a copy of the session that's being loaded, this
+ is functionally equivalent.
+ * If the various session copies are later serialized
+ via `mbedtls_ssl_session_save()`, export and serialize
+ the session only once via `mbedtls_ssl_get_session()` and
+ `mbedtls_ssl_session_save()` and make copies of the raw
+ data instead.
+- Calling `mbedtls_ssl_set_session()` multiple times in Mbed TLS 2.x
+ is not useful since subsequent calls overwrite the effect of previous
+ calls. Applications achieve equivalent functional behaviour by
+ issuing only the very last call to `mbedtls_ssl_set_session()`.
diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md
index a4a59b8..d0ba43d 100644
--- a/docs/3.0-migration-guide.md
+++ b/docs/3.0-migration-guide.md
@@ -22,7 +22,7 @@
Deprecated functions were removed from hashing modules
------------------------------------------------------
-Modules: MD2, MD4, MD5, SHA1, SHA256, SHA512, MD.
+Modules: MD5, SHA1, SHA256, SHA512, MD.
- The functions `mbedtls_xxx_starts()`, `mbedtls_xxx_update()`,
`mbedtls_xxx_finish()` and `mbedtls_xxx()` were removed. Please use the
diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h
index 46fb04f..96734bd 100644
--- a/doxygen/input/doc_encdec.h
+++ b/doxygen/input/doc_encdec.h
@@ -45,15 +45,11 @@
* - Symmetric:
* - AES (see \c mbedtls_aes_crypt_ecb(), \c mbedtls_aes_crypt_cbc(), \c mbedtls_aes_crypt_cfb128() and
* \c mbedtls_aes_crypt_ctr()).
- * - ARCFOUR (see \c mbedtls_arc4_crypt()).
- * - Blowfish / BF (see \c mbedtls_blowfish_crypt_ecb(), \c mbedtls_blowfish_crypt_cbc(),
- * \c mbedtls_blowfish_crypt_cfb64() and \c mbedtls_blowfish_crypt_ctr())
* - Camellia (see \c mbedtls_camellia_crypt_ecb(), \c mbedtls_camellia_crypt_cbc(),
* \c mbedtls_camellia_crypt_cfb128() and \c mbedtls_camellia_crypt_ctr()).
* - DES/3DES (see \c mbedtls_des_crypt_ecb(), \c mbedtls_des_crypt_cbc(), \c mbedtls_des3_crypt_ecb()
* and \c mbedtls_des3_crypt_cbc()).
* - GCM (AES-GCM and CAMELLIA-GCM) (see \c mbedtls_gcm_init())
- * - XTEA (see \c mbedtls_xtea_crypt_ecb()).
* - Asymmetric:
* - Diffie-Hellman-Merkle (see \c mbedtls_dhm_read_public(), \c mbedtls_dhm_make_public()
* and \c mbedtls_dhm_calc_secret()).
diff --git a/doxygen/input/doc_hashing.h b/doxygen/input/doc_hashing.h
index aaa0c78..931e6e9 100644
--- a/doxygen/input/doc_hashing.h
+++ b/doxygen/input/doc_hashing.h
@@ -34,7 +34,7 @@
* \c mbedtls_md_setup())
*
* The following hashing-algorithms are provided:
- * - MD2, MD4, MD5 128-bit one-way hash functions by Ron Rivest.
+ * - MD5 128-bit one-way hash function by Ron Rivest.
* - SHA-1, SHA-256, SHA-384/512 160-bit or more one-way hash functions by
* NIST and NSA.
*
diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h
deleted file mode 100644
index 6313651..0000000
--- a/include/mbedtls/arc4.h
+++ /dev/null
@@ -1,142 +0,0 @@
-/**
- * \file arc4.h
- *
- * \brief The ARCFOUR stream cipher
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers instead.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-#ifndef MBEDTLS_ARC4_H
-#define MBEDTLS_ARC4_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_ARC4_ALT)
-// Regular implementation
-//
-
-/**
- * \brief ARC4 context structure
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers instead.
- *
- */
-typedef struct mbedtls_arc4_context
-{
- int MBEDTLS_PRIVATE(x); /*!< permutation index */
- int MBEDTLS_PRIVATE(y); /*!< permutation index */
- unsigned char MBEDTLS_PRIVATE(m)[256]; /*!< permutation table */
-}
-mbedtls_arc4_context;
-
-#else /* MBEDTLS_ARC4_ALT */
-#include "arc4_alt.h"
-#endif /* MBEDTLS_ARC4_ALT */
-
-/**
- * \brief Initialize ARC4 context
- *
- * \param ctx ARC4 context to be initialized
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-void mbedtls_arc4_init( mbedtls_arc4_context *ctx );
-
-/**
- * \brief Clear ARC4 context
- *
- * \param ctx ARC4 context to be cleared
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-void mbedtls_arc4_free( mbedtls_arc4_context *ctx );
-
-/**
- * \brief ARC4 key schedule
- *
- * \param ctx ARC4 context to be setup
- * \param key the secret key
- * \param keylen length of the key, in bytes
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
- unsigned int keylen );
-
-/**
- * \brief ARC4 cipher function
- *
- * \param ctx ARC4 context
- * \param length length of the input data
- * \param input buffer holding the input data
- * \param output buffer for the output data
- *
- * \return 0 if successful
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
- unsigned char *output );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-int mbedtls_arc4_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* arc4.h */
diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h
deleted file mode 100644
index e54d491..0000000
--- a/include/mbedtls/blowfish.h
+++ /dev/null
@@ -1,279 +0,0 @@
-/**
- * \file blowfish.h
- *
- * \brief Blowfish block cipher
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef MBEDTLS_BLOWFISH_H
-#define MBEDTLS_BLOWFISH_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#include "mbedtls/platform_util.h"
-
-#define MBEDTLS_BLOWFISH_ENCRYPT 1
-#define MBEDTLS_BLOWFISH_DECRYPT 0
-#define MBEDTLS_BLOWFISH_MAX_KEY_BITS 448
-#define MBEDTLS_BLOWFISH_MIN_KEY_BITS 32
-#define MBEDTLS_BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */
-#define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */
-
-#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 /**< Bad input data. */
-
-#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_BLOWFISH_ALT)
-// Regular implementation
-//
-
-/**
- * \brief Blowfish context structure
- */
-typedef struct mbedtls_blowfish_context
-{
- uint32_t MBEDTLS_PRIVATE(P)[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */
- uint32_t MBEDTLS_PRIVATE(S)[4][256]; /*!< key dependent S-boxes */
-}
-mbedtls_blowfish_context;
-
-#else /* MBEDTLS_BLOWFISH_ALT */
-#include "blowfish_alt.h"
-#endif /* MBEDTLS_BLOWFISH_ALT */
-
-/**
- * \brief Initialize a Blowfish context.
- *
- * \param ctx The Blowfish context to be initialized.
- * This must not be \c NULL.
- */
-void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
-
-/**
- * \brief Clear a Blowfish context.
- *
- * \param ctx The Blowfish context to be cleared.
- * This may be \c NULL, in which case this function
- * returns immediately. If it is not \c NULL, it must
- * point to an initialized Blowfish context.
- */
-void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
-
-/**
- * \brief Perform a Blowfish key schedule operation.
- *
- * \param ctx The Blowfish context to perform the key schedule on.
- * \param key The encryption key. This must be a readable buffer of
- * length \p keybits Bits.
- * \param keybits The length of \p key in Bits. This must be between
- * \c 32 and \c 448 and a multiple of \c 8.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
- unsigned int keybits );
-
-/**
- * \brief Perform a Blowfish-ECB block encryption/decryption operation.
- *
- * \param ctx The Blowfish context to use. This must be initialized
- * and bound to a key.
- * \param mode The mode of operation. Possible values are
- * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
- * #MBEDTLS_BLOWFISH_DECRYPT for decryption.
- * \param input The input block. This must be a readable buffer
- * of size \c 8 Bytes.
- * \param output The output block. This must be a writable buffer
- * of size \c 8 Bytes.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
- int mode,
- const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
- unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief Perform a Blowfish-CBC buffer encryption/decryption operation.
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx The Blowfish context to use. This must be initialized
- * and bound to a key.
- * \param mode The mode of operation. Possible values are
- * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
- * #MBEDTLS_BLOWFISH_DECRYPT for decryption.
- * \param length The length of the input data in Bytes. This must be
- * multiple of \c 8.
- * \param iv The initialization vector. This must be a read/write buffer
- * of length \c 8 Bytes. It is updated by this function.
- * \param input The input data. This must be a readable buffer of length
- * \p length Bytes.
- * \param output The output data. This must be a writable buffer of length
- * \p length Bytes.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/**
- * \brief Perform a Blowfish CFB buffer encryption/decryption operation.
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx The Blowfish context to use. This must be initialized
- * and bound to a key.
- * \param mode The mode of operation. Possible values are
- * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
- * #MBEDTLS_BLOWFISH_DECRYPT for decryption.
- * \param length The length of the input data in Bytes.
- * \param iv_off The offset in the initialiation vector.
- * The value pointed to must be smaller than \c 8 Bytes.
- * It is updated by this function to support the aforementioned
- * streaming usage.
- * \param iv The initialization vector. This must be a read/write buffer
- * of size \c 8 Bytes. It is updated after use.
- * \param input The input data. This must be a readable buffer of length
- * \p length Bytes.
- * \param output The output data. This must be a writable buffer of length
- * \p length Bytes.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
- int mode,
- size_t length,
- size_t *iv_off,
- unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
-#endif /*MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/**
- * \brief Perform a Blowfish-CTR buffer encryption/decryption operation.
- *
- * \warning You must never reuse a nonce value with the same key. Doing so
- * would void the encryption for the two messages encrypted with
- * the same nonce and key.
- *
- * There are two common strategies for managing nonces with CTR:
- *
- * 1. You can handle everything as a single message processed over
- * successive calls to this function. In that case, you want to
- * set \p nonce_counter and \p nc_off to 0 for the first call, and
- * then preserve the values of \p nonce_counter, \p nc_off and \p
- * stream_block across calls to this function as they will be
- * updated by this function.
- *
- * With this strategy, you must not encrypt more than 2**64
- * blocks of data with the same key.
- *
- * 2. You can encrypt separate messages by dividing the \p
- * nonce_counter buffer in two areas: the first one used for a
- * per-message nonce, handled by yourself, and the second one
- * updated by this function internally.
- *
- * For example, you might reserve the first 4 bytes for the
- * per-message nonce, and the last 4 bytes for internal use. In that
- * case, before calling this function on a new message you need to
- * set the first 4 bytes of \p nonce_counter to your chosen nonce
- * value, the last 4 to 0, and \p nc_off to 0 (which will cause \p
- * stream_block to be ignored). That way, you can encrypt at most
- * 2**32 messages of up to 2**32 blocks each with the same key.
- *
- * The per-message nonce (or information sufficient to reconstruct
- * it) needs to be communicated with the ciphertext and must be unique.
- * The recommended way to ensure uniqueness is to use a message
- * counter.
- *
- * Note that for both stategies, sizes are measured in blocks and
- * that a Blowfish block is 8 bytes.
- *
- * \warning Upon return, \p stream_block contains sensitive data. Its
- * content must not be written to insecure storage and should be
- * securely discarded as soon as it's no longer needed.
- *
- * \param ctx The Blowfish context to use. This must be initialized
- * and bound to a key.
- * \param length The length of the input data in Bytes.
- * \param nc_off The offset in the current stream_block (for resuming
- * within current cipher stream). The offset pointer
- * should be \c 0 at the start of a stream and must be
- * smaller than \c 8. It is updated by this function.
- * \param nonce_counter The 64-bit nonce and counter. This must point to a
- * read/write buffer of length \c 8 Bytes.
- * \param stream_block The saved stream-block for resuming. This must point to
- * a read/write buffer of length \c 8 Bytes.
- * \param input The input data. This must be a readable buffer of
- * length \p length Bytes.
- * \param output The output data. This must be a writable buffer of
- * length \p length Bytes.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
- size_t length,
- size_t *nc_off,
- unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
- unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* blowfish.h */
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 90dee6c..85f7efd 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -150,14 +150,6 @@
#error "MBEDTLS_ECP_C defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_ECP_C) && !( \
- defined(MBEDTLS_ECP_ALT) || \
- defined(MBEDTLS_CTR_DRBG_C) || \
- defined(MBEDTLS_HMAC_DRBG_C) || \
- defined(MBEDTLS_ECP_NO_INTERNAL_RNG))
-#error "MBEDTLS_ECP_C requires a DRBG module unless MBEDTLS_ECP_NO_INTERNAL_RNG is defined or an alternative implementation is used"
-#endif
-
#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C)
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequesites"
#endif
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 25e1d8d..63c5309 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -45,7 +45,7 @@
#define MBEDTLS_CIPHER_MODE_WITH_PADDING
#endif
-#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
defined(MBEDTLS_CHACHA20_C)
#define MBEDTLS_CIPHER_MODE_STREAM
#endif
@@ -73,7 +73,7 @@
/**
* \brief Supported cipher types.
*
- * \warning RC4 and DES are considered weak ciphers and their use
+ * \warning DES is considered weak cipher and its use
* constitutes a security risk. Arm recommends considering stronger
* ciphers instead.
*/
@@ -84,8 +84,6 @@
MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. */
MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. */
MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */
- MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */
- MBEDTLS_CIPHER_ID_ARC4, /**< The RC4 cipher. */
MBEDTLS_CIPHER_ID_ARIA, /**< The Aria cipher. */
MBEDTLS_CIPHER_ID_CHACHA20, /**< The ChaCha20 cipher. */
} mbedtls_cipher_id_t;
@@ -93,7 +91,7 @@
/**
* \brief Supported {cipher type, cipher mode} pairs.
*
- * \warning RC4 and DES are considered weak ciphers and their use
+ * \warning DES is considered weak cipher and its use
* constitutes a security risk. Arm recommends considering stronger
* ciphers instead.
*/
@@ -136,11 +134,6 @@
MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */
MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */
MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */
- MBEDTLS_CIPHER_BLOWFISH_ECB, /**< Blowfish cipher with ECB mode. */
- MBEDTLS_CIPHER_BLOWFISH_CBC, /**< Blowfish cipher with CBC mode. */
- MBEDTLS_CIPHER_BLOWFISH_CFB64, /**< Blowfish cipher with CFB64 mode. */
- MBEDTLS_CIPHER_BLOWFISH_CTR, /**< Blowfish cipher with CTR mode. */
- MBEDTLS_CIPHER_ARC4_128, /**< RC4 cipher with 128-bit mode. */
MBEDTLS_CIPHER_AES_128_CCM, /**< AES cipher with 128-bit CCM mode. */
MBEDTLS_CIPHER_AES_192_CCM, /**< AES cipher with 192-bit CCM mode. */
MBEDTLS_CIPHER_AES_256_CCM, /**< AES cipher with 256-bit CCM mode. */
diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h
index fe07790..cdf81dc 100644
--- a/include/mbedtls/compat-2.x.h
+++ b/include/mbedtls/compat-2.x.h
@@ -34,14 +34,6 @@
*/
#define mbedtls_ctr_drbg_update_ret mbedtls_ctr_drbg_update
#define mbedtls_hmac_drbg_update_ret mbedtls_hmac_drbg_update
-#define mbedtls_md2_starts_ret mbedtls_md2_starts
-#define mbedtls_md2_update_ret mbedtls_md2_update
-#define mbedtls_md2_finish_ret mbedtls_md2_finish
-#define mbedtls_md2_ret mbedtls_md2
-#define mbedtls_md4_starts_ret mbedtls_md4_starts
-#define mbedtls_md4_update_ret mbedtls_md4_update
-#define mbedtls_md4_finish_ret mbedtls_md4_finish
-#define mbedtls_md4_ret mbedtls_md4
#define mbedtls_md5_starts_ret mbedtls_md5_starts
#define mbedtls_md5_update_ret mbedtls_md5_update
#define mbedtls_md5_finish_ret mbedtls_md5_finish
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 16f8f8b..16f93f9 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -47,7 +47,6 @@
*
* Used in:
* library/aria.c
- * library/timing.c
* library/bn_mul.h
*
* Required by:
@@ -268,7 +267,7 @@
/**
* \def MBEDTLS_TIMING_ALT
*
- * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
+ * Uncomment to provide your own alternate implementation for
* mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
*
* Only works if you have MBEDTLS_TIMING_C enabled.
@@ -297,16 +296,14 @@
* Uncomment a macro to enable alternate implementation of the corresponding
* module.
*
- * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
+ * \warning MD5, DES and SHA-1 are considered weak and their
* use constitutes a security risk. If possible, we recommend
* avoiding dependencies on them, and considering stronger message
* digests and ciphers instead.
*
*/
//#define MBEDTLS_AES_ALT
-//#define MBEDTLS_ARC4_ALT
//#define MBEDTLS_ARIA_ALT
-//#define MBEDTLS_BLOWFISH_ALT
//#define MBEDTLS_CAMELLIA_ALT
//#define MBEDTLS_CCM_ALT
//#define MBEDTLS_CHACHA20_ALT
@@ -317,8 +314,6 @@
//#define MBEDTLS_ECJPAKE_ALT
//#define MBEDTLS_GCM_ALT
//#define MBEDTLS_NIST_KW_ALT
-//#define MBEDTLS_MD2_ALT
-//#define MBEDTLS_MD4_ALT
//#define MBEDTLS_MD5_ALT
//#define MBEDTLS_POLY1305_ALT
//#define MBEDTLS_RIPEMD160_ALT
@@ -326,7 +321,6 @@
//#define MBEDTLS_SHA1_ALT
//#define MBEDTLS_SHA256_ALT
//#define MBEDTLS_SHA512_ALT
-//#define MBEDTLS_XTEA_ALT
/*
* When replacing the elliptic curve module, pleace consider, that it is
@@ -340,7 +334,7 @@
//#define MBEDTLS_ECP_ALT
/**
- * \def MBEDTLS_MD2_PROCESS_ALT
+ * \def MBEDTLS_SHA256_PROCESS_ALT
*
* MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
* alternate core implementation of symmetric crypto or hash function. Keep in
@@ -362,7 +356,7 @@
* Uncomment a macro to enable alternate implementation of the corresponding
* function.
*
- * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
+ * \warning MD5, DES and SHA-1 are considered weak and their use
* constitutes a security risk. If possible, we recommend avoiding
* dependencies on them, and considering stronger message digests
* and ciphers instead.
@@ -376,8 +370,6 @@
* implementation should be provided for mbedtls_ecdsa_sign_det_ext().
*
*/
-//#define MBEDTLS_MD2_PROCESS_ALT
-//#define MBEDTLS_MD4_PROCESS_ALT
//#define MBEDTLS_MD5_PROCESS_ALT
//#define MBEDTLS_RIPEMD160_PROCESS_ALT
//#define MBEDTLS_SHA1_PROCESS_ALT
@@ -652,28 +644,6 @@
#define MBEDTLS_ECP_NIST_OPTIM
/**
- * \def MBEDTLS_ECP_NO_INTERNAL_RNG
- *
- * When this option is disabled, mbedtls_ecp_mul() will make use of an
- * internal RNG when called with a NULL \c f_rng argument, in order to protect
- * against some side-channel attacks.
- *
- * This protection introduces a dependency of the ECP module on one of the
- * DRBG modules. For very constrained implementations that don't require this
- * protection (for example, because you're only doing signature verification,
- * so not manipulating any secret, or because local/physical side-channel
- * attacks are outside your threat model), it might be desirable to get rid of
- * that dependency.
- *
- * \warning Enabling this option makes some uses of ECP vulnerable to some
- * side-channel attacks. Only enable it if you know that's not a problem for
- * your use case.
- *
- * Uncomment this macro to disable some counter-measures in ECP.
- */
-//#define MBEDTLS_ECP_NO_INTERNAL_RNG
-
-/**
* \def MBEDTLS_ECP_RESTARTABLE
*
* Enable "non-blocking" ECC operations that can return early and be resumed.
@@ -1014,8 +984,7 @@
/**
* \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
*
- * Do not add default entropy sources. These are the platform specific
- * or mbedtls_timing_hardclock poll function.
+ * Do not add default entropy sources in mbedtls_entropy_init().
*
* This is useful to have more control over the added entropy sources in an
* application.
@@ -1941,24 +1910,6 @@
#define MBEDTLS_AES_C
/**
- * \def MBEDTLS_ARC4_C
- *
- * Enable the ARCFOUR stream cipher.
- *
- * Module: library/arc4.c
- * Caller: library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. If possible, we recommend avoidng dependencies on
- * it, and considering stronger ciphers instead.
- *
- */
-#define MBEDTLS_ARC4_C
-
-/**
* \def MBEDTLS_ASN1_PARSE_C
*
* Enable the generic ASN1 parser.
@@ -2016,15 +1967,6 @@
#define MBEDTLS_BIGNUM_C
/**
- * \def MBEDTLS_BLOWFISH_C
- *
- * Enable the Blowfish block cipher.
- *
- * Module: library/blowfish.c
- */
-#define MBEDTLS_BLOWFISH_C
-
-/**
* \def MBEDTLS_CAMELLIA_C
*
* Enable the Camellia block cipher.
@@ -2427,40 +2369,6 @@
#define MBEDTLS_MD_C
/**
- * \def MBEDTLS_MD2_C
- *
- * Enable the MD2 hash algorithm.
- *
- * Module: library/md2.c
- * Caller:
- *
- * Uncomment to enable support for (rare) MD2-signed X.509 certs.
- *
- * \warning MD2 is considered a weak message digest and its use constitutes a
- * security risk. If possible, we recommend avoiding dependencies on
- * it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_MD2_C
-
-/**
- * \def MBEDTLS_MD4_C
- *
- * Enable the MD4 hash algorithm.
- *
- * Module: library/md4.c
- * Caller:
- *
- * Uncomment to enable support for (rare) MD4-signed X.509 certs.
- *
- * \warning MD4 is considered a weak message digest and its use constitutes a
- * security risk. If possible, we recommend avoiding dependencies on
- * it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_MD4_C
-
-/**
* \def MBEDTLS_MD5_C
*
* Enable the MD5 hash algorithm.
@@ -2655,7 +2563,6 @@
* Caller: library/pkparse.c
*
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
- * Can use: MBEDTLS_ARC4_C
*
* This module enables PKCS#12 functions.
*/
@@ -3100,16 +3007,6 @@
*/
#define MBEDTLS_X509_CSR_WRITE_C
-/**
- * \def MBEDTLS_XTEA_C
- *
- * Enable the XTEA block cipher.
- *
- * Module: library/xtea.c
- * Caller:
- */
-#define MBEDTLS_XTEA_C
-
/* \} name SECTION: mbed TLS modules */
/**
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index f5db94e..a0f2637 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -103,16 +103,6 @@
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
#endif /* PSA_WANT_ALG_HMAC */
-#if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
-#define MBEDTLS_MD2_C
-#endif
-
-#if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
-#define MBEDTLS_MD4_C
-#endif
-
#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
#define MBEDTLS_MD5_C
@@ -277,13 +267,6 @@
#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
#endif /* PSA_WANT_KEY_TYPE_AES */
-#if defined(PSA_WANT_KEY_TYPE_ARC4)
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
-#define MBEDTLS_ARC4_C
-#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 */
-#endif /* PSA_WANT_KEY_TYPE_ARC4 */
-
#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
@@ -591,16 +574,6 @@
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
#endif /* MBEDTLS_MD_C */
-#if defined(MBEDTLS_MD2_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
-#define PSA_WANT_ALG_MD2 1
-#endif
-
-#if defined(MBEDTLS_MD4_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
-#define PSA_WANT_ALG_MD4 1
-#endif
-
#if defined(MBEDTLS_MD5_C)
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
#define PSA_WANT_ALG_MD5 1
@@ -661,13 +634,6 @@
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
#endif
-#if defined(MBEDTLS_ARC4_C)
-#define PSA_WANT_KEY_TYPE_ARC4 1
-#define PSA_WANT_ALG_STREAM_CIPHER 1
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
-#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
-#endif
-
#if defined(MBEDTLS_CAMELLIA_C)
#define PSA_WANT_KEY_TYPE_CAMELLIA 1
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index e8c8a82..850813e 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -279,10 +279,10 @@
* \param output_size The size of the destination buffer. This must be at
* least the size of \c ctx->len (the size of \c P).
* \param olen On exit, holds the actual number of Bytes written.
- * \param f_rng The RNG function, for blinding purposes. This may
- * b \c NULL if blinding isn't needed.
- * \param p_rng The RNG context. This may be \c NULL if \p f_rng
- * doesn't need a context argument.
+ * \param f_rng The RNG function. Must not be \c NULL. Used for
+ * blinding.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be
+ * \c NULL if \p f_rng doesn't need a context parameter.
*
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h
index 2a0980b..587035a 100644
--- a/include/mbedtls/ecdh.h
+++ b/include/mbedtls/ecdh.h
@@ -222,10 +222,7 @@
* This must be initialized.
* \param d Our secret exponent (private key).
* This must be initialized.
- * \param f_rng The RNG function. This may be \c NULL if randomization
- * of intermediate results during the ECP computations is
- * not needed (discouraged). See the documentation of
- * mbedtls_ecp_mul() for more.
+ * \param f_rng The RNG function to use. This must not be \c NULL.
* \param p_rng The RNG context to be passed to \p f_rng. This may be
* \c NULL if \p f_rng is \c NULL or doesn't need a
* context argument.
@@ -428,8 +425,7 @@
* \param buf The buffer to write the generated shared key to. This
* must be a writable buffer of size \p blen Bytes.
* \param blen The length of the destination buffer \p buf in Bytes.
- * \param f_rng The RNG function, for blinding purposes. This may
- * b \c NULL if blinding isn't needed.
+ * \param f_rng The RNG function to use. This must not be \c NULL.
* \param p_rng The RNG context. This may be \c NULL if \p f_rng
* doesn't need a context argument.
*
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 49e85d9..75ad808 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -911,15 +911,8 @@
* \note To prevent timing attacks, this function
* executes the exact same sequence of base-field
* operations for any valid \p m. It avoids any if-branch or
- * array index depending on the value of \p m.
- *
- * \note If \p f_rng is not NULL, it is used to randomize
- * intermediate results to prevent potential timing attacks
- * targeting these results. We recommend always providing
- * a non-NULL \p f_rng. The overhead is negligible.
- * Note: unless #MBEDTLS_ECP_NO_INTERNAL_RNG is defined, when
- * \p f_rng is NULL, an internal RNG (seeded from the value
- * of \p m) will be used instead.
+ * array index depending on the value of \p m. If also uses
+ * \p f_rng to randomize some intermediate results.
*
* \param grp The ECP group to use.
* This must be initialized and have group parameters
@@ -928,9 +921,9 @@
* This must be initialized.
* \param m The integer by which to multiply. This must be initialized.
* \param P The point to multiply. This must be initialized.
- * \param f_rng The RNG function. This may be \c NULL if randomization
- * of intermediate results isn't desired (discouraged).
- * \param p_rng The RNG context to be passed to \p p_rng.
+ * \param f_rng The RNG function. This must not be \c NULL.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be \c
+ * NULL if \p f_rng doesn't need a context.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m is not a valid private
@@ -959,9 +952,9 @@
* This must be initialized.
* \param m The integer by which to multiply. This must be initialized.
* \param P The point to multiply. This must be initialized.
- * \param f_rng The RNG function. This may be \c NULL if randomization
- * of intermediate results isn't desired (discouraged).
- * \param p_rng The RNG context to be passed to \p p_rng.
+ * \param f_rng The RNG function. This must not be \c NULL.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be \c
+ * NULL if \p f_rng doesn't need a context.
* \param rs_ctx The restart context (NULL disables restart).
*
* \return \c 0 on success.
@@ -1265,14 +1258,18 @@
* part is ignored.
* \param prv The keypair structure holding the full keypair.
* This must be initialized.
+ * \param f_rng The RNG function. This must not be \c NULL.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be \c
+ * NULL if \p f_rng doesn't need a context.
*
* \return \c 0 on success, meaning that the keys are valid and match.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the keys are invalid or do not match.
* \return An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX
* error code on calculation failure.
*/
-int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub,
- const mbedtls_ecp_keypair *prv );
+int mbedtls_ecp_check_pub_priv(
+ const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
#if defined(MBEDTLS_SELF_TEST)
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 199ea3d..2835fd5 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -61,11 +61,9 @@
* ERROR 2 0x006E 0x0001
* MPI 7 0x0002-0x0010
* GCM 3 0x0012-0x0014 0x0013-0x0013
- * BLOWFISH 3 0x0016-0x0018 0x0017-0x0017
* THREADING 3 0x001A-0x001E
* AES 5 0x0020-0x0022 0x0021-0x0025
* CAMELLIA 3 0x0024-0x0026 0x0027-0x0027
- * XTEA 2 0x0028-0x0028 0x0029-0x0029
* BASE64 2 0x002A-0x002C
* OID 1 0x002E-0x002E 0x000B-0x000B
* PADLOCK 1 0x0030-0x0030
@@ -79,9 +77,6 @@
* PBKDF2 1 0x007C-0x007C
* HMAC_DRBG 4 0x0003-0x0009
* CCM 3 0x000D-0x0011
- * ARC4 1 0x0019-0x0019
- * MD2 1 0x002B-0x002B
- * MD4 1 0x002D-0x002D
* MD5 1 0x002F-0x002F
* RIPEMD160 1 0x0031-0x0031
* SHA1 1 0x0035-0x0035 0x0073-0x0073
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 21dc7c4..7bf8213 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -46,15 +46,13 @@
/**
* \brief Supported message digests.
*
- * \warning MD2, MD4, MD5 and SHA-1 are considered weak message digests and
+ * \warning MD5 and SHA-1 are considered weak message digests and
* their use constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
typedef enum {
MBEDTLS_MD_NONE=0, /**< None. */
- MBEDTLS_MD_MD2, /**< The MD2 message digest. */
- MBEDTLS_MD_MD4, /**< The MD4 message digest. */
MBEDTLS_MD_MD5, /**< The MD5 message digest. */
MBEDTLS_MD_SHA1, /**< The SHA-1 message digest. */
MBEDTLS_MD_SHA224, /**< The SHA-224 message digest. */
diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h
deleted file mode 100644
index efb11ff..0000000
--- a/include/mbedtls/md2.h
+++ /dev/null
@@ -1,204 +0,0 @@
-/**
- * \file md2.h
- *
- * \brief MD2 message digest algorithm (hash function)
- *
- * \warning MD2 is considered a weak message digest and its use constitutes a
- * security risk. We recommend considering stronger message digests
- * instead.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-#ifndef MBEDTLS_MD2_H
-#define MBEDTLS_MD2_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_MD2_ALT)
-// Regular implementation
-//
-
-/**
- * \brief MD2 context structure
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-typedef struct mbedtls_md2_context
-{
- unsigned char MBEDTLS_PRIVATE(cksum)[16]; /*!< checksum of the data block */
- unsigned char MBEDTLS_PRIVATE(state)[48]; /*!< intermediate digest state */
- unsigned char MBEDTLS_PRIVATE(buffer)[16]; /*!< data block being processed */
- size_t MBEDTLS_PRIVATE(left); /*!< amount of data in buffer */
-}
-mbedtls_md2_context;
-
-#else /* MBEDTLS_MD2_ALT */
-#include "md2_alt.h"
-#endif /* MBEDTLS_MD2_ALT */
-
-/**
- * \brief Initialize MD2 context
- *
- * \param ctx MD2 context to be initialized
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md2_init( mbedtls_md2_context *ctx );
-
-/**
- * \brief Clear MD2 context
- *
- * \param ctx MD2 context to be cleared
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md2_free( mbedtls_md2_context *ctx );
-
-/**
- * \brief Clone (the state of) an MD2 context
- *
- * \param dst The destination context
- * \param src The context to be cloned
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md2_clone( mbedtls_md2_context *dst,
- const mbedtls_md2_context *src );
-
-/**
- * \brief MD2 context setup
- *
- * \param ctx context to be initialized
- *
- * \return 0 if successful
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_starts( mbedtls_md2_context *ctx );
-
-/**
- * \brief MD2 process buffer
- *
- * \param ctx MD2 context
- * \param input buffer holding the data
- * \param ilen length of the input data
- *
- * \return 0 if successful
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_update( mbedtls_md2_context *ctx,
- const unsigned char *input,
- size_t ilen );
-
-/**
- * \brief MD2 final digest
- *
- * \param ctx MD2 context
- * \param output MD2 checksum result
- *
- * \return 0 if successful
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_finish( mbedtls_md2_context *ctx,
- unsigned char output[16] );
-
-/**
- * \brief MD2 process data block (internal use only)
- *
- * \param ctx MD2 context
- *
- * \return 0 if successful
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
-
-/**
- * \brief Output = MD2( input buffer )
- *
- * \param input buffer holding the data
- * \param ilen length of the input data
- * \param output MD2 checksum result
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_md2.h */
diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h
deleted file mode 100644
index 14f3bc3..0000000
--- a/include/mbedtls/md4.h
+++ /dev/null
@@ -1,207 +0,0 @@
-/**
- * \file md4.h
- *
- * \brief MD4 message digest algorithm (hash function)
- *
- * \warning MD4 is considered a weak message digest and its use constitutes a
- * security risk. We recommend considering stronger message digests
- * instead.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-#ifndef MBEDTLS_MD4_H
-#define MBEDTLS_MD4_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_MD4_ALT)
-// Regular implementation
-//
-
-/**
- * \brief MD4 context structure
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-typedef struct mbedtls_md4_context
-{
- uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */
- uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */
- unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */
-}
-mbedtls_md4_context;
-
-#else /* MBEDTLS_MD4_ALT */
-#include "md4_alt.h"
-#endif /* MBEDTLS_MD4_ALT */
-
-/**
- * \brief Initialize MD4 context
- *
- * \param ctx MD4 context to be initialized
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md4_init( mbedtls_md4_context *ctx );
-
-/**
- * \brief Clear MD4 context
- *
- * \param ctx MD4 context to be cleared
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md4_free( mbedtls_md4_context *ctx );
-
-/**
- * \brief Clone (the state of) an MD4 context
- *
- * \param dst The destination context
- * \param src The context to be cloned
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md4_clone( mbedtls_md4_context *dst,
- const mbedtls_md4_context *src );
-
-/**
- * \brief MD4 context setup
- *
- * \param ctx context to be initialized
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- */
-int mbedtls_md4_starts( mbedtls_md4_context *ctx );
-
-/**
- * \brief MD4 process buffer
- *
- * \param ctx MD4 context
- * \param input buffer holding the data
- * \param ilen length of the input data
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md4_update( mbedtls_md4_context *ctx,
- const unsigned char *input,
- size_t ilen );
-
-/**
- * \brief MD4 final digest
- *
- * \param ctx MD4 context
- * \param output MD4 checksum result
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md4_finish( mbedtls_md4_context *ctx,
- unsigned char output[16] );
-
-/**
- * \brief MD4 process data block (internal use only)
- *
- * \param ctx MD4 context
- * \param data buffer holding one block of data
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
- const unsigned char data[64] );
-
-/**
- * \brief Output = MD4( input buffer )
- *
- * \param input buffer holding the data
- * \param ilen length of the input data
- * \param output MD4 checksum result
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md4( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md4_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_md4.h */
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index c866ebe..1921042 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -231,8 +231,6 @@
* PKCS#1 OIDs
*/
#define MBEDTLS_OID_PKCS1_RSA MBEDTLS_OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */
-#define MBEDTLS_OID_PKCS1_MD2 MBEDTLS_OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */
-#define MBEDTLS_OID_PKCS1_MD4 MBEDTLS_OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */
#define MBEDTLS_OID_PKCS1_MD5 MBEDTLS_OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */
#define MBEDTLS_OID_PKCS1_SHA1 MBEDTLS_OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */
#define MBEDTLS_OID_PKCS1_SHA224 MBEDTLS_OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */
@@ -251,8 +249,6 @@
/*
* Digest algorithms
*/
-#define MBEDTLS_OID_DIGEST_ALG_MD2 MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */
-#define MBEDTLS_OID_DIGEST_ALG_MD4 MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */
#define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
@@ -303,8 +299,6 @@
/*
* PKCS#5 PBES1 algorithms
*/
-#define MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC MBEDTLS_OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */
-#define MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC MBEDTLS_OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */
#define MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC MBEDTLS_OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */
#define MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC MBEDTLS_OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */
#define MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC MBEDTLS_OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */
@@ -320,8 +314,6 @@
*/
#define MBEDTLS_OID_PKCS12_PBE MBEDTLS_OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */
-#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128 MBEDTLS_OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */
-#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40 MBEDTLS_OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */
#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */
#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */
#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC MBEDTLS_OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 85bf7c9..dec5111 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -498,7 +498,7 @@
* given the key type.
* \param sig_len On successful return,
* the number of bytes written to \p sig.
- * \param f_rng RNG function
+ * \param f_rng RNG function, must not be \c NULL.
* \param p_rng RNG parameter
*
* \return 0 on success, or a specific error code.
@@ -538,7 +538,7 @@
* given the key type.
* \param sig_len On successful return,
* the number of bytes written to \p sig.
- * \param f_rng RNG function
+ * \param f_rng RNG function, must not be \c NULL.
* \param p_rng RNG parameter
* \param rs_ctx Restart context (NULL to disable restart)
*
@@ -563,7 +563,7 @@
* \param output Decrypted output
* \param olen Decrypted message length
* \param osize Size of the output buffer
- * \param f_rng RNG function
+ * \param f_rng RNG function, must not be \c NULL.
* \param p_rng RNG parameter
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
@@ -584,9 +584,11 @@
* \param output Encrypted output
* \param olen Encrypted output length
* \param osize Size of the output buffer
- * \param f_rng RNG function
+ * \param f_rng RNG function, must not be \c NULL.
* \param p_rng RNG parameter
*
+ * \note \p f_rng is used for padding generation.
+ *
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
*
* \return 0 on success, or a specific error code.
@@ -601,6 +603,8 @@
*
* \param pub Context holding a public key.
* \param prv Context holding a private (and public) key.
+ * \param f_rng RNG function, must not be \c NULL.
+ * \param p_rng RNG parameter
*
* \return \c 0 on success (keys were checked and match each other).
* \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not
@@ -608,7 +612,10 @@
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
* \return Another non-zero value if the keys do not match.
*/
-int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
+int mbedtls_pk_check_pair( const mbedtls_pk_context *pub,
+ const mbedtls_pk_context *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng );
/**
* \brief Export debug information
@@ -660,6 +667,8 @@
* The empty password is not supported.
* \param pwdlen Size of the password in bytes.
* Ignored if \p pwd is \c NULL.
+ * \param f_rng RNG function, must not be \c NULL. Used for blinding.
+ * \param p_rng RNG parameter
*
* \note On entry, ctx must be empty, either freshly initialised
* with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
@@ -670,8 +679,9 @@
* \return 0 if successful, or a specific PK or PEM error code
*/
int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
- const unsigned char *key, size_t keylen,
- const unsigned char *pwd, size_t pwdlen );
+ const unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/** \ingroup pk_module */
/**
@@ -711,6 +721,8 @@
* Pass a null-terminated string if expecting an encrypted
* key; a non-encrypted key will also be accepted.
* The empty password is not supported.
+ * \param f_rng RNG function, must not be \c NULL. Used for blinding.
+ * \param p_rng RNG parameter
*
* \note On entry, ctx must be empty, either freshly initialised
* with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
@@ -721,7 +733,8 @@
* \return 0 if successful, or a specific PK or PEM error code
*/
int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
- const char *path, const char *password );
+ const char *path, const char *password,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/** \ingroup pk_module */
/**
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index 4b8ce7e..06092d3 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -54,25 +54,6 @@
/**
* \brief PKCS12 Password Based function (encryption / decryption)
- * for pbeWithSHAAnd128BitRC4
- *
- * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
- * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
- * \param pwd the password used (may be NULL if no password is used)
- * \param pwdlen length of the password (may be 0)
- * \param input the input data
- * \param len data length
- * \param output the output buffer
- *
- * \return 0 if successful, or a MBEDTLS_ERR_XXX code
- */
-int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
- const unsigned char *pwd, size_t pwdlen,
- const unsigned char *input, size_t len,
- unsigned char *output );
-
-/**
- * \brief PKCS12 Password Based function (encryption / decryption)
* for cipher-based and mbedtls_md-based PBE's
*
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index d5feecb..d7b9b17 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -121,14 +121,6 @@
{
switch( md_alg )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( PSA_ALG_MD2 );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( PSA_ALG_MD4 );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( PSA_ALG_MD5 );
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index b2f5c67..603615b 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -933,6 +933,8 @@
unsigned char MBEDTLS_PRIVATE(id)[32]; /*!< session identifier */
unsigned char MBEDTLS_PRIVATE(master)[48]; /*!< the master secret */
+ unsigned char exported;
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
mbedtls_x509_crt *MBEDTLS_PRIVATE(peer_cert); /*!< peer X.509 cert chain */
@@ -1535,7 +1537,7 @@
* \brief Set the random number generator callback
*
* \param conf SSL configuration
- * \param f_rng RNG function
+ * \param f_rng RNG function (mandatory)
* \param p_rng RNG parameter
*/
void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
@@ -2391,18 +2393,49 @@
#if defined(MBEDTLS_SSL_CLI_C)
/**
- * \brief Request resumption of session (client-side only)
- * Session data is copied from presented session structure.
+ * \brief Load a session for session resumption.
*
- * \param ssl SSL context
- * \param session session context
+ * Sessions loaded through this call will be considered
+ * for session resumption in the next handshake.
*
- * \return 0 if successful,
- * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed,
- * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
- * arguments are otherwise invalid
+ * \note Even if this call succeeds, it is not guaranteed that
+ * the next handshake will indeed be shortened through the
+ * use of session resumption: The server is always free
+ * to reject any attempt for resumption and fall back to
+ * a full handshake.
+ *
+ * \note This function can handle a variety of mechanisms for session
+ * resumption: For TLS 1.2, both session ID-based resumption and
+ * ticket-based resumption will be considered. For TLS 1.3,
+ * once implemented, sessions equate to tickets, and loading
+ * one or more sessions via this call will lead to their
+ * corresponding tickets being advertised as resumption PSKs
+ * by the client.
+ *
+ * \note Calling this function multiple times will only be useful
+ * once TLS 1.3 is supported. For TLS 1.2 connections, this
+ * function should be called at most once.
+ *
+ * \param ssl The SSL context representing the connection which should
+ * be attempted to be setup using session resumption. This
+ * must be initialized via mbedtls_ssl_init() and bound to
+ * an SSL configuration via mbedtls_ssl_setup(), but
+ * the handshake must not yet have been started.
+ * \param session The session to be considered for session resumption.
+ * This must be a session previously exported via
+ * mbedtls_ssl_get_session(), and potentially serialized and
+ * deserialized through mbedtls_ssl_session_save() and
+ * mbedtls_ssl_session_load() in the meantime.
+ *
+ * \return \c 0 if successful.
+ * \return \c MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if the session
+ * could not be loaded because of an implementation limitation.
+ * This error is non-fatal, and has no observable effect on
+ * the SSL context or the session that was attempted to be loaded.
+ * \return Another negative error code on other kinds of failure.
*
* \sa mbedtls_ssl_get_session()
+ * \sa mbedtls_ssl_session_load()
*/
int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session );
#endif /* MBEDTLS_SSL_CLI_C */
@@ -2451,7 +2484,6 @@
* of session cache or session tickets.
*
* \see mbedtls_ssl_session_load()
- * \see mbedtls_ssl_get_session_pointer()
*
* \param session The session structure to be saved.
* \param buf The buffer to write the serialized data to. It must be a
@@ -2475,23 +2507,6 @@
size_t *olen );
/**
- * \brief Get a pointer to the current session structure, for example
- * to serialize it.
- *
- * \warning Ownership of the session remains with the SSL context, and
- * the returned pointer is only guaranteed to be valid until
- * the next API call operating on the same \p ssl context.
- *
- * \see mbedtls_ssl_session_save()
- *
- * \param ssl The SSL context.
- *
- * \return A pointer to the current session if successful.
- * \return \c NULL if no session is active.
- */
-const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl );
-
-/**
* \brief Set the list of allowed ciphersuites and the preference
* order. First in the list has the highest preference.
* (Overrides all version-specific lists)
@@ -3642,32 +3657,41 @@
#if defined(MBEDTLS_SSL_CLI_C)
/**
- * \brief Save session in order to resume it later (client-side only)
- * Session data is copied to presented session structure.
+ * \brief Export a session in order to resume it later.
*
+ * \param ssl The SSL context representing the connection for which to
+ * to export a session structure for later resumption.
+ * \param session The target structure in which to store the exported session.
+ * This must have been initialized with mbedtls_ssl_init_session()
+ * but otherwise be unused.
*
- * \param ssl SSL context
- * \param session session context
+ * \note This function can handle a variety of mechanisms for session
+ * resumption: For TLS 1.2, both session ID-based resumption and
+ * ticket-based resumption will be considered. For TLS 1.3,
+ * once implemented, sessions equate to tickets, and calling
+ * this function multiple times will export the available
+ * tickets one a time until no further tickets are available,
+ * in which case MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE will
+ * be returned.
*
- * \return 0 if successful,
- * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed,
- * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
- * arguments are otherwise invalid.
+ * \note Calling this function multiple times will only be useful
+ * once TLS 1.3 is supported. For TLS 1.2 connections, this
+ * function should be called at most once.
*
- * \note Only the server certificate is copied, and not the full chain,
- * so you should not attempt to validate the certificate again
- * by calling \c mbedtls_x509_crt_verify() on it.
- * Instead, you should use the results from the verification
- * in the original handshake by calling \c mbedtls_ssl_get_verify_result()
- * after loading the session again into a new SSL context
- * using \c mbedtls_ssl_set_session().
- *
- * \note Once the session object is not needed anymore, you should
- * free it by calling \c mbedtls_ssl_session_free().
+ * \return \c 0 if successful. In this case, \p session can be used for
+ * session resumption by passing it to mbedtls_ssl_set_session(),
+ * and serialized for storage via mbedtls_ssl_session_save().
+ * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no further session
+ * is available for export.
+ * This error is a non-fatal, and has no observable effect on
+ * the SSL context or the destination session.
+ * \return Another negative error code on other kinds of failure.
*
* \sa mbedtls_ssl_set_session()
+ * \sa mbedtls_ssl_session_save()
*/
-int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session );
+int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
+ mbedtls_ssl_session *session );
#endif /* MBEDTLS_SSL_CLI_C */
/**
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index 871eec3..1047dbb 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -90,7 +90,7 @@
* \brief Prepare context to be actually used
*
* \param ctx Context to be set up
- * \param f_rng RNG callback function
+ * \param f_rng RNG callback function (mandatory)
* \param p_rng RNG callback context
* \param cipher AEAD cipher to use for ticket protection.
* Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h
index 7669bb9..6ffc812 100644
--- a/include/mbedtls/timing.h
+++ b/include/mbedtls/timing.h
@@ -61,52 +61,10 @@
#include "timing_alt.h"
#endif /* MBEDTLS_TIMING_ALT */
-extern volatile int mbedtls_timing_alarmed;
-
-/**
- * \brief Return the CPU cycle counter value
- *
- * \warning This is only a best effort! Do not rely on this!
- * In particular, it is known to be unreliable on virtual
- * machines.
- *
- * \note This value starts at an unspecified origin and
- * may wrap around.
- */
-unsigned long mbedtls_timing_hardclock( void );
-
-/**
- * \brief Return the elapsed time in milliseconds
- *
- * \param val points to a timer structure
- * \param reset If 0, query the elapsed time. Otherwise (re)start the timer.
- *
- * \return Elapsed time since the previous reset in ms. When
- * restarting, this is always 0.
- *
- * \note To initialize a timer, call this function with reset=1.
- *
- * Determining the elapsed time and resetting the timer is not
- * atomic on all platforms, so after the sequence
- * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 =
- * get_timer(0) }` the value time1+time2 is only approximately
- * the delay since the first reset.
- */
+/* Internal use */
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset );
/**
- * \brief Setup an alarm clock
- *
- * \param seconds delay before the "mbedtls_timing_alarmed" flag is set
- * (must be >=0)
- *
- * \warning Only one alarm at a time is supported. In a threaded
- * context, this means one for the whole process, not one per
- * thread.
- */
-void mbedtls_set_alarm( int seconds );
-
-/**
* \brief Set a pair of delays to watch
* (See \c mbedtls_timing_get_delay().)
*
@@ -136,15 +94,6 @@
*/
int mbedtls_timing_get_delay( void *data );
-#if defined(MBEDTLS_SELF_TEST)
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if a test failed
- */
-int mbedtls_timing_self_test( int verbose );
-#endif
-
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index d383168..5c5509c 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -1108,16 +1108,13 @@
* \param ctx certificate to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function (for signature, see note)
+ * \param f_rng RNG function. This must not be \c NULL.
* \param p_rng RNG parameter
*
* \return length of data written if successful, or a specific
* error code
*
- * \note f_rng may be NULL if RSA is used for signature and the
- * signature is made offline (otherwise f_rng is desirable
- * for countermeasures against timing attacks).
- * ECDSA signatures always require a non-NULL f_rng.
+ * \note \p f_rng is used for the signature operation.
*/
int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -1130,15 +1127,12 @@
* \param ctx certificate to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function (for signature, see note)
+ * \param f_rng RNG function. This must not be \c NULL.
* \param p_rng RNG parameter
*
* \return 0 if successful, or a specific error code
*
- * \note f_rng may be NULL if RSA is used for signature and the
- * signature is made offline (otherwise f_rng is desirable
- * for countermeasures against timing attacks).
- * ECDSA signatures always require a non-NULL f_rng.
+ * \note \p f_rng is used for the signature operation.
*/
int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index 0a069df..a0f1278 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -264,16 +264,13 @@
* \param ctx CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function (for signature, see note)
+ * \param f_rng RNG function. This must not be \c NULL.
* \param p_rng RNG parameter
*
* \return length of data written if successful, or a specific
* error code
*
- * \note f_rng may be NULL if RSA is used for signature and the
- * signature is made offline (otherwise f_rng is desirable
- * for countermeasures against timing attacks).
- * ECDSA signatures always require a non-NULL f_rng.
+ * \note \p f_rng is used for the signature operation.
*/
int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -287,15 +284,12 @@
* \param ctx CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function (for signature, see note)
+ * \param f_rng RNG function. This must not be \c NULL.
* \param p_rng RNG parameter
*
* \return 0 if successful, or a specific error code
*
- * \note f_rng may be NULL if RSA is used for signature and the
- * signature is made offline (otherwise f_rng is desirable
- * for countermeasures against timing attacks).
- * ECDSA signatures always require a non-NULL f_rng.
+ * \note \p f_rng is used for the signature operation.
*/
int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h
deleted file mode 100644
index 72c998e..0000000
--- a/include/mbedtls/xtea.h
+++ /dev/null
@@ -1,135 +0,0 @@
-/**
- * \file xtea.h
- *
- * \brief XTEA block cipher (32-bit)
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef MBEDTLS_XTEA_H
-#define MBEDTLS_XTEA_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_XTEA_ENCRYPT 1
-#define MBEDTLS_XTEA_DECRYPT 0
-
-#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_XTEA_ALT)
-// Regular implementation
-//
-
-/**
- * \brief XTEA context structure
- */
-typedef struct mbedtls_xtea_context
-{
- uint32_t MBEDTLS_PRIVATE(k)[4]; /*!< key */
-}
-mbedtls_xtea_context;
-
-#else /* MBEDTLS_XTEA_ALT */
-#include "xtea_alt.h"
-#endif /* MBEDTLS_XTEA_ALT */
-
-/**
- * \brief Initialize XTEA context
- *
- * \param ctx XTEA context to be initialized
- */
-void mbedtls_xtea_init( mbedtls_xtea_context *ctx );
-
-/**
- * \brief Clear XTEA context
- *
- * \param ctx XTEA context to be cleared
- */
-void mbedtls_xtea_free( mbedtls_xtea_context *ctx );
-
-/**
- * \brief XTEA key schedule
- *
- * \param ctx XTEA context to be initialized
- * \param key the secret key
- */
-void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] );
-
-/**
- * \brief XTEA cipher function
- *
- * \param ctx XTEA context
- * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
- * \param input 8-byte input block
- * \param output 8-byte output block
- *
- * \return 0 if successful
- */
-int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx,
- int mode,
- const unsigned char input[8],
- unsigned char output[8] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief XTEA CBC cipher function
- *
- * \param ctx XTEA context
- * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
- * \param length the length of input, multiple of 8
- * \param iv initialization vector for CBC mode
- * \param input input block
- * \param output output block
- *
- * \return 0 if successful,
- * MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
- */
-int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[8],
- const unsigned char *input,
- unsigned char *output);
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- */
-int mbedtls_xtea_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* xtea.h */
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 534902f..3532fef 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3682,7 +3682,6 @@
* The following key types defined in this specification follow this scheme:
*
* - #PSA_KEY_TYPE_AES;
- * - #PSA_KEY_TYPE_ARC4;
* - #PSA_KEY_TYPE_CAMELLIA;
* - #PSA_KEY_TYPE_DERIVE;
* - #PSA_KEY_TYPE_HMAC;
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index 674c7d0..20451c9 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -40,17 +40,13 @@
* Hash multi-part operation definitions.
*/
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
@@ -66,12 +62,6 @@
union
{
unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD2_C)
- mbedtls_md2_context MBEDTLS_PRIVATE(md2);
-#endif
-#if defined(MBEDTLS_MD4_C)
- mbedtls_md4_context MBEDTLS_PRIVATE(md4);
-#endif
#if defined(MBEDTLS_MD5_C)
mbedtls_md5_context MBEDTLS_PRIVATE(md5);
#endif
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index eb16492..32ef1c2 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -69,8 +69,6 @@
#define PSA_WANT_ALG_GCM 1
#define PSA_WANT_ALG_HKDF 1
#define PSA_WANT_ALG_HMAC 1
-#define PSA_WANT_ALG_MD2 1
-#define PSA_WANT_ALG_MD4 1
#define PSA_WANT_ALG_MD5 1
#define PSA_WANT_ALG_OFB 1
/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS.
@@ -118,7 +116,6 @@
#define PSA_WANT_KEY_TYPE_DERIVE 1
#define PSA_WANT_KEY_TYPE_HMAC 1
#define PSA_WANT_KEY_TYPE_AES 1
-#define PSA_WANT_KEY_TYPE_ARC4 1
#define PSA_WANT_KEY_TYPE_CAMELLIA 1
#define PSA_WANT_KEY_TYPE_CHACHA20 1
#define PSA_WANT_KEY_TYPE_DES 1
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 79f9673..15cdb41 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -68,8 +68,6 @@
*/
#define PSA_HASH_LENGTH(alg) \
( \
- PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \
- PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 31a6464..391ae60 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -481,12 +481,6 @@
* Camellia block cipher. */
#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403)
-/** Key for the RC4 stream cipher.
- *
- * Note that RC4 is weak and deprecated and should only be used in
- * legacy protocols. */
-#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002)
-
/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
*
* ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539.
@@ -850,10 +844,6 @@
(alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG)
#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
-/** MD2 */
-#define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001)
-/** MD4 */
-#define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002)
/** MD5 */
#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
/** PSA_ALG_RIPEMD160 */
@@ -1115,7 +1105,6 @@
*
* The underlying stream cipher is determined by the key type.
* - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20.
- * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4.
*/
#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100)
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index f31820a..d6ecba5 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -13,13 +13,11 @@
set(src_crypto
aes.c
aesni.c
- arc4.c
aria.c
asn1parse.c
asn1write.c
base64.c
bignum.c
- blowfish.c
camellia.c
ccm.c
chacha20.c
@@ -42,8 +40,6 @@
hkdf.c
hmac_drbg.c
md.c
- md2.c
- md4.c
md5.c
memory_buffer_alloc.c
mps_reader.c
@@ -84,7 +80,6 @@
timing.c
version.c
version_features.c
- xtea.c
)
list(APPEND src_crypto ${thirdparty_src})
diff --git a/library/Makefile b/library/Makefile
index 90a477d..62fd997 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -72,13 +72,11 @@
OBJS_CRYPTO= \
aes.o \
aesni.o \
- arc4.o \
aria.o \
asn1parse.o \
asn1write.o \
base64.o \
bignum.o \
- blowfish.o \
camellia.o \
ccm.o \
chacha20.o \
@@ -101,8 +99,6 @@
hkdf.o \
hmac_drbg.o \
md.o \
- md2.o \
- md4.o \
md5.o \
memory_buffer_alloc.o \
mps_reader.o \
@@ -143,7 +139,6 @@
timing.o \
version.o \
version_features.o \
- xtea.o \
# This line is intentionally left blank
include ../3rdparty/Makefile.inc
diff --git a/library/arc4.c b/library/arc4.c
deleted file mode 100644
index b34dc5e..0000000
--- a/library/arc4.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/*
- * An implementation of the ARCFOUR algorithm
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * The ARCFOUR algorithm was publicly disclosed on 94/09.
- *
- * http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ARC4_C)
-
-#include "mbedtls/arc4.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_ARC4_ALT)
-
-void mbedtls_arc4_init( mbedtls_arc4_context *ctx )
-{
- memset( ctx, 0, sizeof( mbedtls_arc4_context ) );
-}
-
-void mbedtls_arc4_free( mbedtls_arc4_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_arc4_context ) );
-}
-
-/*
- * ARC4 key schedule
- */
-void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
- unsigned int keylen )
-{
- int i, j, a;
- unsigned int k;
- unsigned char *m;
-
- ctx->x = 0;
- ctx->y = 0;
- m = ctx->m;
-
- for( i = 0; i < 256; i++ )
- m[i] = (unsigned char) i;
-
- j = k = 0;
-
- for( i = 0; i < 256; i++, k++ )
- {
- if( k >= keylen ) k = 0;
-
- a = m[i];
- j = ( j + a + key[k] ) & 0xFF;
- m[i] = m[j];
- m[j] = (unsigned char) a;
- }
-}
-
-/*
- * ARC4 cipher function
- */
-int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
- unsigned char *output )
-{
- int x, y, a, b;
- size_t i;
- unsigned char *m;
-
- x = ctx->x;
- y = ctx->y;
- m = ctx->m;
-
- for( i = 0; i < length; i++ )
- {
- x = ( x + 1 ) & 0xFF; a = m[x];
- y = ( y + a ) & 0xFF; b = m[y];
-
- m[x] = (unsigned char) b;
- m[y] = (unsigned char) a;
-
- output[i] = (unsigned char)
- ( input[i] ^ m[(unsigned char)( a + b )] );
- }
-
- ctx->x = x;
- ctx->y = y;
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_ARC4_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
- *
- * http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0
- */
-static const unsigned char arc4_test_key[3][8] =
-{
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char arc4_test_pt[3][8] =
-{
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char arc4_test_ct[3][8] =
-{
- { 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 },
- { 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 },
- { 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_arc4_self_test( int verbose )
-{
- int i, ret = 0;
- unsigned char ibuf[8];
- unsigned char obuf[8];
- mbedtls_arc4_context ctx;
-
- mbedtls_arc4_init( &ctx );
-
- for( i = 0; i < 3; i++ )
- {
- if( verbose != 0 )
- mbedtls_printf( " ARC4 test #%d: ", i + 1 );
-
- memcpy( ibuf, arc4_test_pt[i], 8 );
-
- mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 );
- mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf );
-
- if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- ret = 1;
- goto exit;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
- }
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
-exit:
- mbedtls_arc4_free( &ctx );
-
- return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_ARC4_C */
diff --git a/library/blowfish.c b/library/blowfish.c
deleted file mode 100644
index 76da448..0000000
--- a/library/blowfish.c
+++ /dev/null
@@ -1,690 +0,0 @@
-/*
- * Blowfish implementation
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * The Blowfish block cipher was designed by Bruce Schneier in 1993.
- * http://www.schneier.com/blowfish.html
- * http://en.wikipedia.org/wiki/Blowfish_%28cipher%29
- *
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_BLOWFISH_C)
-
-#include "mbedtls/blowfish.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if !defined(MBEDTLS_BLOWFISH_ALT)
-
-/* Parameter validation macros */
-#define BLOWFISH_VALIDATE_RET( cond ) \
- MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA )
-#define BLOWFISH_VALIDATE( cond ) \
- MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
-static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
- 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
- 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
- 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
- 0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
- 0x9216D5D9L, 0x8979FB1BL
-};
-
-/* declarations of data at the end of this file */
-static const uint32_t S[4][256];
-
-static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x )
-{
- unsigned short a, b, c, d;
- uint32_t y;
-
- d = (unsigned short)(x & 0xFF);
- x >>= 8;
- c = (unsigned short)(x & 0xFF);
- x >>= 8;
- b = (unsigned short)(x & 0xFF);
- x >>= 8;
- a = (unsigned short)(x & 0xFF);
- y = ctx->S[0][a] + ctx->S[1][b];
- y = y ^ ctx->S[2][c];
- y = y + ctx->S[3][d];
-
- return( y );
-}
-
-static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
-{
- uint32_t Xl, Xr, temp;
- short i;
-
- Xl = *xl;
- Xr = *xr;
-
- for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i )
- {
- Xl = Xl ^ ctx->P[i];
- Xr = F( ctx, Xl ) ^ Xr;
-
- temp = Xl;
- Xl = Xr;
- Xr = temp;
- }
-
- temp = Xl;
- Xl = Xr;
- Xr = temp;
-
- Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS];
- Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1];
-
- *xl = Xl;
- *xr = Xr;
-}
-
-static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
-{
- uint32_t Xl, Xr, temp;
- short i;
-
- Xl = *xl;
- Xr = *xr;
-
- for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i )
- {
- Xl = Xl ^ ctx->P[i];
- Xr = F( ctx, Xl ) ^ Xr;
-
- temp = Xl;
- Xl = Xr;
- Xr = temp;
- }
-
- temp = Xl;
- Xl = Xr;
- Xr = temp;
-
- Xr = Xr ^ ctx->P[1];
- Xl = Xl ^ ctx->P[0];
-
- *xl = Xl;
- *xr = Xr;
-}
-
-void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
-{
- BLOWFISH_VALIDATE( ctx != NULL );
- memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
-}
-
-void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_blowfish_context ) );
-}
-
-/*
- * Blowfish key schedule
- */
-int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx,
- const unsigned char *key,
- unsigned int keybits )
-{
- unsigned int i, j, k;
- uint32_t data, datal, datar;
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( key != NULL );
-
- if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS ||
- keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS ||
- keybits % 8 != 0 )
- {
- return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
- }
-
- keybits >>= 3;
-
- for( i = 0; i < 4; i++ )
- {
- for( j = 0; j < 256; j++ )
- ctx->S[i][j] = S[i][j];
- }
-
- j = 0;
- for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i )
- {
- data = 0x00000000;
- for( k = 0; k < 4; ++k )
- {
- data = ( data << 8 ) | key[j++];
- if( j >= keybits )
- j = 0;
- }
- ctx->P[i] = P[i] ^ data;
- }
-
- datal = 0x00000000;
- datar = 0x00000000;
-
- for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 )
- {
- blowfish_enc( ctx, &datal, &datar );
- ctx->P[i] = datal;
- ctx->P[i + 1] = datar;
- }
-
- for( i = 0; i < 4; i++ )
- {
- for( j = 0; j < 256; j += 2 )
- {
- blowfish_enc( ctx, &datal, &datar );
- ctx->S[i][j] = datal;
- ctx->S[i][j + 1] = datar;
- }
- }
- return( 0 );
-}
-
-/*
- * Blowfish-ECB block encryption/decryption
- */
-int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
- int mode,
- const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
- unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
-{
- uint32_t X0, X1;
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
- mode == MBEDTLS_BLOWFISH_DECRYPT );
- BLOWFISH_VALIDATE_RET( input != NULL );
- BLOWFISH_VALIDATE_RET( output != NULL );
-
- GET_UINT32_BE( X0, input, 0 );
- GET_UINT32_BE( X1, input, 4 );
-
- if( mode == MBEDTLS_BLOWFISH_DECRYPT )
- {
- blowfish_dec( ctx, &X0, &X1 );
- }
- else /* MBEDTLS_BLOWFISH_ENCRYPT */
- {
- blowfish_enc( ctx, &X0, &X1 );
- }
-
- PUT_UINT32_BE( X0, output, 0 );
- PUT_UINT32_BE( X1, output, 4 );
-
- return( 0 );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * Blowfish-CBC buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output )
-{
- int i;
- unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
- mode == MBEDTLS_BLOWFISH_DECRYPT );
- BLOWFISH_VALIDATE_RET( iv != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
- if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
- return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
-
- if( mode == MBEDTLS_BLOWFISH_DECRYPT )
- {
- while( length > 0 )
- {
- memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE );
- mbedtls_blowfish_crypt_ecb( ctx, mode, input, output );
-
- for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ )
- output[i] = (unsigned char)( output[i] ^ iv[i] );
-
- memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE );
-
- input += MBEDTLS_BLOWFISH_BLOCKSIZE;
- output += MBEDTLS_BLOWFISH_BLOCKSIZE;
- length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
- }
- else
- {
- while( length > 0 )
- {
- for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ )
- output[i] = (unsigned char)( input[i] ^ iv[i] );
-
- mbedtls_blowfish_crypt_ecb( ctx, mode, output, output );
- memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE );
-
- input += MBEDTLS_BLOWFISH_BLOCKSIZE;
- output += MBEDTLS_BLOWFISH_BLOCKSIZE;
- length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
- }
-
- return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/*
- * Blowfish CFB buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
- int mode,
- size_t length,
- size_t *iv_off,
- unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output )
-{
- int c;
- size_t n;
-
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
- mode == MBEDTLS_BLOWFISH_DECRYPT );
- BLOWFISH_VALIDATE_RET( iv != NULL );
- BLOWFISH_VALIDATE_RET( iv_off != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
- n = *iv_off;
- if( n >= 8 )
- return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
-
- if( mode == MBEDTLS_BLOWFISH_DECRYPT )
- {
- while( length-- )
- {
- if( n == 0 )
- mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
-
- c = *input++;
- *output++ = (unsigned char)( c ^ iv[n] );
- iv[n] = (unsigned char) c;
-
- n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
- }
- else
- {
- while( length-- )
- {
- if( n == 0 )
- mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
-
- iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
-
- n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
- }
-
- *iv_off = n;
-
- return( 0 );
-}
-#endif /*MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/*
- * Blowfish CTR buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
- size_t length,
- size_t *nc_off,
- unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
- unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output )
-{
- int c, i;
- size_t n;
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( nonce_counter != NULL );
- BLOWFISH_VALIDATE_RET( stream_block != NULL );
- BLOWFISH_VALIDATE_RET( nc_off != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
- n = *nc_off;
- if( n >= 8 )
- return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
-
- while( length-- )
- {
- if( n == 0 ) {
- mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
- stream_block );
-
- for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- )
- if( ++nonce_counter[i - 1] != 0 )
- break;
- }
- c = *input++;
- *output++ = (unsigned char)( c ^ stream_block[n] );
-
- n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
-
- *nc_off = n;
-
- return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-static const uint32_t S[4][256] = {
- { 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
- 0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L,
- 0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L,
- 0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL,
- 0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL,
- 0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L,
- 0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL,
- 0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL,
- 0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L,
- 0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L,
- 0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL,
- 0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL,
- 0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL,
- 0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L,
- 0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L,
- 0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L,
- 0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L,
- 0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L,
- 0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL,
- 0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L,
- 0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L,
- 0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L,
- 0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L,
- 0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL,
- 0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L,
- 0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL,
- 0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL,
- 0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L,
- 0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL,
- 0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L,
- 0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL,
- 0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L,
- 0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L,
- 0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL,
- 0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L,
- 0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L,
- 0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL,
- 0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L,
- 0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL,
- 0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L,
- 0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L,
- 0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL,
- 0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L,
- 0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L,
- 0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L,
- 0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L,
- 0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L,
- 0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL,
- 0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL,
- 0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L,
- 0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L,
- 0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L,
- 0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L,
- 0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL,
- 0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L,
- 0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL,
- 0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL,
- 0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L,
- 0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L,
- 0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L,
- 0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L,
- 0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L,
- 0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L,
- 0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL },
- { 0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L,
- 0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L,
- 0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L,
- 0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL,
- 0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L,
- 0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L,
- 0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL,
- 0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L,
- 0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L,
- 0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L,
- 0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL,
- 0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL,
- 0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L,
- 0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L,
- 0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L,
- 0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L,
- 0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL,
- 0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL,
- 0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL,
- 0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L,
- 0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL,
- 0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L,
- 0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L,
- 0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL,
- 0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL,
- 0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L,
- 0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL,
- 0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L,
- 0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL,
- 0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL,
- 0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L,
- 0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L,
- 0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L,
- 0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L,
- 0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L,
- 0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L,
- 0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L,
- 0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL,
- 0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L,
- 0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL,
- 0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L,
- 0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L,
- 0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L,
- 0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L,
- 0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L,
- 0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L,
- 0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L,
- 0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L,
- 0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L,
- 0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L,
- 0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L,
- 0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L,
- 0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L,
- 0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L,
- 0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L,
- 0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L,
- 0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL,
- 0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL,
- 0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L,
- 0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL,
- 0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L,
- 0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L,
- 0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L,
- 0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L },
- { 0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L,
- 0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L,
- 0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL,
- 0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L,
- 0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L,
- 0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L,
- 0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL,
- 0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL,
- 0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL,
- 0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L,
- 0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L,
- 0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL,
- 0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L,
- 0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL,
- 0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L,
- 0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL,
- 0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L,
- 0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL,
- 0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L,
- 0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL,
- 0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L,
- 0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L,
- 0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL,
- 0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L,
- 0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L,
- 0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L,
- 0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L,
- 0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL,
- 0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L,
- 0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL,
- 0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L,
- 0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL,
- 0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L,
- 0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL,
- 0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL,
- 0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL,
- 0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L,
- 0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L,
- 0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL,
- 0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL,
- 0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL,
- 0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL,
- 0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL,
- 0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L,
- 0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L,
- 0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L,
- 0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L,
- 0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL,
- 0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL,
- 0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L,
- 0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L,
- 0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L,
- 0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L,
- 0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L,
- 0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L,
- 0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L,
- 0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L,
- 0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L,
- 0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L,
- 0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL,
- 0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L,
- 0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL,
- 0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L,
- 0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L },
- { 0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL,
- 0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL,
- 0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL,
- 0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L,
- 0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L,
- 0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L,
- 0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L,
- 0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L,
- 0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L,
- 0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L,
- 0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L,
- 0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L,
- 0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L,
- 0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L,
- 0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L,
- 0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL,
- 0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL,
- 0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L,
- 0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL,
- 0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL,
- 0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL,
- 0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L,
- 0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL,
- 0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL,
- 0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L,
- 0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L,
- 0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L,
- 0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L,
- 0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL,
- 0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL,
- 0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L,
- 0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L,
- 0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L,
- 0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL,
- 0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L,
- 0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L,
- 0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L,
- 0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL,
- 0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L,
- 0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L,
- 0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L,
- 0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL,
- 0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL,
- 0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L,
- 0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L,
- 0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L,
- 0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L,
- 0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL,
- 0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L,
- 0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL,
- 0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL,
- 0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L,
- 0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L,
- 0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL,
- 0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L,
- 0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL,
- 0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L,
- 0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL,
- 0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L,
- 0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L,
- 0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL,
- 0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L,
- 0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL,
- 0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L }
-};
-
-#endif /* !MBEDTLS_BLOWFISH_ALT */
-#endif /* MBEDTLS_BLOWFISH_C */
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 7f23387..5776d5e 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -36,10 +36,6 @@
#include "mbedtls/aes.h"
#endif
-#if defined(MBEDTLS_ARC4_C)
-#include "mbedtls/arc4.h"
-#endif
-
#if defined(MBEDTLS_CAMELLIA_C)
#include "mbedtls/camellia.h"
#endif
@@ -52,10 +48,6 @@
#include "mbedtls/des.h"
#endif
-#if defined(MBEDTLS_BLOWFISH_C)
-#include "mbedtls/blowfish.h"
-#endif
-
#if defined(MBEDTLS_CHACHA20_C)
#include "mbedtls/chacha20.h"
#endif
@@ -1674,225 +1666,6 @@
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#endif /* MBEDTLS_DES_C */
-#if defined(MBEDTLS_BLOWFISH_C)
-
-static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
- const unsigned char *input, unsigned char *output )
-{
- return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input,
- output );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation,
- size_t length, unsigned char *iv, const unsigned char *input,
- unsigned char *output )
-{
- return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv,
- input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation,
- size_t length, size_t *iv_off, unsigned char *iv,
- const unsigned char *input, unsigned char *output )
-{
- return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length,
- iv_off, iv, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
- unsigned char *nonce_counter, unsigned char *stream_block,
- const unsigned char *input, unsigned char *output )
-{
- return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off,
- nonce_counter, stream_block, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-static int blowfish_setkey_wrap( void *ctx, const unsigned char *key,
- unsigned int key_bitlen )
-{
- return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen );
-}
-
-static void * blowfish_ctx_alloc( void )
-{
- mbedtls_blowfish_context *ctx;
- ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) );
-
- if( ctx == NULL )
- return( NULL );
-
- mbedtls_blowfish_init( ctx );
-
- return( ctx );
-}
-
-static void blowfish_ctx_free( void *ctx )
-{
- mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t blowfish_info = {
- MBEDTLS_CIPHER_ID_BLOWFISH,
- blowfish_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- blowfish_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
- blowfish_crypt_cfb64_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
- blowfish_crypt_ctr_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
- NULL,
-#endif
- blowfish_setkey_wrap,
- blowfish_setkey_wrap,
- blowfish_ctx_alloc,
- blowfish_ctx_free
-};
-
-static const mbedtls_cipher_info_t blowfish_ecb_info = {
- MBEDTLS_CIPHER_BLOWFISH_ECB,
- MBEDTLS_MODE_ECB,
- 128,
- "BLOWFISH-ECB",
- 0,
- MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
- 8,
- &blowfish_info
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t blowfish_cbc_info = {
- MBEDTLS_CIPHER_BLOWFISH_CBC,
- MBEDTLS_MODE_CBC,
- 128,
- "BLOWFISH-CBC",
- 8,
- MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
- 8,
- &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static const mbedtls_cipher_info_t blowfish_cfb64_info = {
- MBEDTLS_CIPHER_BLOWFISH_CFB64,
- MBEDTLS_MODE_CFB,
- 128,
- "BLOWFISH-CFB64",
- 8,
- MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
- 8,
- &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static const mbedtls_cipher_info_t blowfish_ctr_info = {
- MBEDTLS_CIPHER_BLOWFISH_CTR,
- MBEDTLS_MODE_CTR,
- 128,
- "BLOWFISH-CTR",
- 8,
- MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
- 8,
- &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-#endif /* MBEDTLS_BLOWFISH_C */
-
-#if defined(MBEDTLS_ARC4_C)
-static int arc4_crypt_stream_wrap( void *ctx, size_t length,
- const unsigned char *input,
- unsigned char *output )
-{
- return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) );
-}
-
-static int arc4_setkey_wrap( void *ctx, const unsigned char *key,
- unsigned int key_bitlen )
-{
- /* we get key_bitlen in bits, arc4 expects it in bytes */
- if( key_bitlen % 8 != 0 )
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
- mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 );
- return( 0 );
-}
-
-static void * arc4_ctx_alloc( void )
-{
- mbedtls_arc4_context *ctx;
- ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) );
-
- if( ctx == NULL )
- return( NULL );
-
- mbedtls_arc4_init( ctx );
-
- return( ctx );
-}
-
-static void arc4_ctx_free( void *ctx )
-{
- mbedtls_arc4_free( (mbedtls_arc4_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t arc4_base_info = {
- MBEDTLS_CIPHER_ID_ARC4,
- NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
- arc4_crypt_stream_wrap,
-#endif
- arc4_setkey_wrap,
- arc4_setkey_wrap,
- arc4_ctx_alloc,
- arc4_ctx_free
-};
-
-static const mbedtls_cipher_info_t arc4_128_info = {
- MBEDTLS_CIPHER_ARC4_128,
- MBEDTLS_MODE_STREAM,
- 128,
- "ARC4-128",
- 0,
- 0,
- 1,
- &arc4_base_info
-};
-#endif /* MBEDTLS_ARC4_C */
-
#if defined(MBEDTLS_CHACHA20_C)
static int chacha20_setkey_wrap( void *ctx, const unsigned char *key,
@@ -2285,23 +2058,6 @@
#endif
#endif /* MBEDTLS_AES_C */
-#if defined(MBEDTLS_ARC4_C)
- { MBEDTLS_CIPHER_ARC4_128, &arc4_128_info },
-#endif
-
-#if defined(MBEDTLS_BLOWFISH_C)
- { MBEDTLS_CIPHER_BLOWFISH_ECB, &blowfish_ecb_info },
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- { MBEDTLS_CIPHER_BLOWFISH_CBC, &blowfish_cbc_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
- { MBEDTLS_CIPHER_BLOWFISH_CFB64, &blowfish_cfb64_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
- { MBEDTLS_CIPHER_BLOWFISH_CTR, &blowfish_ctr_info },
-#endif
-#endif /* MBEDTLS_BLOWFISH_C */
-
#if defined(MBEDTLS_CAMELLIA_C)
{ MBEDTLS_CIPHER_CAMELLIA_128_ECB, &camellia_128_ecb_info },
{ MBEDTLS_CIPHER_CAMELLIA_192_ECB, &camellia_192_ecb_info },
diff --git a/library/dhm.c b/library/dhm.c
index e88f3a2..29ce755 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -444,6 +444,9 @@
DHM_VALIDATE_RET( output != NULL );
DHM_VALIDATE_RET( olen != NULL );
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
if( output_size < mbedtls_dhm_get_len( ctx ) )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
@@ -453,25 +456,17 @@
mbedtls_mpi_init( &GYb );
/* Blind peer's value */
- if( f_rng != NULL )
- {
- MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
- }
- else
- MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) );
+ MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
/* Do modular exponentiation */
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
&ctx->P, &ctx->RP ) );
/* Unblind secret value */
- if( f_rng != NULL )
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
- }
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
/* Output the secret without any leading zero byte. This is mandatory
* for TLS per RFC 5246 §8.1.2. */
diff --git a/library/ecjpake.c b/library/ecjpake.c
index de43ddb..d229311 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -962,6 +962,28 @@
0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
};
+/*
+ * PRNG for test - !!!INSECURE NEVER USE IN PRODUCTION!!!
+ *
+ * This is the linear congruential generator from numerical recipes,
+ * except we only use the low byte as the output. See
+ * https://en.wikipedia.org/wiki/Linear_congruential_generator#Parameters_in_common_use
+ */
+static int self_test_rng( void *ctx, unsigned char *out, size_t len )
+{
+ static uint32_t state = 42;
+
+ (void) ctx;
+
+ for( size_t i = 0; i < len; i++ )
+ {
+ state = state * 1664525u + 1013904223u;
+ out[i] = (unsigned char) state;
+ }
+
+ return( 0 );
+}
+
/* Load my private keys and generate the corresponding public keys */
static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
const unsigned char *xm1, size_t len1,
@@ -972,9 +994,9 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm1, &ctx->xm1,
- &ctx->grp.G, NULL, NULL ) );
+ &ctx->grp.G, self_test_rng, NULL ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm2, &ctx->xm2,
- &ctx->grp.G, NULL, NULL ) );
+ &ctx->grp.G, self_test_rng, NULL ) );
cleanup:
return( ret );
diff --git a/library/ecp.c b/library/ecp.c
index 044bbe1..8f6e988 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -101,16 +101,6 @@
#include "ecp_internal_alt.h"
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-#if defined(MBEDTLS_HMAC_DRBG_C)
-#include "mbedtls/hmac_drbg.h"
-#elif defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/ctr_drbg.h"
-#else
-#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid."
-#endif
-#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
-
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
@@ -124,144 +114,6 @@
static unsigned long add_count, dbl_count, mul_count;
#endif
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-/*
- * Currently ecp_mul() takes a RNG function as an argument, used for
- * side-channel protection, but it can be NULL. The initial reasoning was
- * that people will pass non-NULL RNG when they care about side-channels, but
- * unfortunately we have some APIs that call ecp_mul() with a NULL RNG, with
- * no opportunity for the user to do anything about it.
- *
- * The obvious strategies for addressing that include:
- * - change those APIs so that they take RNG arguments;
- * - require a global RNG to be available to all crypto modules.
- *
- * Unfortunately those would break compatibility. So what we do instead is
- * have our own internal DRBG instance, seeded from the secret scalar.
- *
- * The following is a light-weight abstraction layer for doing that with
- * HMAC_DRBG (first choice) or CTR_DRBG.
- */
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
-
-/* DRBG context type */
-typedef mbedtls_hmac_drbg_context ecp_drbg_context;
-
-/* DRBG context init */
-static inline void ecp_drbg_init( ecp_drbg_context *ctx )
-{
- mbedtls_hmac_drbg_init( ctx );
-}
-
-/* DRBG context free */
-static inline void ecp_drbg_free( ecp_drbg_context *ctx )
-{
- mbedtls_hmac_drbg_free( ctx );
-}
-
-/* DRBG function */
-static inline int ecp_drbg_random( void *p_rng,
- unsigned char *output, size_t output_len )
-{
- return( mbedtls_hmac_drbg_random( p_rng, output, output_len ) );
-}
-
-/* DRBG context seeding */
-static int ecp_drbg_seed( ecp_drbg_context *ctx,
- const mbedtls_mpi *secret, size_t secret_len )
-{
- int ret;
- unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
- /* The list starts with strong hashes */
- const mbedtls_md_type_t md_type = mbedtls_md_list()[0];
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
-
- if( secret_len > MBEDTLS_ECP_MAX_BYTES )
- {
- ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
- goto cleanup;
- }
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
- secret_bytes, secret_len ) );
-
- ret = mbedtls_hmac_drbg_seed_buf( ctx, md_info, secret_bytes, secret_len );
-
-cleanup:
- mbedtls_platform_zeroize( secret_bytes, secret_len );
-
- return( ret );
-}
-
-#elif defined(MBEDTLS_CTR_DRBG_C)
-
-/* DRBG context type */
-typedef mbedtls_ctr_drbg_context ecp_drbg_context;
-
-/* DRBG context init */
-static inline void ecp_drbg_init( ecp_drbg_context *ctx )
-{
- mbedtls_ctr_drbg_init( ctx );
-}
-
-/* DRBG context free */
-static inline void ecp_drbg_free( ecp_drbg_context *ctx )
-{
- mbedtls_ctr_drbg_free( ctx );
-}
-
-/* DRBG function */
-static inline int ecp_drbg_random( void *p_rng,
- unsigned char *output, size_t output_len )
-{
- return( mbedtls_ctr_drbg_random( p_rng, output, output_len ) );
-}
-
-/*
- * Since CTR_DRBG doesn't have a seed_buf() function the way HMAC_DRBG does,
- * we need to pass an entropy function when seeding. So we use a dummy
- * function for that, and pass the actual entropy as customisation string.
- * (During seeding of CTR_DRBG the entropy input and customisation string are
- * concatenated before being used to update the secret state.)
- */
-static int ecp_ctr_drbg_null_entropy(void *ctx, unsigned char *out, size_t len)
-{
- (void) ctx;
- memset( out, 0, len );
- return( 0 );
-}
-
-/* DRBG context seeding */
-static int ecp_drbg_seed( ecp_drbg_context *ctx,
- const mbedtls_mpi *secret, size_t secret_len )
-{
- int ret;
- unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
-
- if( secret_len > MBEDTLS_ECP_MAX_BYTES )
- {
- ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
- goto cleanup;
- }
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
- secret_bytes, secret_len ) );
-
- ret = mbedtls_ctr_drbg_seed( ctx, ecp_ctr_drbg_null_entropy, NULL,
- secret_bytes, secret_len );
-
-cleanup:
- mbedtls_platform_zeroize( secret_bytes, secret_len );
-
- return( ret );
-}
-
-#else
-#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid."
-#endif /* DRBG modules */
-#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
-
#if defined(MBEDTLS_ECP_RESTARTABLE)
/*
* Maximum number of "basic operations" to be done in a row.
@@ -309,10 +161,6 @@
ecp_rsm_comb_core, /* ecp_mul_comb_core() */
ecp_rsm_final_norm, /* do the final normalization */
} state;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_context drbg_ctx;
- unsigned char drbg_seeded;
-#endif
};
/*
@@ -325,10 +173,6 @@
ctx->T = NULL;
ctx->T_size = 0;
ctx->state = ecp_rsm_init;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_init( &ctx->drbg_ctx );
- ctx->drbg_seeded = 0;
-#endif
}
/*
@@ -350,10 +194,6 @@
mbedtls_free( ctx->T );
}
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_free( &ctx->drbg_ctx );
-#endif
-
ecp_restart_rsm_init( ctx );
}
@@ -2068,9 +1908,7 @@
i = d;
MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng != 0 )
-#endif
MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
}
@@ -2204,9 +2042,7 @@
*
* Avoid the leak by randomizing coordinates before we normalize them.
*/
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng != 0 )
-#endif
MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) );
@@ -2286,42 +2122,9 @@
size_t d;
unsigned char T_size = 0, T_ok = 0;
mbedtls_ecp_point *T = NULL;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_context drbg_ctx;
-
- ecp_drbg_init( &drbg_ctx );
-#endif
ECP_RS_ENTER( rsm );
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- if( f_rng == NULL )
- {
- /* Adjust pointers */
- f_rng = &ecp_drbg_random;
-#if defined(MBEDTLS_ECP_RESTARTABLE)
- if( rs_ctx != NULL && rs_ctx->rsm != NULL )
- p_rng = &rs_ctx->rsm->drbg_ctx;
- else
-#endif
- p_rng = &drbg_ctx;
-
- /* Initialize internal DRBG if necessary */
-#if defined(MBEDTLS_ECP_RESTARTABLE)
- if( rs_ctx == NULL || rs_ctx->rsm == NULL ||
- rs_ctx->rsm->drbg_seeded == 0 )
-#endif
- {
- const size_t m_len = ( grp->nbits + 7 ) / 8;
- MBEDTLS_MPI_CHK( ecp_drbg_seed( p_rng, m, m_len ) );
- }
-#if defined(MBEDTLS_ECP_RESTARTABLE)
- if( rs_ctx != NULL && rs_ctx->rsm != NULL )
- rs_ctx->rsm->drbg_seeded = 1;
-#endif
- }
-#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */
-
/* Is P the base point ? */
#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1
p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 &&
@@ -2393,10 +2196,6 @@
cleanup:
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_free( &drbg_ctx );
-#endif
-
/* does T belong to the group? */
if( T == grp->T )
T = NULL;
@@ -2583,22 +2382,10 @@
unsigned char b;
mbedtls_ecp_point RP;
mbedtls_mpi PX;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_context drbg_ctx;
-
- ecp_drbg_init( &drbg_ctx );
-#endif
mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX );
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng == NULL )
- {
- const size_t m_len = ( grp->nbits + 7 ) / 8;
- MBEDTLS_MPI_CHK( ecp_drbg_seed( &drbg_ctx, m, m_len ) );
- f_rng = &ecp_drbg_random;
- p_rng = &drbg_ctx;
- }
-#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */
+ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
/* Save PX and read from P before writing to R, in case P == R */
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) );
@@ -2613,10 +2400,7 @@
MOD_ADD( RP.X );
/* Randomize coordinates of the starting point */
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- if( f_rng != NULL )
-#endif
- MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
/* Loop invariant: R = result so far, RP = R + P */
i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */
@@ -2648,18 +2432,10 @@
*
* Avoid the leak by randomizing coordinates before we normalize them.
*/
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- if( f_rng != NULL )
-#endif
- MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
-
+ MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) );
cleanup:
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_free( &drbg_ctx );
-#endif
-
mbedtls_ecp_point_free( &RP ); mbedtls_mpi_free( &PX );
return( ret );
@@ -2669,8 +2445,11 @@
/*
* Restartable multiplication R = m * P
+ *
+ * This internal function can be called without an RNG in case where we know
+ * the inputs are not sensitive.
*/
-int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+static int ecp_mul_restartable_internal( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_ecp_restart_ctx *rs_ctx )
@@ -2679,10 +2458,6 @@
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
char is_grp_capable = 0;
#endif
- ECP_VALIDATE_RET( grp != NULL );
- ECP_VALIDATE_RET( R != NULL );
- ECP_VALIDATE_RET( m != NULL );
- ECP_VALIDATE_RET( P != NULL );
#if defined(MBEDTLS_ECP_RESTARTABLE)
/* reset ops count for this call if top-level */
@@ -2736,6 +2511,25 @@
}
/*
+ * Restartable multiplication R = m * P
+ */
+int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx )
+{
+ ECP_VALIDATE_RET( grp != NULL );
+ ECP_VALIDATE_RET( R != NULL );
+ ECP_VALIDATE_RET( m != NULL );
+ ECP_VALIDATE_RET( P != NULL );
+
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+ return( ecp_mul_restartable_internal( grp, R, m, P, f_rng, p_rng, rs_ctx ) );
+}
+
+/*
* Multiplication R = m * P
*/
int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
@@ -2828,8 +2622,8 @@
}
else
{
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P,
- NULL, NULL, rs_ctx ) );
+ MBEDTLS_MPI_CHK( ecp_mul_restartable_internal( grp, R, m, P,
+ NULL, NULL, rs_ctx ) );
}
cleanup:
@@ -3272,7 +3066,9 @@
/*
* Check a public-private key pair
*/
-int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv )
+int mbedtls_ecp_check_pub_priv(
+ const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ecp_point Q;
@@ -3296,7 +3092,7 @@
mbedtls_ecp_group_copy( &grp, &prv->grp );
/* Also checks d is valid */
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, f_rng, p_rng ) );
if( mbedtls_mpi_cmp_mpi( &Q.X, &prv->Q.X ) ||
mbedtls_mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) ||
@@ -3315,6 +3111,28 @@
#if defined(MBEDTLS_SELF_TEST)
+/*
+ * PRNG for test - !!!INSECURE NEVER USE IN PRODUCTION!!!
+ *
+ * This is the linear congruential generator from numerical recipes,
+ * except we only use the low byte as the output. See
+ * https://en.wikipedia.org/wiki/Linear_congruential_generator#Parameters_in_common_use
+ */
+static int self_test_rng( void *ctx, unsigned char *out, size_t len )
+{
+ static uint32_t state = 42;
+
+ (void) ctx;
+
+ for( size_t i = 0; i < len; i++ )
+ {
+ state = state * 1664525u + 1013904223u;
+ out[i] = (unsigned char) state;
+ }
+
+ return( 0 );
+}
+
/* Adjust the exponent to be a valid private point for the specified curve.
* This is sometimes necessary because we use a single set of exponents
* for all curves but the validity of values depends on the curve. */
@@ -3370,7 +3188,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) );
MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, self_test_rng, NULL ) );
for( i = 1; i < n_exponents; i++ )
{
@@ -3383,7 +3201,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) );
MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, self_test_rng, NULL ) );
if( add_count != add_c_prev ||
dbl_count != dbl_c_prev ||
@@ -3461,7 +3279,7 @@
mbedtls_printf( " ECP SW test #1 (constant op_count, base point G): " );
/* Do a dummy multiplication first to trigger precomputation */
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, self_test_rng, NULL ) );
ret = self_test_point( verbose,
&grp, &R, &m, &grp.G,
sw_exponents,
diff --git a/library/entropy.c b/library/entropy.c
index f12a239..9e31f84 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -73,11 +73,6 @@
MBEDTLS_ENTROPY_MIN_PLATFORM,
MBEDTLS_ENTROPY_SOURCE_STRONG );
#endif
-#if defined(MBEDTLS_TIMING_C)
- mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
- MBEDTLS_ENTROPY_MIN_HARDCLOCK,
- MBEDTLS_ENTROPY_SOURCE_WEAK );
-#endif
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
MBEDTLS_ENTROPY_MIN_HARDWARE,
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index e5d75c5..bccc034 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -211,24 +211,6 @@
#endif /* _WIN32 && !EFIX64 && !EFI32 */
#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
-#if defined(MBEDTLS_TIMING_C)
-int mbedtls_hardclock_poll( void *data,
- unsigned char *output, size_t len, size_t *olen )
-{
- unsigned long timer = mbedtls_timing_hardclock();
- ((void) data);
- *olen = 0;
-
- if( len < sizeof(unsigned long) )
- return( 0 );
-
- memcpy( output, &timer, sizeof(unsigned long) );
- *olen = sizeof(unsigned long);
-
- return( 0 );
-}
-#endif /* MBEDTLS_TIMING_C */
-
#if defined(MBEDTLS_ENTROPY_NV_SEED)
int mbedtls_nv_seed_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
diff --git a/library/entropy_poll.h b/library/entropy_poll.h
index 9120fe5..bf26889 100644
--- a/library/entropy_poll.h
+++ b/library/entropy_poll.h
@@ -38,7 +38,6 @@
* Default thresholds for built-in sources, in bytes
*/
#define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */
-#define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */
#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */
#endif
@@ -51,14 +50,6 @@
unsigned char *output, size_t len, size_t *olen );
#endif
-#if defined(MBEDTLS_TIMING_C)
-/**
- * \brief mbedtls_timing_hardclock-based entropy poll callback
- */
-int mbedtls_hardclock_poll( void *data,
- unsigned char *output, size_t len, size_t *olen );
-#endif
-
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
/**
* \brief Entropy poll callback for a hardware source
diff --git a/library/md.c b/library/md.c
index 53afbef..a228789 100644
--- a/library/md.c
+++ b/library/md.c
@@ -30,8 +30,6 @@
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
@@ -52,24 +50,6 @@
#include <stdio.h>
#endif
-#if defined(MBEDTLS_MD2_C)
-const mbedtls_md_info_t mbedtls_md2_info = {
- "MD2",
- MBEDTLS_MD_MD2,
- 16,
- 16,
-};
-#endif
-
-#if defined(MBEDTLS_MD4_C)
-const mbedtls_md_info_t mbedtls_md4_info = {
- "MD4",
- MBEDTLS_MD_MD4,
- 16,
- 64,
-};
-#endif
-
#if defined(MBEDTLS_MD5_C)
const mbedtls_md_info_t mbedtls_md5_info = {
"MD5",
@@ -165,14 +145,6 @@
MBEDTLS_MD_MD5,
#endif
-#if defined(MBEDTLS_MD4_C)
- MBEDTLS_MD_MD4,
-#endif
-
-#if defined(MBEDTLS_MD2_C)
- MBEDTLS_MD_MD2,
-#endif
-
MBEDTLS_MD_NONE
};
@@ -187,14 +159,6 @@
return( NULL );
/* Get the appropriate digest information */
-#if defined(MBEDTLS_MD2_C)
- if( !strcmp( "MD2", md_name ) )
- return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
-#endif
-#if defined(MBEDTLS_MD4_C)
- if( !strcmp( "MD4", md_name ) )
- return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
-#endif
#if defined(MBEDTLS_MD5_C)
if( !strcmp( "MD5", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
@@ -230,14 +194,6 @@
{
switch( md_type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( &mbedtls_md2_info );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( &mbedtls_md4_info );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( &mbedtls_md5_info );
@@ -285,16 +241,6 @@
{
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- mbedtls_md2_free( ctx->md_ctx );
- break;
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- mbedtls_md4_free( ctx->md_ctx );
- break;
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
mbedtls_md5_free( ctx->md_ctx );
@@ -359,16 +305,6 @@
switch( src->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- mbedtls_md2_clone( dst->md_ctx, src->md_ctx );
- break;
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- mbedtls_md4_clone( dst->md_ctx, src->md_ctx );
- break;
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
mbedtls_md5_clone( dst->md_ctx, src->md_ctx );
@@ -431,16 +367,6 @@
switch( md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- ALLOC( md2 );
- break;
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- ALLOC( md4 );
- break;
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
ALLOC( md5 );
@@ -501,14 +427,6 @@
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_md2_starts( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_md4_starts( ctx->md_ctx ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( mbedtls_md5_starts( ctx->md_ctx ) );
@@ -549,14 +467,6 @@
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_md2_update( ctx->md_ctx, input, ilen ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_md4_update( ctx->md_ctx, input, ilen ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( mbedtls_md5_update( ctx->md_ctx, input, ilen ) );
@@ -597,14 +507,6 @@
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_md2_finish( ctx->md_ctx, output ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_md4_finish( ctx->md_ctx, output ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( mbedtls_md5_finish( ctx->md_ctx, output ) );
@@ -646,14 +548,6 @@
switch( md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_md2( input, ilen, output ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_md4( input, ilen, output ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( mbedtls_md5( input, ilen, output ) );
@@ -858,14 +752,6 @@
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_internal_md2_process( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_internal_md4_process( ctx->md_ctx, data ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( mbedtls_internal_md5_process( ctx->md_ctx, data ) );
diff --git a/library/md2.c b/library/md2.c
deleted file mode 100644
index e02c2f0..0000000
--- a/library/md2.c
+++ /dev/null
@@ -1,321 +0,0 @@
-/*
- * RFC 1115/1319 compliant MD2 implementation
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * The MD2 algorithm was designed by Ron Rivest in 1989.
- *
- * http://www.ietf.org/rfc/rfc1115.txt
- * http://www.ietf.org/rfc/rfc1319.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MD2_C)
-
-#include "mbedtls/md2.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_MD2_ALT)
-
-static const unsigned char PI_SUBST[256] =
-{
- 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36,
- 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3,
- 0xC0, 0xC7, 0x73, 0x8C, 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C,
- 0x82, 0xCA, 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
- 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12, 0xBE, 0x4E,
- 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49, 0xA0, 0xFB, 0xF5, 0x8E,
- 0xBB, 0x2F, 0xEE, 0x7A, 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2,
- 0x07, 0x3F, 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
- 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27, 0x35, 0x3E,
- 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03, 0xFF, 0x19, 0x30, 0xB3,
- 0x48, 0xA5, 0xB5, 0xD1, 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56,
- 0xAA, 0xC6, 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
- 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1, 0x45, 0x9D,
- 0x70, 0x59, 0x64, 0x71, 0x87, 0x20, 0x86, 0x5B, 0xCF, 0x65,
- 0xE6, 0x2D, 0xA8, 0x02, 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0,
- 0xB9, 0xF6, 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
- 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A, 0xC3, 0x5C,
- 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26, 0x2C, 0x53, 0x0D, 0x6E,
- 0x85, 0x28, 0x84, 0x09, 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81,
- 0x4D, 0x52, 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
- 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A, 0x78, 0x88,
- 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D, 0xE9, 0xCB, 0xD5, 0xFE,
- 0x3B, 0x00, 0x1D, 0x39, 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58,
- 0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
- 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99,
- 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
-};
-
-void mbedtls_md2_init( mbedtls_md2_context *ctx )
-{
- memset( ctx, 0, sizeof( mbedtls_md2_context ) );
-}
-
-void mbedtls_md2_free( mbedtls_md2_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md2_context ) );
-}
-
-void mbedtls_md2_clone( mbedtls_md2_context *dst,
- const mbedtls_md2_context *src )
-{
- *dst = *src;
-}
-
-/*
- * MD2 context setup
- */
-int mbedtls_md2_starts( mbedtls_md2_context *ctx )
-{
- memset( ctx->cksum, 0, 16 );
- memset( ctx->state, 0, 46 );
- memset( ctx->buffer, 0, 16 );
- ctx->left = 0;
-
- return( 0 );
-}
-
-#if !defined(MBEDTLS_MD2_PROCESS_ALT)
-int mbedtls_internal_md2_process( mbedtls_md2_context *ctx )
-{
- int i, j;
- unsigned char t = 0;
-
- for( i = 0; i < 16; i++ )
- {
- ctx->state[i + 16] = ctx->buffer[i];
- ctx->state[i + 32] =
- (unsigned char)( ctx->buffer[i] ^ ctx->state[i]);
- }
-
- for( i = 0; i < 18; i++ )
- {
- for( j = 0; j < 48; j++ )
- {
- ctx->state[j] = (unsigned char)
- ( ctx->state[j] ^ PI_SUBST[t] );
- t = ctx->state[j];
- }
-
- t = (unsigned char)( t + i );
- }
-
- t = ctx->cksum[15];
-
- for( i = 0; i < 16; i++ )
- {
- ctx->cksum[i] = (unsigned char)
- ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] );
- t = ctx->cksum[i];
- }
-
- /* Zeroise variables to clear sensitive data from memory. */
- mbedtls_platform_zeroize( &t, sizeof( t ) );
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_MD2_PROCESS_ALT */
-
-/*
- * MD2 process buffer
- */
-int mbedtls_md2_update( mbedtls_md2_context *ctx,
- const unsigned char *input,
- size_t ilen )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t fill;
-
- while( ilen > 0 )
- {
- if( ilen > 16 - ctx->left )
- fill = 16 - ctx->left;
- else
- fill = ilen;
-
- memcpy( ctx->buffer + ctx->left, input, fill );
-
- ctx->left += fill;
- input += fill;
- ilen -= fill;
-
- if( ctx->left == 16 )
- {
- ctx->left = 0;
- if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
- return( ret );
- }
- }
-
- return( 0 );
-}
-
-/*
- * MD2 final digest
- */
-int mbedtls_md2_finish( mbedtls_md2_context *ctx,
- unsigned char output[16] )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t i;
- unsigned char x;
-
- x = (unsigned char)( 16 - ctx->left );
-
- for( i = ctx->left; i < 16; i++ )
- ctx->buffer[i] = x;
-
- if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
- return( ret );
-
- memcpy( ctx->buffer, ctx->cksum, 16 );
- if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
- return( ret );
-
- memcpy( output, ctx->state, 16 );
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_MD2_ALT */
-
-/*
- * output = MD2( input buffer )
- */
-int mbedtls_md2( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_md2_context ctx;
-
- mbedtls_md2_init( &ctx );
-
- if( ( ret = mbedtls_md2_starts( &ctx ) ) != 0 )
- goto exit;
-
- if( ( ret = mbedtls_md2_update( &ctx, input, ilen ) ) != 0 )
- goto exit;
-
- if( ( ret = mbedtls_md2_finish( &ctx, output ) ) != 0 )
- goto exit;
-
-exit:
- mbedtls_md2_free( &ctx );
-
- return( ret );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * RFC 1319 test vectors
- */
-static const unsigned char md2_test_str[7][81] =
-{
- { "" },
- { "a" },
- { "abc" },
- { "message digest" },
- { "abcdefghijklmnopqrstuvwxyz" },
- { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
- { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
-};
-
-static const size_t md2_test_strlen[7] =
-{
- 0, 1, 3, 14, 26, 62, 80
-};
-
-static const unsigned char md2_test_sum[7][16] =
-{
- { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D,
- 0xF2, 0x27, 0x5C, 0x9F, 0x80, 0x69, 0x27, 0x73 },
- { 0x32, 0xEC, 0x01, 0xEC, 0x4A, 0x6D, 0xAC, 0x72,
- 0xC0, 0xAB, 0x96, 0xFB, 0x34, 0xC0, 0xB5, 0xD1 },
- { 0xDA, 0x85, 0x3B, 0x0D, 0x3F, 0x88, 0xD9, 0x9B,
- 0x30, 0x28, 0x3A, 0x69, 0xE6, 0xDE, 0xD6, 0xBB },
- { 0xAB, 0x4F, 0x49, 0x6B, 0xFB, 0x2A, 0x53, 0x0B,
- 0x21, 0x9F, 0xF3, 0x30, 0x31, 0xFE, 0x06, 0xB0 },
- { 0x4E, 0x8D, 0xDF, 0xF3, 0x65, 0x02, 0x92, 0xAB,
- 0x5A, 0x41, 0x08, 0xC3, 0xAA, 0x47, 0x94, 0x0B },
- { 0xDA, 0x33, 0xDE, 0xF2, 0xA4, 0x2D, 0xF1, 0x39,
- 0x75, 0x35, 0x28, 0x46, 0xC3, 0x03, 0x38, 0xCD },
- { 0xD5, 0x97, 0x6F, 0x79, 0xD8, 0x3D, 0x3A, 0x0D,
- 0xC9, 0x80, 0x6C, 0x3C, 0x66, 0xF3, 0xEF, 0xD8 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_md2_self_test( int verbose )
-{
- int i, ret = 0;
- unsigned char md2sum[16];
-
- for( i = 0; i < 7; i++ )
- {
- if( verbose != 0 )
- mbedtls_printf( " MD2 test #%d: ", i + 1 );
-
- ret = mbedtls_md2( md2_test_str[i], md2_test_strlen[i], md2sum );
- if( ret != 0 )
- goto fail;
-
- if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
- {
- ret = 1;
- goto fail;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
- }
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
- return( 0 );
-
-fail:
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_MD2_C */
diff --git a/library/md4.c b/library/md4.c
deleted file mode 100644
index f5f3302..0000000
--- a/library/md4.c
+++ /dev/null
@@ -1,444 +0,0 @@
-/*
- * RFC 1186/1320 compliant MD4 implementation
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * The MD4 algorithm was designed by Ron Rivest in 1990.
- *
- * http://www.ietf.org/rfc/rfc1186.txt
- * http://www.ietf.org/rfc/rfc1320.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MD4_C)
-
-#include "mbedtls/md4.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_MD4_ALT)
-
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] ) \
- | ( (uint32_t) (b)[(i) + 1] << 8 ) \
- | ( (uint32_t) (b)[(i) + 2] << 16 ) \
- | ( (uint32_t) (b)[(i) + 3] << 24 ); \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
- (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
- (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
-}
-#endif
-
-void mbedtls_md4_init( mbedtls_md4_context *ctx )
-{
- memset( ctx, 0, sizeof( mbedtls_md4_context ) );
-}
-
-void mbedtls_md4_free( mbedtls_md4_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md4_context ) );
-}
-
-void mbedtls_md4_clone( mbedtls_md4_context *dst,
- const mbedtls_md4_context *src )
-{
- *dst = *src;
-}
-
-/*
- * MD4 context setup
- */
-int mbedtls_md4_starts( mbedtls_md4_context *ctx )
-{
- ctx->total[0] = 0;
- ctx->total[1] = 0;
-
- ctx->state[0] = 0x67452301;
- ctx->state[1] = 0xEFCDAB89;
- ctx->state[2] = 0x98BADCFE;
- ctx->state[3] = 0x10325476;
-
- return( 0 );
-}
-
-#if !defined(MBEDTLS_MD4_PROCESS_ALT)
-int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
- const unsigned char data[64] )
-{
- struct
- {
- uint32_t X[16], A, B, C, D;
- } local;
-
- GET_UINT32_LE( local.X[ 0], data, 0 );
- GET_UINT32_LE( local.X[ 1], data, 4 );
- GET_UINT32_LE( local.X[ 2], data, 8 );
- GET_UINT32_LE( local.X[ 3], data, 12 );
- GET_UINT32_LE( local.X[ 4], data, 16 );
- GET_UINT32_LE( local.X[ 5], data, 20 );
- GET_UINT32_LE( local.X[ 6], data, 24 );
- GET_UINT32_LE( local.X[ 7], data, 28 );
- GET_UINT32_LE( local.X[ 8], data, 32 );
- GET_UINT32_LE( local.X[ 9], data, 36 );
- GET_UINT32_LE( local.X[10], data, 40 );
- GET_UINT32_LE( local.X[11], data, 44 );
- GET_UINT32_LE( local.X[12], data, 48 );
- GET_UINT32_LE( local.X[13], data, 52 );
- GET_UINT32_LE( local.X[14], data, 56 );
- GET_UINT32_LE( local.X[15], data, 60 );
-
-#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
-
- local.A = ctx->state[0];
- local.B = ctx->state[1];
- local.C = ctx->state[2];
- local.D = ctx->state[3];
-
-#define F(x, y, z) (((x) & (y)) | ((~(x)) & (z)))
-#define P(a,b,c,d,x,s) \
- do \
- { \
- (a) += F((b),(c),(d)) + (x); \
- (a) = S((a),(s)); \
- } while( 0 )
-
-
- P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 1], 7 );
- P( local.C, local.D, local.A, local.B, local.X[ 2], 11 );
- P( local.B, local.C, local.D, local.A, local.X[ 3], 19 );
- P( local.A, local.B, local.C, local.D, local.X[ 4], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 5], 7 );
- P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
- P( local.B, local.C, local.D, local.A, local.X[ 7], 19 );
- P( local.A, local.B, local.C, local.D, local.X[ 8], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 9], 7 );
- P( local.C, local.D, local.A, local.B, local.X[10], 11 );
- P( local.B, local.C, local.D, local.A, local.X[11], 19 );
- P( local.A, local.B, local.C, local.D, local.X[12], 3 );
- P( local.D, local.A, local.B, local.C, local.X[13], 7 );
- P( local.C, local.D, local.A, local.B, local.X[14], 11 );
- P( local.B, local.C, local.D, local.A, local.X[15], 19 );
-
-#undef P
-#undef F
-
-#define F(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
-#define P(a,b,c,d,x,s) \
- do \
- { \
- (a) += F((b),(c),(d)) + (x) + 0x5A827999; \
- (a) = S((a),(s)); \
- } while( 0 )
-
- P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 4], 5 );
- P( local.C, local.D, local.A, local.B, local.X[ 8], 9 );
- P( local.B, local.C, local.D, local.A, local.X[12], 13 );
- P( local.A, local.B, local.C, local.D, local.X[ 1], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 5], 5 );
- P( local.C, local.D, local.A, local.B, local.X[ 9], 9 );
- P( local.B, local.C, local.D, local.A, local.X[13], 13 );
- P( local.A, local.B, local.C, local.D, local.X[ 2], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 6], 5 );
- P( local.C, local.D, local.A, local.B, local.X[10], 9 );
- P( local.B, local.C, local.D, local.A, local.X[14], 13 );
- P( local.A, local.B, local.C, local.D, local.X[ 3], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 7], 5 );
- P( local.C, local.D, local.A, local.B, local.X[11], 9 );
- P( local.B, local.C, local.D, local.A, local.X[15], 13 );
-
-#undef P
-#undef F
-
-#define F(x,y,z) ((x) ^ (y) ^ (z))
-#define P(a,b,c,d,x,s) \
- do \
- { \
- (a) += F((b),(c),(d)) + (x) + 0x6ED9EBA1; \
- (a) = S((a),(s)); \
- } while( 0 )
-
- P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 8], 9 );
- P( local.C, local.D, local.A, local.B, local.X[ 4], 11 );
- P( local.B, local.C, local.D, local.A, local.X[12], 15 );
- P( local.A, local.B, local.C, local.D, local.X[ 2], 3 );
- P( local.D, local.A, local.B, local.C, local.X[10], 9 );
- P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
- P( local.B, local.C, local.D, local.A, local.X[14], 15 );
- P( local.A, local.B, local.C, local.D, local.X[ 1], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 9], 9 );
- P( local.C, local.D, local.A, local.B, local.X[ 5], 11 );
- P( local.B, local.C, local.D, local.A, local.X[13], 15 );
- P( local.A, local.B, local.C, local.D, local.X[ 3], 3 );
- P( local.D, local.A, local.B, local.C, local.X[11], 9 );
- P( local.C, local.D, local.A, local.B, local.X[ 7], 11 );
- P( local.B, local.C, local.D, local.A, local.X[15], 15 );
-
-#undef F
-#undef P
-
- ctx->state[0] += local.A;
- ctx->state[1] += local.B;
- ctx->state[2] += local.C;
- ctx->state[3] += local.D;
-
- /* Zeroise variables to clear sensitive data from memory. */
- mbedtls_platform_zeroize( &local, sizeof( local ) );
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_MD4_PROCESS_ALT */
-
-/*
- * MD4 process buffer
- */
-int mbedtls_md4_update( mbedtls_md4_context *ctx,
- const unsigned char *input,
- size_t ilen )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t fill;
- uint32_t left;
-
- if( ilen == 0 )
- return( 0 );
-
- left = ctx->total[0] & 0x3F;
- fill = 64 - left;
-
- ctx->total[0] += (uint32_t) ilen;
- ctx->total[0] &= 0xFFFFFFFF;
-
- if( ctx->total[0] < (uint32_t) ilen )
- ctx->total[1]++;
-
- if( left && ilen >= fill )
- {
- memcpy( (void *) (ctx->buffer + left),
- (void *) input, fill );
-
- if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 )
- return( ret );
-
- input += fill;
- ilen -= fill;
- left = 0;
- }
-
- while( ilen >= 64 )
- {
- if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 )
- return( ret );
-
- input += 64;
- ilen -= 64;
- }
-
- if( ilen > 0 )
- {
- memcpy( (void *) (ctx->buffer + left),
- (void *) input, ilen );
- }
-
- return( 0 );
-}
-
-static const unsigned char md4_padding[64] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-/*
- * MD4 final digest
- */
-int mbedtls_md4_finish( mbedtls_md4_context *ctx,
- unsigned char output[16] )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- uint32_t last, padn;
- uint32_t high, low;
- unsigned char msglen[8];
-
- high = ( ctx->total[0] >> 29 )
- | ( ctx->total[1] << 3 );
- low = ( ctx->total[0] << 3 );
-
- PUT_UINT32_LE( low, msglen, 0 );
- PUT_UINT32_LE( high, msglen, 4 );
-
- last = ctx->total[0] & 0x3F;
- padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
-
- ret = mbedtls_md4_update( ctx, (unsigned char *)md4_padding, padn );
- if( ret != 0 )
- return( ret );
-
- if( ( ret = mbedtls_md4_update( ctx, msglen, 8 ) ) != 0 )
- return( ret );
-
-
- PUT_UINT32_LE( ctx->state[0], output, 0 );
- PUT_UINT32_LE( ctx->state[1], output, 4 );
- PUT_UINT32_LE( ctx->state[2], output, 8 );
- PUT_UINT32_LE( ctx->state[3], output, 12 );
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_MD4_ALT */
-
-/*
- * output = MD4( input buffer )
- */
-int mbedtls_md4( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_md4_context ctx;
-
- mbedtls_md4_init( &ctx );
-
- if( ( ret = mbedtls_md4_starts( &ctx ) ) != 0 )
- goto exit;
-
- if( ( ret = mbedtls_md4_update( &ctx, input, ilen ) ) != 0 )
- goto exit;
-
- if( ( ret = mbedtls_md4_finish( &ctx, output ) ) != 0 )
- goto exit;
-
-exit:
- mbedtls_md4_free( &ctx );
-
- return( ret );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * RFC 1320 test vectors
- */
-static const unsigned char md4_test_str[7][81] =
-{
- { "" },
- { "a" },
- { "abc" },
- { "message digest" },
- { "abcdefghijklmnopqrstuvwxyz" },
- { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
- { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
-};
-
-static const size_t md4_test_strlen[7] =
-{
- 0, 1, 3, 14, 26, 62, 80
-};
-
-static const unsigned char md4_test_sum[7][16] =
-{
- { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31,
- 0xB7, 0x3C, 0x59, 0xD7, 0xE0, 0xC0, 0x89, 0xC0 },
- { 0xBD, 0xE5, 0x2C, 0xB3, 0x1D, 0xE3, 0x3E, 0x46,
- 0x24, 0x5E, 0x05, 0xFB, 0xDB, 0xD6, 0xFB, 0x24 },
- { 0xA4, 0x48, 0x01, 0x7A, 0xAF, 0x21, 0xD8, 0x52,
- 0x5F, 0xC1, 0x0A, 0xE8, 0x7A, 0xA6, 0x72, 0x9D },
- { 0xD9, 0x13, 0x0A, 0x81, 0x64, 0x54, 0x9F, 0xE8,
- 0x18, 0x87, 0x48, 0x06, 0xE1, 0xC7, 0x01, 0x4B },
- { 0xD7, 0x9E, 0x1C, 0x30, 0x8A, 0xA5, 0xBB, 0xCD,
- 0xEE, 0xA8, 0xED, 0x63, 0xDF, 0x41, 0x2D, 0xA9 },
- { 0x04, 0x3F, 0x85, 0x82, 0xF2, 0x41, 0xDB, 0x35,
- 0x1C, 0xE6, 0x27, 0xE1, 0x53, 0xE7, 0xF0, 0xE4 },
- { 0xE3, 0x3B, 0x4D, 0xDC, 0x9C, 0x38, 0xF2, 0x19,
- 0x9C, 0x3E, 0x7B, 0x16, 0x4F, 0xCC, 0x05, 0x36 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_md4_self_test( int verbose )
-{
- int i, ret = 0;
- unsigned char md4sum[16];
-
- for( i = 0; i < 7; i++ )
- {
- if( verbose != 0 )
- mbedtls_printf( " MD4 test #%d: ", i + 1 );
-
- ret = mbedtls_md4( md4_test_str[i], md4_test_strlen[i], md4sum );
- if( ret != 0 )
- goto fail;
-
- if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
- {
- ret = 1;
- goto fail;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
- }
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
- return( 0 );
-
-fail:
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_MD4_C */
diff --git a/library/md_wrap.h b/library/md_wrap.h
index 51655f9..cfd418a 100644
--- a/library/md_wrap.h
+++ b/library/md_wrap.h
@@ -57,12 +57,6 @@
unsigned char block_size;
};
-#if defined(MBEDTLS_MD2_C)
-extern const mbedtls_md_info_t mbedtls_md2_info;
-#endif
-#if defined(MBEDTLS_MD4_C)
-extern const mbedtls_md_info_t mbedtls_md4_info;
-#endif
#if defined(MBEDTLS_MD5_C)
extern const mbedtls_md_info_t mbedtls_md5_info;
#endif
diff --git a/library/net_sockets.c b/library/net_sockets.c
index 8f79b74..5fbe1f7 100644
--- a/library/net_sockets.c
+++ b/library/net_sockets.c
@@ -136,6 +136,31 @@
}
/*
+ * Return 0 if the file descriptor is valid, an error otherwise.
+ * If for_select != 0, check whether the file descriptor is within the range
+ * allowed for fd_set used for the FD_xxx macros and the select() function.
+ */
+static int check_fd( int fd, int for_select )
+{
+ if( fd < 0 )
+ return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+ !defined(EFI32)
+ (void) for_select;
+#else
+ /* A limitation of select() is that it only works with file descriptors
+ * that are strictly less than FD_SETSIZE. This is a limitation of the
+ * fd_set type. Error out early, because attempting to call FD_SET on a
+ * large file descriptor is a buffer overflow on typical platforms. */
+ if( for_select && fd >= FD_SETSIZE )
+ return( MBEDTLS_ERR_NET_POLL_FAILED );
+#endif
+
+ return( 0 );
+}
+
+/*
* Initialize a context
*/
void mbedtls_net_init( mbedtls_net_context *ctx )
@@ -466,15 +491,9 @@
int fd = ctx->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
-
- /* A limitation of select() is that it only works with file descriptors
- * that are strictly less than FD_SETSIZE. This is a limitation of the
- * fd_set type. Error out early, because attempting to call FD_SET on a
- * large file descriptor is a buffer overflow on typical platforms. */
- if( fd >= FD_SETSIZE )
- return( MBEDTLS_ERR_NET_POLL_FAILED );
+ ret = check_fd( fd, 1 );
+ if( ret != 0 )
+ return( ret );
#if defined(__has_feature)
#if __has_feature(memory_sanitizer)
@@ -553,8 +572,9 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+ ret = check_fd( fd, 0 );
+ if( ret != 0 )
+ return( ret );
ret = (int) read( fd, buf, len );
@@ -592,15 +612,9 @@
fd_set read_fds;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
-
- /* A limitation of select() is that it only works with file descriptors
- * that are strictly less than FD_SETSIZE. This is a limitation of the
- * fd_set type. Error out early, because attempting to call FD_SET on a
- * large file descriptor is a buffer overflow on typical platforms. */
- if( fd >= FD_SETSIZE )
- return( MBEDTLS_ERR_NET_POLL_FAILED );
+ ret = check_fd( fd, 1 );
+ if( ret != 0 )
+ return( ret );
FD_ZERO( &read_fds );
FD_SET( fd, &read_fds );
@@ -640,8 +654,9 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+ ret = check_fd( fd, 0 );
+ if( ret != 0 )
+ return( ret );
ret = (int) write( fd, buf, len );
diff --git a/library/oid.c b/library/oid.c
index c4a4df9..f70ceea 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -340,18 +340,6 @@
static const oid_sig_alg_t oid_sig_alg[] =
{
#if defined(MBEDTLS_RSA_C)
-#if defined(MBEDTLS_MD2_C)
- {
- OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD2, "md2WithRSAEncryption", "RSA with MD2" ),
- MBEDTLS_MD_MD2, MBEDTLS_PK_RSA,
- },
-#endif /* MBEDTLS_MD2_C */
-#if defined(MBEDTLS_MD4_C)
- {
- OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD4, "md4WithRSAEncryption", "RSA with MD4" ),
- MBEDTLS_MD_MD4, MBEDTLS_PK_RSA,
- },
-#endif /* MBEDTLS_MD4_C */
#if defined(MBEDTLS_MD5_C)
{
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ),
@@ -609,18 +597,6 @@
static const oid_md_alg_t oid_md_alg[] =
{
-#if defined(MBEDTLS_MD2_C)
- {
- OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD2, "id-md2", "MD2" ),
- MBEDTLS_MD_MD2,
- },
-#endif /* MBEDTLS_MD2_C */
-#if defined(MBEDTLS_MD4_C)
- {
- OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD4, "id-md4", "MD4" ),
- MBEDTLS_MD_MD4,
- },
-#endif /* MBEDTLS_MD4_C */
#if defined(MBEDTLS_MD5_C)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5" ),
diff --git a/library/pk.c b/library/pk.c
index 06021e2..275d34b 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -500,7 +500,10 @@
/*
* Check public-private key pair
*/
-int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
+int mbedtls_pk_check_pair( const mbedtls_pk_context *pub,
+ const mbedtls_pk_context *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
PK_VALIDATE_RET( pub != NULL );
PK_VALIDATE_RET( prv != NULL );
@@ -511,6 +514,9 @@
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
}
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
if( prv->pk_info->check_pair_func == NULL )
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
@@ -525,7 +531,7 @@
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
}
- return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
+ return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx, f_rng, p_rng ) );
}
/*
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 7c317c5..864e495 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -154,8 +154,12 @@
ilen, input, output ) );
}
-static int rsa_check_pair_wrap( const void *pub, const void *prv )
+static int rsa_check_pair_wrap( const void *pub, const void *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
+ (void) f_rng;
+ (void) p_rng;
return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
(const mbedtls_rsa_context *) prv ) );
}
@@ -388,10 +392,13 @@
#endif /* MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_ECDSA_C */
-static int eckey_check_pair( const void *pub, const void *prv )
+static int eckey_check_pair( const void *pub, const void *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
- (const mbedtls_ecp_keypair *) prv ) );
+ (const mbedtls_ecp_keypair *) prv,
+ f_rng, p_rng ) );
}
static void *eckey_alloc_wrap( void )
@@ -799,7 +806,9 @@
}
#if defined(MBEDTLS_RSA_C)
-static int rsa_alt_check_pair( const void *pub, const void *prv )
+static int rsa_alt_check_pair( const void *pub, const void *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
unsigned char hash[32];
@@ -813,7 +822,7 @@
if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
hash, sizeof( hash ),
- sig, &sig_len, NULL, NULL ) ) != 0 )
+ sig, &sig_len, f_rng, p_rng ) ) != 0 )
{
return( ret );
}
diff --git a/library/pk_wrap.h b/library/pk_wrap.h
index f7f938a..b2db637 100644
--- a/library/pk_wrap.h
+++ b/library/pk_wrap.h
@@ -85,7 +85,9 @@
void *p_rng );
/** Check public-private key pair */
- int (*check_pair_func)( const void *pub, const void *prv );
+ int (*check_pair_func)( const void *pub, const void *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 9823d96..04b1a6d 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -35,10 +35,6 @@
#include <string.h>
-#if defined(MBEDTLS_ARC4_C)
-#include "mbedtls/arc4.h"
-#endif
-
#if defined(MBEDTLS_DES_C)
#include "mbedtls/des.h"
#endif
@@ -125,47 +121,6 @@
#undef PKCS12_MAX_PWDLEN
-int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
- const unsigned char *pwd, size_t pwdlen,
- const unsigned char *data, size_t len,
- unsigned char *output )
-{
-#if !defined(MBEDTLS_ARC4_C)
- ((void) pbe_params);
- ((void) mode);
- ((void) pwd);
- ((void) pwdlen);
- ((void) data);
- ((void) len);
- ((void) output);
- return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
-#else
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned char key[16];
- mbedtls_arc4_context ctx;
- ((void) mode);
-
- mbedtls_arc4_init( &ctx );
-
- if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1,
- pwd, pwdlen,
- key, 16, NULL, 0 ) ) != 0 )
- {
- return( ret );
- }
-
- mbedtls_arc4_setup( &ctx, key, 16 );
- if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 )
- goto exit;
-
-exit:
- mbedtls_platform_zeroize( key, sizeof( key ) );
- mbedtls_arc4_free( &ctx );
-
- return( ret );
-#endif /* MBEDTLS_ARC4_C */
-}
-
int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen,
diff --git a/library/pkparse.c b/library/pkparse.c
index 3222ca2..fe6aaca 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -123,7 +123,8 @@
* Load and parse a private key
*/
int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
- const char *path, const char *pwd )
+ const char *path, const char *pwd,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t n;
@@ -136,10 +137,10 @@
return( ret );
if( pwd == NULL )
- ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0 );
+ ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0, f_rng, p_rng );
else
ret = mbedtls_pk_parse_key( ctx, buf, n,
- (const unsigned char *) pwd, strlen( pwd ) );
+ (const unsigned char *) pwd, strlen( pwd ), f_rng, p_rng );
mbedtls_platform_zeroize( buf, n );
mbedtls_free( buf );
@@ -859,8 +860,8 @@
* Parse a SEC1 encoded private EC key
*/
static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
- const unsigned char *key,
- size_t keylen )
+ const unsigned char *key, size_t keylen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int version, pubkey_done;
@@ -967,7 +968,7 @@
if( ! pubkey_done &&
( ret = mbedtls_ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G,
- NULL, NULL ) ) != 0 )
+ f_rng, p_rng ) ) != 0 )
{
mbedtls_ecp_keypair_free( eck );
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
@@ -997,9 +998,9 @@
*
*/
static int pk_parse_key_pkcs8_unencrypted_der(
- mbedtls_pk_context *pk,
- const unsigned char* key,
- size_t keylen )
+ mbedtls_pk_context *pk,
+ const unsigned char* key, size_t keylen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret, version;
size_t len;
@@ -1009,6 +1010,11 @@
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
const mbedtls_pk_info_t *pk_info;
+#if !defined(MBEDTLS_ECP_C)
+ (void) f_rng;
+ (void) p_rng;
+#endif
+
/*
* This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208)
*
@@ -1071,7 +1077,7 @@
if( pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH )
{
if( ( ret = pk_use_ecparams( ¶ms, &mbedtls_pk_ec( *pk )->grp ) ) != 0 ||
- ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len ) ) != 0 )
+ ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len, f_rng, p_rng ) ) != 0 )
{
mbedtls_pk_free( pk );
return( ret );
@@ -1094,9 +1100,10 @@
*/
#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
static int pk_parse_key_pkcs8_encrypted_der(
- mbedtls_pk_context *pk,
- unsigned char *key, size_t keylen,
- const unsigned char *pwd, size_t pwdlen )
+ mbedtls_pk_context *pk,
+ unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret, decrypted = 0;
size_t len;
@@ -1163,24 +1170,6 @@
decrypted = 1;
}
- else if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) == 0 )
- {
- if( ( ret = mbedtls_pkcs12_pbe_sha1_rc4_128( &pbe_params,
- MBEDTLS_PKCS12_PBE_DECRYPT,
- pwd, pwdlen,
- p, len, buf ) ) != 0 )
- {
- return( ret );
- }
-
- // Best guess for password mismatch when using RC4. If first tag is
- // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE
- //
- if( *buf != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
- return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
-
- decrypted = 1;
- }
else
#endif /* MBEDTLS_PKCS12_C */
#if defined(MBEDTLS_PKCS5_C)
@@ -1206,7 +1195,7 @@
if( decrypted == 0 )
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
- return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) );
+ return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len, f_rng, p_rng ) );
}
#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
@@ -1215,7 +1204,8 @@
*/
int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
const unsigned char *key, size_t keylen,
- const unsigned char *pwd, size_t pwdlen )
+ const unsigned char *pwd, size_t pwdlen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_pk_info_t *pk_info;
@@ -1278,7 +1268,8 @@
if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
- pem.buf, pem.buflen ) ) != 0 )
+ pem.buf, pem.buflen,
+ f_rng, p_rng ) ) != 0 )
{
mbedtls_pk_free( pk );
}
@@ -1305,7 +1296,7 @@
if( ret == 0 )
{
if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk,
- pem.buf, pem.buflen ) ) != 0 )
+ pem.buf, pem.buflen, f_rng, p_rng ) ) != 0 )
{
mbedtls_pk_free( pk );
}
@@ -1327,9 +1318,8 @@
key, NULL, 0, &len );
if( ret == 0 )
{
- if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk,
- pem.buf, pem.buflen,
- pwd, pwdlen ) ) != 0 )
+ if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, pem.buf, pem.buflen,
+ pwd, pwdlen, f_rng, p_rng ) ) != 0 )
{
mbedtls_pk_free( pk );
}
@@ -1362,7 +1352,7 @@
memcpy( key_copy, key, keylen );
ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen,
- pwd, pwdlen );
+ pwd, pwdlen, f_rng, p_rng );
mbedtls_platform_zeroize( key_copy, keylen );
mbedtls_free( key_copy );
@@ -1380,8 +1370,11 @@
}
#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
- if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 )
+ if( ( ret = pk_parse_key_pkcs8_unencrypted_der(
+ pk, key, keylen, f_rng, p_rng ) ) == 0 )
+ {
return( 0 );
+ }
mbedtls_pk_free( pk );
mbedtls_pk_init( pk );
@@ -1403,7 +1396,7 @@
pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
if( mbedtls_pk_setup( pk, pk_info ) == 0 &&
pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
- key, keylen ) == 0 )
+ key, keylen, f_rng, p_rng ) == 0 )
{
return( 0 );
}
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ba30eb5..a9caa18 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -58,11 +58,9 @@
#endif
#include "mbedtls/aes.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
#include "mbedtls/chacha20.h"
#include "mbedtls/chachapoly.h"
@@ -75,8 +73,6 @@
#include "mbedtls/entropy.h"
#include "mbedtls/error.h"
#include "mbedtls/gcm.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/md.h"
#include "md_wrap.h"
@@ -89,7 +85,6 @@
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
-#include "mbedtls/xtea.h"
#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
@@ -150,12 +145,6 @@
case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:
return( PSA_ERROR_BUFFER_TOO_SMALL );
-#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA)
- case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA:
-#endif
- case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH:
- return( PSA_ERROR_NOT_SUPPORTED );
-
#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA:
#endif
@@ -302,9 +291,6 @@
case MBEDTLS_ERR_RSA_RNG_FAILED:
return( PSA_ERROR_INSUFFICIENT_ENTROPY );
- case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH:
- return( PSA_ERROR_INVALID_ARGUMENT );
-
case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
case MBEDTLS_ERR_ECP_INVALID_KEY:
return( PSA_ERROR_INVALID_ARGUMENT );
@@ -478,12 +464,6 @@
return( PSA_ERROR_INVALID_ARGUMENT );
break;
#endif
-#if defined(PSA_WANT_KEY_TYPE_ARC4)
- case PSA_KEY_TYPE_ARC4:
- if( bits < 8 || bits > 2048 )
- return( PSA_ERROR_INVALID_ARGUMENT );
- break;
-#endif
#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
case PSA_KEY_TYPE_CHACHA20:
if( bits != 256 )
diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
index 4992a6e..a65e884 100644
--- a/library/psa_crypto_cipher.c
+++ b/library/psa_crypto_cipher.c
@@ -131,9 +131,6 @@
case PSA_KEY_TYPE_CAMELLIA:
cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
break;
- case PSA_KEY_TYPE_ARC4:
- cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
- break;
case PSA_KEY_TYPE_CHACHA20:
cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20;
break;
diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c
index 6471f82..92dcbba 100644
--- a/library/psa_crypto_hash.c
+++ b/library/psa_crypto_hash.c
@@ -31,14 +31,6 @@
/* Use builtin defines specific to this compilation unit, since the test driver
* relies on the software driver. */
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) )
-#define BUILTIN_ALG_MD2 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) )
-#define BUILTIN_ALG_MD4 1
-#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) )
#define BUILTIN_ALG_MD5 1
@@ -76,14 +68,6 @@
{
switch( alg )
{
-#if defined(MBEDTLS_MD2_C)
- case PSA_ALG_MD2:
- return( &mbedtls_md2_info );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case PSA_ALG_MD4:
- return( &mbedtls_md4_info );
-#endif
#if defined(MBEDTLS_MD5_C)
case PSA_ALG_MD5:
return( &mbedtls_md5_info );
@@ -134,16 +118,6 @@
* in use. It's ok to call abort on such an object, and there's
* nothing to do. */
break;
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_free( &operation->ctx.md2 );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_free( &operation->ctx.md4 );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_free( &operation->ctx.md5 );
@@ -200,18 +174,6 @@
switch( alg )
{
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_init( &operation->ctx.md2 );
- ret = mbedtls_md2_starts( &operation->ctx.md2 );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_init( &operation->ctx.md4 );
- ret = mbedtls_md4_starts( &operation->ctx.md4 );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_init( &operation->ctx.md5 );
@@ -274,18 +236,6 @@
{
case 0:
return( PSA_ERROR_BAD_STATE );
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_clone( &target_operation->ctx.md2,
- &source_operation->ctx.md2 );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_clone( &target_operation->ctx.md4,
- &source_operation->ctx.md4 );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_clone( &target_operation->ctx.md5,
@@ -347,18 +297,6 @@
switch( operation->alg )
{
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- ret = mbedtls_md2_update( &operation->ctx.md2,
- input, input_length );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- ret = mbedtls_md4_update( &operation->ctx.md4,
- input, input_length );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
ret = mbedtls_md5_update( &operation->ctx.md5,
@@ -437,16 +375,6 @@
switch( operation->alg )
{
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- ret = mbedtls_md2_finish( &operation->ctx.md2, hash );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- ret = mbedtls_md4_finish( &operation->ctx.md4, hash );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
ret = mbedtls_md5_finish( &operation->ctx.md5, hash );
@@ -587,14 +515,6 @@
{
switch( alg )
{
-#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
- case PSA_ALG_MD2:
- return( 1 );
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
- case PSA_ALG_MD4:
- return( 1 );
-#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
case PSA_ALG_MD5:
return( 1 );
diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c
index 20c56a0..adcc191 100644
--- a/library/psa_crypto_mac.c
+++ b/library/psa_crypto_mac.c
@@ -46,10 +46,6 @@
{
switch( alg )
{
- case PSA_ALG_MD2:
- return( 16 );
- case PSA_ALG_MD4:
- return( 64 );
case PSA_ALG_MD5:
return( 64 );
case PSA_ALG_RIPEMD160:
diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
index f2e9a1c..ef2adc1 100644
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c
@@ -108,7 +108,8 @@
/* Parse the data. */
if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
status = mbedtls_to_psa_error(
- mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) );
+ mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0,
+ mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) );
else
status = mbedtls_to_psa_error(
mbedtls_pk_parse_public_key( &ctx, data, data_length ) );
diff --git a/library/rsa.c b/library/rsa.c
index f7274ea..d4e63b6 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -929,8 +929,11 @@
RSA_VALIDATE_RET( input != NULL );
RSA_VALIDATE_RET( output != NULL );
- if( rsa_check_context( ctx, 1 /* private key checks */,
- f_rng != NULL /* blinding y/n */ ) != 0 )
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+ if( rsa_check_context( ctx, 1 /* private key checks */,
+ 1 /* blinding on */ ) != 0 )
{
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
@@ -947,15 +950,12 @@
mbedtls_mpi_init( &Q1 );
mbedtls_mpi_init( &R );
- if( f_rng != NULL )
- {
#if defined(MBEDTLS_RSA_NO_CRT)
- mbedtls_mpi_init( &D_blind );
+ mbedtls_mpi_init( &D_blind );
#else
- mbedtls_mpi_init( &DP_blind );
- mbedtls_mpi_init( &DQ_blind );
+ mbedtls_mpi_init( &DP_blind );
+ mbedtls_mpi_init( &DQ_blind );
#endif
- }
#if !defined(MBEDTLS_RSA_NO_CRT)
mbedtls_mpi_init( &TP ); mbedtls_mpi_init( &TQ );
@@ -975,57 +975,54 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &I, &T ) );
- if( f_rng != NULL )
- {
- /*
- * Blinding
- * T = T * Vi mod N
- */
- MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
+ /*
+ * Blinding
+ * T = T * Vi mod N
+ */
+ MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
- /*
- * Exponent blinding
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) );
+ /*
+ * Exponent blinding
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) );
#if defined(MBEDTLS_RSA_NO_CRT)
- /*
- * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
- f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) );
+ /*
+ * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+ f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) );
- D = &D_blind;
+ D = &D_blind;
#else
- /*
- * DP_blind = ( P - 1 ) * R + DP
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
- f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind,
- &ctx->DP ) );
+ /*
+ * DP_blind = ( P - 1 ) * R + DP
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+ f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind,
+ &ctx->DP ) );
- DP = &DP_blind;
+ DP = &DP_blind;
- /*
- * DQ_blind = ( Q - 1 ) * R + DQ
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
- f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind,
- &ctx->DQ ) );
+ /*
+ * DQ_blind = ( Q - 1 ) * R + DQ
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+ f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind,
+ &ctx->DQ ) );
- DQ = &DQ_blind;
+ DQ = &DQ_blind;
#endif /* MBEDTLS_RSA_NO_CRT */
- }
#if defined(MBEDTLS_RSA_NO_CRT)
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, D, &ctx->N, &ctx->RN ) );
@@ -1054,15 +1051,12 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &TQ, &TP ) );
#endif /* MBEDTLS_RSA_NO_CRT */
- if( f_rng != NULL )
- {
- /*
- * Unblind
- * T = T * Vf mod N
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
- }
+ /*
+ * Unblind
+ * T = T * Vf mod N
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
/* Verify the result to prevent glitching attacks. */
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &C, &T, &ctx->E,
@@ -1086,15 +1080,12 @@
mbedtls_mpi_free( &Q1 );
mbedtls_mpi_free( &R );
- if( f_rng != NULL )
- {
#if defined(MBEDTLS_RSA_NO_CRT)
- mbedtls_mpi_free( &D_blind );
+ mbedtls_mpi_free( &D_blind );
#else
- mbedtls_mpi_free( &DP_blind );
- mbedtls_mpi_free( &DQ_blind );
+ mbedtls_mpi_free( &DP_blind );
+ mbedtls_mpi_free( &DQ_blind );
#endif
- }
mbedtls_mpi_free( &T );
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 1bda9c0..be0acb7 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -38,7 +38,7 @@
/*
* Ordered from most preferred to least preferred in terms of security.
*
- * Current rule (except RC4 and 3DES, weak and null which come last):
+ * Current rule (except weak and null which come last):
* 1. By key exchange:
* Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
* 2. By key length and cipher:
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5c1bc32..2961637 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3504,6 +3504,9 @@
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
+ if( ssl->handshake->resume == 1 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+
if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate,
session ) ) != 0 )
return( ret );
@@ -4465,6 +4468,8 @@
int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
mbedtls_ssl_session *dst )
{
+ int ret;
+
if( ssl == NULL ||
dst == NULL ||
ssl->session == NULL ||
@@ -4473,18 +4478,30 @@
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
- return( mbedtls_ssl_session_copy( dst, ssl->session ) );
+ /* Since Mbed TLS 3.0, mbedtls_ssl_get_session() is no longer
+ * idempotent: Each session can only be exported once.
+ *
+ * (This is in preparation for TLS 1.3 support where we will
+ * need the ability to export multiple sessions (aka tickets),
+ * which will be achieved by calling mbedtls_ssl_get_session()
+ * multiple times until it fails.)
+ *
+ * Check whether we have already exported the current session,
+ * and fail if so.
+ */
+ if( ssl->session->exported == 1 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+
+ ret = mbedtls_ssl_session_copy( dst, ssl->session );
+ if( ret != 0 )
+ return( ret );
+
+ /* Remember that we've exported the session. */
+ ssl->session->exported = 1;
+ return( 0 );
}
#endif /* MBEDTLS_SSL_CLI_C */
-const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl )
-{
- if( ssl == NULL )
- return( NULL );
-
- return( ssl->session );
-}
-
/*
* Define ticket header determining Mbed TLS version
* and structure of the ticket.
diff --git a/library/timing.c b/library/timing.c
index 664fde0..a85ce67 100644
--- a/library/timing.c
+++ b/library/timing.c
@@ -19,13 +19,6 @@
#include "common.h"
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif
-
#if defined(MBEDTLS_TIMING_C)
#include "mbedtls/timing.h"
@@ -38,10 +31,6 @@
#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h"
#endif
-#ifndef asm
-#define asm __asm
-#endif
-
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
#include <windows.h>
@@ -67,174 +56,25 @@
#endif /* _WIN32 && !EFIX64 && !EFI32 */
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long tsc;
- __asm rdtsc
- __asm mov [tsc], eax
- return( tsc );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
-
-/* some versions of mingw-64 have 32-bit longs even on x84_64 */
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && ( defined(__i386__) || ( \
- ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long lo, hi;
- asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
- return( lo );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __i386__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long lo, hi;
- asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
- return( lo | ( hi << 32 ) );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && ( __amd64__ || __x86_64__ ) */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long tbl, tbu0, tbu1;
-
- do
- {
- asm volatile( "mftbu %0" : "=r" (tbu0) );
- asm volatile( "mftb %0" : "=r" (tbl ) );
- asm volatile( "mftbu %0" : "=r" (tbu1) );
- }
- while( tbu0 != tbu1 );
-
- return( tbl );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && ( __powerpc__ || __ppc__ ) */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && defined(__sparc64__)
-
-#if defined(__OpenBSD__)
-#warning OpenBSD does not allow access to tick register using software version instead
-#else
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long tick;
- asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) );
- return( tick );
-}
-#endif /* __OpenBSD__ */
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __sparc64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long tick;
- asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" );
- asm volatile( "mov %%g1, %0" : "=r" (tick) );
- return( tick );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __sparc__ && !__sparc64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && defined(__alpha__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long cc;
- asm volatile( "rpcc %0" : "=r" (cc) );
- return( cc & 0xFFFFFFFF );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __alpha__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && defined(__ia64__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long itc;
- asm volatile( "mov %0 = ar.itc" : "=r" (itc) );
- return( itc );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __ia64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \
- !defined(EFIX64) && !defined(EFI32)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- LARGE_INTEGER offset;
-
- QueryPerformanceCounter( &offset );
-
- return( (unsigned long)( offset.QuadPart ) );
-}
-#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
-
-#if !defined(HAVE_HARDCLOCK)
-
-#define HAVE_HARDCLOCK
-
-static int hardclock_init = 0;
-static struct timeval tv_init;
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- struct timeval tv_cur;
-
- if( hardclock_init == 0 )
- {
- gettimeofday( &tv_init, NULL );
- hardclock_init = 1;
- }
-
- gettimeofday( &tv_cur, NULL );
- return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000
- + ( tv_cur.tv_usec - tv_init.tv_usec ) );
-}
-#endif /* !HAVE_HARDCLOCK */
-
-volatile int mbedtls_timing_alarmed = 0;
-
+/**
+ * \brief Return the elapsed time in milliseconds
+ *
+ * \warning May change without notice
+ *
+ * \param val points to a timer structure
+ * \param reset If 0, query the elapsed time. Otherwise (re)start the timer.
+ *
+ * \return Elapsed time since the previous reset in ms. When
+ * restarting, this is always 0.
+ *
+ * \note To initialize a timer, call this function with reset=1.
+ *
+ * Determining the elapsed time and resetting the timer is not
+ * atomic on all platforms, so after the sequence
+ * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 =
+ * get_timer(0) }` the value time1+time2 is only approximately
+ * the delay since the first reset.
+ */
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
@@ -258,33 +98,6 @@
}
}
-/* It's OK to use a global because alarm() is supposed to be global anyway */
-static DWORD alarmMs;
-
-static void TimerProc( void *TimerContext )
-{
- (void) TimerContext;
- Sleep( alarmMs );
- mbedtls_timing_alarmed = 1;
- /* _endthread will be called implicitly on return
- * That ensures execution of thread funcition's epilogue */
-}
-
-void mbedtls_set_alarm( int seconds )
-{
- if( seconds == 0 )
- {
- /* No need to create a thread for this simple case.
- * Also, this shorcut is more reliable at least on MinGW32 */
- mbedtls_timing_alarmed = 1;
- return;
- }
-
- mbedtls_timing_alarmed = 0;
- alarmMs = seconds * 1000;
- (void) _beginthread( TimerProc, 0, NULL );
-}
-
#else /* _WIN32 && !EFIX64 && !EFI32 */
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
@@ -307,25 +120,6 @@
}
}
-static void sighandler( int signum )
-{
- mbedtls_timing_alarmed = 1;
- signal( signum, sighandler );
-}
-
-void mbedtls_set_alarm( int seconds )
-{
- mbedtls_timing_alarmed = 0;
- signal( SIGALRM, sighandler );
- alarm( seconds );
- if( seconds == 0 )
- {
- /* alarm(0) cancelled any previous pending alarm, but the
- handler won't fire, so raise the flag straight away. */
- mbedtls_timing_alarmed = 1;
- }
-}
-
#endif /* _WIN32 && !EFIX64 && !EFI32 */
/*
@@ -365,178 +159,4 @@
}
#endif /* !MBEDTLS_TIMING_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * Busy-waits for the given number of milliseconds.
- * Used for testing mbedtls_timing_hardclock.
- */
-static void busy_msleep( unsigned long msec )
-{
- struct mbedtls_timing_hr_time hires;
- unsigned long i = 0; /* for busy-waiting */
- volatile unsigned long j; /* to prevent optimisation */
-
- (void) mbedtls_timing_get_timer( &hires, 1 );
-
- while( mbedtls_timing_get_timer( &hires, 0 ) < msec )
- i++;
-
- j = i;
- (void) j;
-}
-
-static void print_timers( struct mbedtls_timing_hr_time *hires,
- mbedtls_timing_delay_context *ctx )
-{
-#if defined(MBEDTLS_TIMING_ALT)
- mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=?? status(ctx)=%d\n",
- mbedtls_timing_get_timer( hires, 0 ),
- mbedtls_timing_get_delay( ctx ) );
-#else
- mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n",
- mbedtls_timing_get_timer( hires, 0 ),
- mbedtls_timing_get_timer( &ctx->timer, 0 ),
- mbedtls_timing_get_delay( ctx ) );
-#endif
-}
-
-#define FAIL do \
- { \
- if( verbose != 0 ) \
- { \
- mbedtls_printf( "failed at line %d\n", __LINE__ ); \
- mbedtls_printf( " cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \
- cycles, ratio, millisecs, secs, hardfail, \
- (unsigned long) a, (unsigned long) b ); \
- print_timers( &hires, &ctx ); \
- } \
- return( 1 ); \
- } while( 0 )
-
-/*
- * Checkup routine
- *
- * Warning: this is work in progress, some tests may not be reliable enough
- * yet! False positives may happen.
- */
-int mbedtls_timing_self_test( int verbose )
-{
- unsigned long cycles = 0, ratio = 0;
- unsigned long millisecs = 0, secs = 0;
- int hardfail = 0;
- struct mbedtls_timing_hr_time hires;
- uint32_t a = 0, b = 0;
- mbedtls_timing_delay_context ctx;
-
- if( verbose != 0 )
- mbedtls_printf( " TIMING tests note: will take some time!\n" );
-
- if( verbose != 0 )
- mbedtls_printf( " TIMING test #1 (set_alarm / get_timer): " );
-
- {
- secs = 1;
-
- (void) mbedtls_timing_get_timer( &hires, 1 );
-
- mbedtls_set_alarm( (int) secs );
- while( !mbedtls_timing_alarmed )
- ;
-
- millisecs = mbedtls_timing_get_timer( &hires, 0 );
-
- /* For some reason on Windows it looks like alarm has an extra delay
- * (maybe related to creating a new thread). Allow some room here. */
- if( millisecs < 800 * secs || millisecs > 1200 * secs + 300 )
- FAIL;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
-
- if( verbose != 0 )
- mbedtls_printf( " TIMING test #2 (set/get_delay ): " );
-
- {
- a = 800;
- b = 400;
- mbedtls_timing_set_delay( &ctx, a, a + b ); /* T = 0 */
-
- busy_msleep( a - a / 4 ); /* T = a - a/4 */
- if( mbedtls_timing_get_delay( &ctx ) != 0 )
- FAIL;
-
- busy_msleep( a / 4 + b / 4 ); /* T = a + b/4 */
- if( mbedtls_timing_get_delay( &ctx ) != 1 )
- FAIL;
-
- busy_msleep( b ); /* T = a + b + b/4 */
- if( mbedtls_timing_get_delay( &ctx ) != 2 )
- FAIL;
- }
-
- mbedtls_timing_set_delay( &ctx, 0, 0 );
- busy_msleep( 200 );
- if( mbedtls_timing_get_delay( &ctx ) != -1 )
- FAIL;
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
-
- if( verbose != 0 )
- mbedtls_printf( " TIMING test #3 (hardclock / get_timer): " );
-
- /*
- * Allow one failure for possible counter wrapping.
- * On a 4Ghz 32-bit machine the cycle counter wraps about once per second;
- * since the whole test is about 10ms, it shouldn't happen twice in a row.
- */
-
-hard_test:
- if( hardfail > 1 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed (ignored)\n" );
-
- goto hard_test_done;
- }
-
- /* Get a reference ratio cycles/ms */
- millisecs = 1;
- cycles = mbedtls_timing_hardclock();
- busy_msleep( millisecs );
- cycles = mbedtls_timing_hardclock() - cycles;
- ratio = cycles / millisecs;
-
- /* Check that the ratio is mostly constant */
- for( millisecs = 2; millisecs <= 4; millisecs++ )
- {
- cycles = mbedtls_timing_hardclock();
- busy_msleep( millisecs );
- cycles = mbedtls_timing_hardclock() - cycles;
-
- /* Allow variation up to 20% */
- if( cycles / millisecs < ratio - ratio / 5 ||
- cycles / millisecs > ratio + ratio / 5 )
- {
- hardfail++;
- goto hard_test;
- }
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
-
-hard_test_done:
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
- return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
#endif /* MBEDTLS_TIMING_C */
diff --git a/library/xtea.c b/library/xtea.c
deleted file mode 100644
index 4b8c9c0..0000000
--- a/library/xtea.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/*
- * An 32-bit implementation of the XTEA algorithm
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_XTEA_C)
-
-#include "mbedtls/xtea.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_XTEA_ALT)
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
-void mbedtls_xtea_init( mbedtls_xtea_context *ctx )
-{
- memset( ctx, 0, sizeof( mbedtls_xtea_context ) );
-}
-
-void mbedtls_xtea_free( mbedtls_xtea_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_xtea_context ) );
-}
-
-/*
- * XTEA key schedule
- */
-void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] )
-{
- int i;
-
- memset( ctx, 0, sizeof(mbedtls_xtea_context) );
-
- for( i = 0; i < 4; i++ )
- {
- GET_UINT32_BE( ctx->k[i], key, i << 2 );
- }
-}
-
-/*
- * XTEA encrypt function
- */
-int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode,
- const unsigned char input[8], unsigned char output[8])
-{
- uint32_t *k, v0, v1, i;
-
- k = ctx->k;
-
- GET_UINT32_BE( v0, input, 0 );
- GET_UINT32_BE( v1, input, 4 );
-
- if( mode == MBEDTLS_XTEA_ENCRYPT )
- {
- uint32_t sum = 0, delta = 0x9E3779B9;
-
- for( i = 0; i < 32; i++ )
- {
- v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
- sum += delta;
- v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
- }
- }
- else /* MBEDTLS_XTEA_DECRYPT */
- {
- uint32_t delta = 0x9E3779B9, sum = delta * 32;
-
- for( i = 0; i < 32; i++ )
- {
- v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
- sum -= delta;
- v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
- }
- }
-
- PUT_UINT32_BE( v0, output, 0 );
- PUT_UINT32_BE( v1, output, 4 );
-
- return( 0 );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * XTEA-CBC buffer encryption/decryption
- */
-int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length,
- unsigned char iv[8], const unsigned char *input,
- unsigned char *output)
-{
- int i;
- unsigned char temp[8];
-
- if( length % 8 )
- return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH );
-
- if( mode == MBEDTLS_XTEA_DECRYPT )
- {
- while( length > 0 )
- {
- memcpy( temp, input, 8 );
- mbedtls_xtea_crypt_ecb( ctx, mode, input, output );
-
- for( i = 0; i < 8; i++ )
- output[i] = (unsigned char)( output[i] ^ iv[i] );
-
- memcpy( iv, temp, 8 );
-
- input += 8;
- output += 8;
- length -= 8;
- }
- }
- else
- {
- while( length > 0 )
- {
- for( i = 0; i < 8; i++ )
- output[i] = (unsigned char)( input[i] ^ iv[i] );
-
- mbedtls_xtea_crypt_ecb( ctx, mode, output, output );
- memcpy( iv, output, 8 );
-
- input += 8;
- output += 8;
- length -= 8;
- }
- }
-
- return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-#endif /* !MBEDTLS_XTEA_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * XTEA tests vectors (non-official)
- */
-
-static const unsigned char xtea_test_key[6][16] =
-{
- { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
- 0x0c, 0x0d, 0x0e, 0x0f },
- { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
- 0x0c, 0x0d, 0x0e, 0x0f },
- { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
- 0x0c, 0x0d, 0x0e, 0x0f },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00 },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00 },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char xtea_test_pt[6][8] =
-{
- { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
- { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
- { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f },
- { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
- { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
- { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 }
-};
-
-static const unsigned char xtea_test_ct[6][8] =
-{
- { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 },
- { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 },
- { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
- { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 },
- { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d },
- { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_xtea_self_test( int verbose )
-{
- int i, ret = 0;
- unsigned char buf[8];
- mbedtls_xtea_context ctx;
-
- mbedtls_xtea_init( &ctx );
- for( i = 0; i < 6; i++ )
- {
- if( verbose != 0 )
- mbedtls_printf( " XTEA test #%d: ", i + 1 );
-
- memcpy( buf, xtea_test_pt[i], 8 );
-
- mbedtls_xtea_setup( &ctx, xtea_test_key[i] );
- mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf );
-
- if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- ret = 1;
- goto exit;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
- }
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
-exit:
- mbedtls_xtea_free( &ctx );
-
- return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_XTEA_C */
diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
index 62a54c7..85bcd5f 100644
--- a/programs/aes/CMakeLists.txt
+++ b/programs/aes/CMakeLists.txt
@@ -5,6 +5,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedcrypto_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables}
diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt
index 4f35d76..c7fcd35 100644
--- a/programs/fuzz/CMakeLists.txt
+++ b/programs/fuzz/CMakeLists.txt
@@ -8,7 +8,6 @@
endif()
set(executables_no_common_c
- fuzz_privkey
fuzz_pubkey
fuzz_x509crl
fuzz_x509crt
@@ -16,6 +15,7 @@
)
set(executables_with_common_c
+ fuzz_privkey
fuzz_client
fuzz_dtlsclient
fuzz_dtlsserver
diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c
index 34ff63e..9a6e894 100644
--- a/programs/fuzz/fuzz_dtlsserver.c
+++ b/programs/fuzz/fuzz_dtlsserver.c
@@ -55,7 +55,8 @@
mbedtls_test_cas_pem_len ) != 0)
return 1;
if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 ) != 0)
+ mbedtls_test_srv_key_len, NULL, 0,
+ dummy_random, NULL ) != 0)
return 1;
#endif
dummy_init();
diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c
index f76afd1..b9a160e 100644
--- a/programs/fuzz/fuzz_privkey.c
+++ b/programs/fuzz/fuzz_privkey.c
@@ -3,6 +3,7 @@
#include <stdint.h>
#include <stdlib.h>
#include "mbedtls/pk.h"
+#include "common.h"
//4 Kb should be enough for every bug ;-)
#define MAX_LEN 0x1000
@@ -19,7 +20,8 @@
}
mbedtls_pk_init( &pk );
- ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 );
+ ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0,
+ dummy_random, NULL );
if (ret == 0) {
#if defined(MBEDTLS_RSA_C)
if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c
index 5480e3e..c35b425 100644
--- a/programs/fuzz/fuzz_server.c
+++ b/programs/fuzz/fuzz_server.c
@@ -56,6 +56,13 @@
options = Data[Size - 1];
if (initialized == 0) {
+ mbedtls_ctr_drbg_init( &ctr_drbg );
+ mbedtls_entropy_init( &entropy );
+
+ if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
+ (const unsigned char *) pers, strlen( pers ) ) != 0 )
+ return 1;
+
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
mbedtls_x509_crt_init( &srvcert );
mbedtls_pk_init( &pkey );
@@ -66,7 +73,8 @@
mbedtls_test_cas_pem_len ) != 0)
return 1;
if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 ) != 0)
+ mbedtls_test_srv_key_len, NULL, 0,
+ dummy_random, &ctr_drbg ) != 0)
return 1;
#endif
@@ -80,17 +88,10 @@
}
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
mbedtls_ssl_ticket_init( &ticket_ctx );
#endif
- if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
- (const unsigned char *) pers, strlen( pers ) ) != 0 )
- goto exit;
-
-
if( mbedtls_ssl_config_defaults( &conf,
MBEDTLS_SSL_IS_SERVER,
MBEDTLS_SSL_TRANSPORT_STREAM,
diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt
index b2f2a1f..729474c 100644
--- a/programs/hash/CMakeLists.txt
+++ b/programs/hash/CMakeLists.txt
@@ -6,6 +6,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedcrypto_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables}
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index 9c6fe7d..3ad5643 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -6,6 +6,7 @@
foreach(exe IN LISTS executables_mbedtls)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedtls_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
set(executables_mbedcrypto
@@ -32,6 +33,7 @@
foreach(exe IN LISTS executables_mbedcrypto)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedcrypto_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto}
diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c
index 7bd93c7..2145e07 100644
--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c
@@ -35,10 +35,13 @@
#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && \
- defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO)
+ defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \
+ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/error.h"
#include "mbedtls/rsa.h"
#include "mbedtls/pk.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
#include <string.h>
#endif
@@ -63,11 +66,13 @@
"\n"
#if !defined(MBEDTLS_BIGNUM_C) || \
- !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO)
+ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
+ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
- "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
+ "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
+ "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined.\n");
mbedtls_exit( 0 );
}
#else
@@ -92,12 +97,19 @@
int i;
char *p, *q;
+ const char *pers = "pkey/key_app";
+ mbedtls_entropy_context entropy;
+ mbedtls_ctr_drbg_context ctr_drbg;
+
mbedtls_pk_context pk;
mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
/*
* Set to sane values
*/
+ mbedtls_entropy_init( &entropy );
+ mbedtls_ctr_drbg_init( &ctr_drbg );
+
mbedtls_pk_init( &pk );
memset( buf, 0, sizeof(buf) );
@@ -181,7 +193,16 @@
mbedtls_printf( "\n . Loading the private key ..." );
fflush( stdout );
- ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password );
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
+ goto cleanup;
+ }
+
+ ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
@@ -299,6 +320,9 @@
}
#endif
+ mbedtls_ctr_drbg_free( &ctr_drbg );
+ mbedtls_entropy_free( &entropy );
+
mbedtls_pk_free( &pk );
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
@@ -311,4 +335,5 @@
mbedtls_exit( exit_code );
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
+ MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c
index 4b65262..89c67ed 100644
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c
@@ -34,11 +34,16 @@
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif /* MBEDTLS_PLATFORM_C */
-#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO)
+#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) && \
+ defined(MBEDTLS_FS_IO) && \
+ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/error.h"
#include "mbedtls/pk.h"
#include "mbedtls/error.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
#include <stdio.h>
#include <string.h>
#endif
@@ -88,10 +93,14 @@
#if !defined(MBEDTLS_PK_PARSE_C) || \
!defined(MBEDTLS_PK_WRITE_C) || \
- !defined(MBEDTLS_FS_IO)
+ !defined(MBEDTLS_FS_IO) || \
+ !defined(MBEDTLS_ENTROPY_C) || \
+ !defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
- mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" );
+ mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or "
+ "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
+ "MBEDTLS_FS_IO not defined.\n" );
mbedtls_exit( 0 );
}
#else
@@ -201,12 +210,19 @@
int i;
char *p, *q;
+ const char *pers = "pkey/key_app";
+ mbedtls_entropy_context entropy;
+ mbedtls_ctr_drbg_context ctr_drbg;
+
mbedtls_pk_context key;
mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
/*
* Set to sane values
*/
+ mbedtls_entropy_init( &entropy );
+ mbedtls_ctr_drbg_init( &ctr_drbg );
+
mbedtls_pk_init( &key );
memset( buf, 0, sizeof( buf ) );
@@ -292,8 +308,16 @@
mbedtls_printf( "\n . Loading the private key ..." );
fflush( stdout );
- ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL );
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
+ goto exit;
+ }
+ ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
@@ -429,6 +453,9 @@
mbedtls_pk_free( &key );
+ mbedtls_ctr_drbg_free( &ctr_drbg );
+ mbedtls_entropy_free( &entropy );
+
#if defined(_WIN32)
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
@@ -436,4 +463,5 @@
mbedtls_exit( exit_code );
}
-#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
+#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO &&
+ MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c
index 810d6fb..e01f5d5 100644
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c
@@ -106,7 +106,8 @@
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+ if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+ mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret );
goto exit;
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index 451e3de..422fa25 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -101,7 +101,8 @@
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+ if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+ mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! Could not parse '%s'\n", argv[1] );
goto exit;
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index 26056dd..bbbe0a9 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -102,7 +102,8 @@
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+ if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+ mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] );
mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt
index f32dc31..e5edf7b 100644
--- a/programs/random/CMakeLists.txt
+++ b/programs/random/CMakeLists.txt
@@ -6,6 +6,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedcrypto_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables}
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index de47aab..d2cc450 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -79,6 +79,7 @@
#include "mbedtls/error.h"
#include "mbedtls/debug.h"
#include "mbedtls/timing.h"
+
#include "test/certs.h"
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -138,7 +139,23 @@
#endif
/*
- * 1. Load the certificates and private RSA key
+ * 1. Seed the RNG
+ */
+ printf( " . Seeding the random number generator..." );
+ fflush( stdout );
+
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
+ goto exit;
+ }
+
+ printf( " ok\n" );
+
+ /*
+ * 2. Load the certificates and private RSA key
*/
printf( "\n . Loading the server cert. and key..." );
fflush( stdout );
@@ -165,7 +182,7 @@
}
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 );
+ mbedtls_test_srv_key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
@@ -175,7 +192,7 @@
printf( " ok\n" );
/*
- * 2. Setup the "listening" UDP socket
+ * 3. Setup the "listening" UDP socket
*/
printf( " . Bind on udp/*/4433 ..." );
fflush( stdout );
@@ -189,22 +206,6 @@
printf( " ok\n" );
/*
- * 3. Seed the RNG
- */
- printf( " . Seeding the random number generator..." );
- fflush( stdout );
-
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
- goto exit;
- }
-
- printf( " ok\n" );
-
- /*
* 4. Setup stuff
*/
printf( " . Setting up the DTLS data..." );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 98a3048..322cef8 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1548,12 +1548,12 @@
else
#if defined(MBEDTLS_FS_IO)
if( strlen( opt.key_file ) )
- ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd );
+ ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd, rng_get, &rng );
else
#endif
ret = mbedtls_pk_parse_key( &pkey,
(const unsigned char *) mbedtls_test_cli_key,
- mbedtls_test_cli_key_len, NULL, 0 );
+ mbedtls_test_cli_key_len, NULL, 0, rng_get, &rng );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",
@@ -2163,6 +2163,8 @@
if( opt.reco_mode == 1 )
{
+ mbedtls_ssl_session exported_session;
+
/* free any previously saved data */
if( session_data != NULL )
{
@@ -2171,27 +2173,40 @@
session_data = NULL;
}
+ mbedtls_ssl_session_init( &exported_session );
+ ret = mbedtls_ssl_get_session( &ssl, &exported_session );
+ if( ret != 0 )
+ {
+ mbedtls_printf(
+ "failed\n ! mbedtls_ssl_get_session() returned -%#02x\n",
+ (unsigned) -ret );
+ goto exit;
+ }
+
/* get size of the buffer needed */
- mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
- NULL, 0, &session_data_len );
+ mbedtls_ssl_session_save( &exported_session, NULL, 0, &session_data_len );
session_data = mbedtls_calloc( 1, session_data_len );
if( session_data == NULL )
{
mbedtls_printf( " failed\n ! alloc %u bytes for session data\n",
(unsigned) session_data_len );
+ mbedtls_ssl_session_free( &exported_session );
ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
goto exit;
}
/* actually save session data */
- if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
+ if( ( ret = mbedtls_ssl_session_save( &exported_session,
session_data, session_data_len,
&session_data_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
(unsigned int) -ret );
+ mbedtls_ssl_session_free( &exported_session );
goto exit;
}
+
+ mbedtls_ssl_session_free( &exported_session );
}
else
{
diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c
index b360991..1c506b7 100644
--- a/programs/ssl/ssl_context_info.c
+++ b/programs/ssl/ssl_context_info.c
@@ -700,12 +700,6 @@
case MBEDTLS_MD_NONE:
printf( "none\n" );
break;
- case MBEDTLS_MD_MD2:
- printf( "MD2\n" );
- break;
- case MBEDTLS_MD_MD4:
- printf( "MD4\n" );
- break;
case MBEDTLS_MD_MD5:
printf( "MD5\n" );
break;
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 5732108..7419010 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -166,7 +166,8 @@
}
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 );
+ mbedtls_test_srv_key_len, NULL, 0,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed! mbedtls_pk_parse_key returned %d\n\n", ret );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 09bbc3d..f223977 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -556,12 +556,17 @@
#if defined(MBEDTLS_FS_IO)
if( strlen( opt.key_file ) )
- ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" );
+ {
+ ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "",
+ mbedtls_ctr_drbg_random, &ctr_drbg );
+ }
else
#endif
#if defined(MBEDTLS_PEM_PARSE_C)
+ {
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key,
- mbedtls_test_cli_key_len, NULL, 0 );
+ mbedtls_test_cli_key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg );
+ }
#else
{
mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index 93eab46..a083e4b 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -360,7 +360,23 @@
mbedtls_entropy_init( &entropy );
/*
- * 1. Load the certificates and private RSA key
+ * 1a. Seed the random number generator
+ */
+ mbedtls_printf( " . Seeding the random number generator..." );
+
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
+ ( unsigned int ) -ret );
+ goto exit;
+ }
+
+ mbedtls_printf( " ok\n" );
+
+ /*
+ * 1b. Load the certificates and private RSA key
*/
mbedtls_printf( "\n . Loading the server cert. and key..." );
fflush( stdout );
@@ -388,7 +404,8 @@
mbedtls_pk_init( &pkey );
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 );
+ mbedtls_test_srv_key_len, NULL, 0,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
@@ -398,22 +415,6 @@
mbedtls_printf( " ok\n" );
/*
- * 1b. Seed the random number generator
- */
- mbedtls_printf( " . Seeding the random number generator..." );
-
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
- ( unsigned int ) -ret );
- goto exit;
- }
-
- mbedtls_printf( " ok\n" );
-
- /*
* 1c. Prepare SSL configuration
*/
mbedtls_printf( " . Setting up the SSL data...." );
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 42196ff..aaccb58 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -125,7 +125,23 @@
#endif
/*
- * 1. Load the certificates and private RSA key
+ * 1. Seed the RNG
+ */
+ mbedtls_printf( " . Seeding the random number generator..." );
+ fflush( stdout );
+
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
+ goto exit;
+ }
+
+ mbedtls_printf( " ok\n" );
+
+ /*
+ * 2. Load the certificates and private RSA key
*/
mbedtls_printf( "\n . Loading the server cert. and key..." );
fflush( stdout );
@@ -152,7 +168,8 @@
}
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 );
+ mbedtls_test_srv_key_len, NULL, 0,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
@@ -162,7 +179,7 @@
mbedtls_printf( " ok\n" );
/*
- * 2. Setup the listening TCP socket
+ * 3. Setup the listening TCP socket
*/
mbedtls_printf( " . Bind on https://localhost:4433/ ..." );
fflush( stdout );
@@ -176,22 +193,6 @@
mbedtls_printf( " ok\n" );
/*
- * 3. Seed the RNG
- */
- mbedtls_printf( " . Seeding the random number generator..." );
- fflush( stdout );
-
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
- goto exit;
- }
-
- mbedtls_printf( " ok\n" );
-
- /*
* 4. Setup stuff
*/
mbedtls_printf( " . Setting up the SSL data...." );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index de4eb6d..51125bd 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -525,6 +525,8 @@
(out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \
}
+/* This is global so it can be easily accessed by callback functions */
+rng_context_t rng;
/*
* global options
@@ -727,7 +729,7 @@
mbedtls_pk_init( new->key );
if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 ||
- mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 )
+ mbedtls_pk_parse_keyfile( new->key, key_file, "", rng_get, &rng ) != 0 )
goto error;
if( strcmp( ca_file, "-" ) != 0 )
@@ -1045,7 +1047,8 @@
for( slot = 0; slot < config_data->slots_used; slot++ )
{
if( mbedtls_pk_check_pair( &cert->pk,
- config_data->slots[slot].pk ) == 0 )
+ config_data->slots[slot].pk,
+ rng_get, &rng ) == 0 )
break;
}
if( slot == config_data->slots_used )
@@ -1271,7 +1274,6 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
- rng_context_t rng;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
#if defined(MBEDTLS_TIMING_C)
@@ -2257,7 +2259,7 @@
{
key_cert_init++;
if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file,
- opt.key_pwd ) ) != 0 )
+ opt.key_pwd, rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
@@ -2283,7 +2285,7 @@
{
key_cert_init2++;
if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2,
- opt.key_pwd2 ) ) != 0 )
+ opt.key_pwd2, rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
(unsigned int) -ret );
@@ -2314,7 +2316,8 @@
}
if( ( ret = mbedtls_pk_parse_key( &pkey,
(const unsigned char *) mbedtls_test_srv_key_rsa,
- mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 )
+ mbedtls_test_srv_key_rsa_len, NULL, 0,
+ rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",
(unsigned int) -ret );
@@ -2333,7 +2336,8 @@
}
if( ( ret = mbedtls_pk_parse_key( &pkey2,
(const unsigned char *) mbedtls_test_srv_key_ec,
- mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 )
+ mbedtls_test_srv_key_ec_len, NULL, 0,
+ rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n",
(unsigned int) -ret );
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 1c5caa6..6a53647 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -47,18 +47,15 @@
#include "mbedtls/timing.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/des.h"
#include "mbedtls/aes.h"
#include "mbedtls/aria.h"
-#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
#include "mbedtls/chacha20.h"
#include "mbedtls/gcm.h"
@@ -77,10 +74,41 @@
#include "mbedtls/error.h"
+#ifndef asm
+#define asm __asm
+#endif
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+#include <windows.h>
+#include <process.h>
+
+struct _hr_time
+{
+ LARGE_INTEGER start;
+};
+
+#else
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <signal.h>
+#include <time.h>
+
+struct _hr_time
+{
+ struct timeval start;
+};
+
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#include "mbedtls/memory_buffer_alloc.h"
#endif
+static void mbedtls_set_alarm( int seconds );
+
/*
* For heap usage estimates, we need an estimate of the overhead per allocated
* block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block,
@@ -98,8 +126,8 @@
#define TITLE_LEN 25
#define OPTIONS \
- "md4, md5, ripemd160, sha1, sha256, sha512,\n" \
- "arc4, des3, des, camellia, blowfish, chacha20,\n" \
+ "md5, ripemd160, sha1, sha256, sha512,\n" \
+ "des3, des, camellia, chacha20,\n" \
"aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n" \
"aes_cmac, des3_cmac, poly1305\n" \
"ctr_drbg, hmac_drbg\n" \
@@ -212,6 +240,226 @@
} \
} while( 0 )
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long tsc;
+ __asm rdtsc
+ __asm mov [tsc], eax
+ return( tsc );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
+
+/* some versions of mingw-64 have 32-bit longs even on x84_64 */
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && ( defined(__i386__) || ( \
+ ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) )
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long lo, hi;
+ asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
+ return( lo );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __i386__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) )
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long lo, hi;
+ asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
+ return( lo | ( hi << 32 ) );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && ( __amd64__ || __x86_64__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) )
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long tbl, tbu0, tbu1;
+
+ do
+ {
+ asm volatile( "mftbu %0" : "=r" (tbu0) );
+ asm volatile( "mftb %0" : "=r" (tbl ) );
+ asm volatile( "mftbu %0" : "=r" (tbu1) );
+ }
+ while( tbu0 != tbu1 );
+
+ return( tbl );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && ( __powerpc__ || __ppc__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && defined(__sparc64__)
+
+#if defined(__OpenBSD__)
+#warning OpenBSD does not allow access to tick register using software version instead
+#else
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long tick;
+ asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) );
+ return( tick );
+}
+#endif /* __OpenBSD__ */
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long tick;
+ asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" );
+ asm volatile( "mov %%g1, %0" : "=r" (tick) );
+ return( tick );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __sparc__ && !__sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && defined(__alpha__)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long cc;
+ asm volatile( "rpcc %0" : "=r" (cc) );
+ return( cc & 0xFFFFFFFF );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __alpha__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && defined(__ia64__)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long itc;
+ asm volatile( "mov %0 = ar.itc" : "=r" (itc) );
+ return( itc );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __ia64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \
+ !defined(EFIX64) && !defined(EFI32)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ LARGE_INTEGER offset;
+
+ QueryPerformanceCounter( &offset );
+
+ return( (unsigned long)( offset.QuadPart ) );
+}
+#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
+
+#if !defined(HAVE_HARDCLOCK)
+
+#define HAVE_HARDCLOCK
+
+static int hardclock_init = 0;
+static struct timeval tv_init;
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ struct timeval tv_cur;
+
+ if( hardclock_init == 0 )
+ {
+ gettimeofday( &tv_init, NULL );
+ hardclock_init = 1;
+ }
+
+ gettimeofday( &tv_cur, NULL );
+ return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000
+ + ( tv_cur.tv_usec - tv_init.tv_usec ) );
+}
+#endif /* !HAVE_HARDCLOCK */
+
+volatile int mbedtls_timing_alarmed = 0;
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+/* It's OK to use a global because alarm() is supposed to be global anyway */
+static DWORD alarmMs;
+
+static void TimerProc( void *TimerContext )
+{
+ (void) TimerContext;
+ Sleep( alarmMs );
+ mbedtls_timing_alarmed = 1;
+ /* _endthread will be called implicitly on return
+ * That ensures execution of thread funcition's epilogue */
+}
+
+static void mbedtls_set_alarm( int seconds )
+{
+ if( seconds == 0 )
+ {
+ /* No need to create a thread for this simple case.
+ * Also, this shorcut is more reliable at least on MinGW32 */
+ mbedtls_timing_alarmed = 1;
+ return;
+ }
+
+ mbedtls_timing_alarmed = 0;
+ alarmMs = seconds * 1000;
+ (void) _beginthread( TimerProc, 0, NULL );
+}
+
+#else /* _WIN32 && !EFIX64 && !EFI32 */
+
+static void sighandler( int signum )
+{
+ mbedtls_timing_alarmed = 1;
+ signal( signum, sighandler );
+}
+
+static void mbedtls_set_alarm( int seconds )
+{
+ mbedtls_timing_alarmed = 0;
+ signal( SIGALRM, sighandler );
+ alarm( seconds );
+ if( seconds == 0 )
+ {
+ /* alarm(0) cancelled any previous pending alarm, but the
+ handler won't fire, so raise the flag straight away. */
+ mbedtls_timing_alarmed = 1;
+ }
+}
+
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
static int myrand( void *rng_state, unsigned char *output, size_t len )
{
size_t use_len;
@@ -289,11 +537,11 @@
unsigned char buf[BUFSIZE];
typedef struct {
- char md4, md5, ripemd160, sha1, sha256, sha512,
- arc4, des3, des,
+ char md5, ripemd160, sha1, sha256, sha512,
+ des3, des,
aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,
aes_cmac, des3_cmac,
- aria, camellia, blowfish, chacha20,
+ aria, camellia, chacha20,
poly1305,
ctr_drbg, hmac_drbg,
rsa, dhm, ecdsa, ecdh;
@@ -331,9 +579,7 @@
for( i = 1; i < argc; i++ )
{
- if( strcmp( argv[i], "md4" ) == 0 )
- todo.md4 = 1;
- else if( strcmp( argv[i], "md5" ) == 0 )
+ if( strcmp( argv[i], "md5" ) == 0 )
todo.md5 = 1;
else if( strcmp( argv[i], "ripemd160" ) == 0 )
todo.ripemd160 = 1;
@@ -343,8 +589,6 @@
todo.sha256 = 1;
else if( strcmp( argv[i], "sha512" ) == 0 )
todo.sha512 = 1;
- else if( strcmp( argv[i], "arc4" ) == 0 )
- todo.arc4 = 1;
else if( strcmp( argv[i], "des3" ) == 0 )
todo.des3 = 1;
else if( strcmp( argv[i], "des" ) == 0 )
@@ -367,8 +611,6 @@
todo.aria = 1;
else if( strcmp( argv[i], "camellia" ) == 0 )
todo.camellia = 1;
- else if( strcmp( argv[i], "blowfish" ) == 0 )
- todo.blowfish = 1;
else if( strcmp( argv[i], "chacha20" ) == 0 )
todo.chacha20 = 1;
else if( strcmp( argv[i], "poly1305" ) == 0 )
@@ -405,11 +647,6 @@
memset( buf, 0xAA, sizeof( buf ) );
memset( tmp, 0xBB, sizeof( tmp ) );
-#if defined(MBEDTLS_MD4_C)
- if( todo.md4 )
- TIME_AND_TSC( "MD4", mbedtls_md4( buf, BUFSIZE, tmp ) );
-#endif
-
#if defined(MBEDTLS_MD5_C)
if( todo.md5 )
TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) );
@@ -435,17 +672,6 @@
TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) );
#endif
-#if defined(MBEDTLS_ARC4_C)
- if( todo.arc4 )
- {
- mbedtls_arc4_context arc4;
- mbedtls_arc4_init( &arc4 );
- mbedtls_arc4_setup( &arc4, tmp, 32 );
- TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) );
- mbedtls_arc4_free( &arc4 );
- }
-#endif
-
#if defined(MBEDTLS_DES_C)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
if( todo.des3 )
@@ -688,30 +914,6 @@
}
#endif
-#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.blowfish )
- {
- int keysize;
- mbedtls_blowfish_context blowfish;
- mbedtls_blowfish_init( &blowfish );
-
- for( keysize = 128; keysize <= 256; keysize += 64 )
- {
- mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
-
- memset( buf, 0, sizeof( buf ) );
- memset( tmp, 0, sizeof( tmp ) );
- mbedtls_blowfish_setkey( &blowfish, tmp, keysize );
-
- TIME_AND_TSC( title,
- mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE,
- tmp, buf, buf ) );
- }
-
- mbedtls_blowfish_free( &blowfish );
- }
-#endif
-
#if defined(MBEDTLS_CTR_DRBG_C)
if( todo.ctr_drbg )
{
diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp
index ea345a3..61a7e89 100644
--- a/programs/test/cpp_dummy_build.cpp
+++ b/programs/test/cpp_dummy_build.cpp
@@ -25,13 +25,11 @@
#endif
#include "mbedtls/aes.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/aria.h"
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
#include "mbedtls/base64.h"
#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
#include "mbedtls/ccm.h"
#include "mbedtls/chacha20.h"
@@ -54,8 +52,6 @@
#include "mbedtls/hkdf.h"
#include "mbedtls/hmac_drbg.h"
#include "mbedtls/md.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/net_sockets.h"
#include "mbedtls/nist_kw.h"
@@ -85,7 +81,6 @@
#include "mbedtls/x509_crl.h"
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h"
-#include "mbedtls/xtea.h"
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index a3e306c..87d8a13 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -32,14 +32,11 @@
#include "mbedtls/gcm.h"
#include "mbedtls/ccm.h"
#include "mbedtls/cmac.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/des.h"
#include "mbedtls/aes.h"
#include "mbedtls/camellia.h"
@@ -51,7 +48,6 @@
#include "mbedtls/bignum.h"
#include "mbedtls/rsa.h"
#include "mbedtls/x509.h"
-#include "mbedtls/xtea.h"
#include "mbedtls/pkcs5.h"
#include "mbedtls/ecp.h"
#include "mbedtls/ecjpake.h"
@@ -256,12 +252,6 @@
const selftest_t selftests[] =
{
{"calloc", calloc_self_test},
-#if defined(MBEDTLS_MD2_C)
- {"md2", mbedtls_md2_self_test},
-#endif
-#if defined(MBEDTLS_MD4_C)
- {"md4", mbedtls_md4_self_test},
-#endif
#if defined(MBEDTLS_MD5_C)
{"md5", mbedtls_md5_self_test},
#endif
@@ -277,9 +267,6 @@
#if defined(MBEDTLS_SHA512_C)
{"sha512", mbedtls_sha512_self_test},
#endif
-#if defined(MBEDTLS_ARC4_C)
- {"arc4", mbedtls_arc4_self_test},
-#endif
#if defined(MBEDTLS_DES_C)
{"des", mbedtls_des_self_test},
#endif
@@ -316,9 +303,6 @@
#if defined(MBEDTLS_RSA_C)
{"rsa", mbedtls_rsa_self_test},
#endif
-#if defined(MBEDTLS_XTEA_C)
- {"xtea", mbedtls_xtea_self_test},
-#endif
#if defined(MBEDTLS_CAMELLIA_C)
{"camellia", mbedtls_camellia_self_test},
#endif
@@ -346,10 +330,6 @@
#if defined(MBEDTLS_PKCS5_C)
{"pkcs5", mbedtls_pkcs5_self_test},
#endif
-/* Slower test after the faster ones */
-#if defined(MBEDTLS_TIMING_C)
- {"timing", mbedtls_timing_self_test},
-#endif
/* Heap test comes last */
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
{"memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test},
diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt
index 2a11212..7fc58cb 100644
--- a/programs/util/CMakeLists.txt
+++ b/programs/util/CMakeLists.txt
@@ -10,6 +10,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${libs})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables}
diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt
index cf57ca4..a04fa8b 100644
--- a/programs/x509/CMakeLists.txt
+++ b/programs/x509/CMakeLists.txt
@@ -13,6 +13,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${libs})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
target_link_libraries(cert_app ${mbedtls_target})
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index e8241a3..0ea2607 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -100,7 +100,7 @@
" Add NsCertType even if it is empty\n" \
" md=%%s default: SHA256\n" \
" possible values:\n" \
- " MD2, MD4, MD5, RIPEMD160, SHA1,\n" \
+ " MD5, RIPEMD160, SHA1,\n" \
" SHA224, SHA256, SHA384, SHA512\n" \
"\n"
@@ -346,7 +346,8 @@
mbedtls_printf( " . Loading the private key ..." );
fflush( stdout );
- ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password );
+ ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index ff7cf98..f1e5c6b 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -119,7 +119,7 @@
" max_pathlen=%%d default: -1 (none)\n" \
" md=%%s default: SHA256\n" \
" Supported values (if enabled):\n" \
- " MD2, MD4, MD5, RIPEMD160, SHA1,\n" \
+ " MD5, RIPEMD160, SHA1,\n" \
" SHA224, SHA256, SHA384, SHA512\n" \
" version=%%d default: 3\n" \
" Possible values: 1, 2, 3\n"\
@@ -577,7 +577,7 @@
fflush( stdout );
ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
- opt.subject_pwd );
+ opt.subject_pwd, mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_strerror( ret, buf, 1024 );
@@ -593,7 +593,7 @@
fflush( stdout );
ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
- opt.issuer_pwd );
+ opt.issuer_pwd, mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_strerror( ret, buf, 1024 );
@@ -606,7 +606,8 @@
//
if( strlen( opt.issuer_crt ) )
{
- if( mbedtls_pk_check_pair( &issuer_crt.MBEDTLS_PRIVATE(pk), issuer_key ) != 0 )
+ if( mbedtls_pk_check_pair( &issuer_crt.MBEDTLS_PRIVATE(pk), issuer_key,
+ mbedtls_ctr_drbg_random, &ctr_drbg ) != 0 )
{
mbedtls_printf( " failed\n ! issuer_key does not match "
"issuer certificate\n\n" );
diff --git a/scripts/config.py b/scripts/config.py
index e27f322..cbce1eb 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -181,7 +181,6 @@
'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS
'MBEDTLS_ECP_NO_FALLBACK', # removes internal ECP implementation
- 'MBEDTLS_ECP_NO_INTERNAL_RNG', # removes a feature
'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO
'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY
'MBEDTLS_HAVE_SSE2', # hardware dependency
diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt
index 6199c62..c707e4c 100644
--- a/scripts/data_files/query_config.fmt
+++ b/scripts/data_files/query_config.fmt
@@ -37,13 +37,11 @@
* default value when that configuration is not set in the config.h.
*/
#include "mbedtls/aes.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/aria.h"
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
#include "mbedtls/base64.h"
#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
#include "mbedtls/ccm.h"
#include "mbedtls/chacha20.h"
@@ -64,8 +62,6 @@
#include "mbedtls/hkdf.h"
#include "mbedtls/hmac_drbg.h"
#include "mbedtls/md.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/memory_buffer_alloc.h"
#include "mbedtls/net_sockets.h"
@@ -95,7 +91,6 @@
#include "mbedtls/x509_crl.h"
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h"
-#include "mbedtls/xtea.h"
#include <string.h>
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index 606714f..7822384 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -44,11 +44,11 @@
my $error_format_file = $data_dir.'/error.fmt';
-my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
+my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM
CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES
- ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5
+ ENTROPY ERROR GCM HKDF HMAC_DRBG MD5
NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160
- SHA1 SHA256 SHA512 THREADING XTEA );
+ SHA1 SHA256 SHA512 THREADING );
my @high_level_modules = qw( CIPHER DHM ECP MD
PEM PK PKCS12 PKCS5
RSA SSL X509 );
diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py
index 94a97e7..4b4e2df 100644
--- a/scripts/mbedtls_dev/crypto_knowledge.py
+++ b/scripts/mbedtls_dev/crypto_knowledge.py
@@ -82,7 +82,6 @@
}
KEY_TYPE_SIZES = {
'PSA_KEY_TYPE_AES': (128, 192, 256), # exhaustive
- 'PSA_KEY_TYPE_ARC4': (8, 128, 2048), # extremes + sensible
'PSA_KEY_TYPE_ARIA': (128, 192, 256), # exhaustive
'PSA_KEY_TYPE_CAMELLIA': (128, 192, 256), # exhaustive
'PSA_KEY_TYPE_CHACHA20': (256,), # exhaustive
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 7898004..fbd746e 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -75,19 +75,15 @@
add_test_suite(aes aes.ofb)
add_test_suite(aes aes.rest)
add_test_suite(aes aes.xts)
-add_test_suite(arc4)
add_test_suite(aria)
add_test_suite(asn1parse)
add_test_suite(asn1write)
add_test_suite(base64)
-add_test_suite(blowfish)
add_test_suite(camellia)
add_test_suite(ccm)
add_test_suite(chacha20)
add_test_suite(chachapoly)
add_test_suite(cipher cipher.aes)
-add_test_suite(cipher cipher.arc4)
-add_test_suite(cipher cipher.blowfish)
add_test_suite(cipher cipher.camellia)
add_test_suite(cipher cipher.ccm)
add_test_suite(cipher cipher.chacha20)
@@ -162,7 +158,6 @@
add_test_suite(version)
add_test_suite(x509parse)
add_test_suite(x509write)
-add_test_suite(xtea)
# Make scripts and data files needed for testing available in an
# out-of-source build.
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index f3cba5a..e86706c 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -416,15 +416,7 @@
all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem
keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der
-rsa_pkcs8_pbe_sha1_1024_rc4_128.der: rsa_pkcs1_1024_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.der
-rsa_pkcs8_pbe_sha1_1024_rc4_128.pem: rsa_pkcs1_1024_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_1024_rc4_128: rsa_pkcs8_pbe_sha1_1024_rc4_128.pem rsa_pkcs8_pbe_sha1_1024_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128
+keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des
### 2048-bit
rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem
@@ -443,15 +435,7 @@
all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem
keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der
-rsa_pkcs8_pbe_sha1_2048_rc4_128.der: rsa_pkcs1_2048_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.der
-rsa_pkcs8_pbe_sha1_2048_rc4_128.pem: rsa_pkcs1_2048_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_2048_rc4_128: rsa_pkcs8_pbe_sha1_2048_rc4_128.pem rsa_pkcs8_pbe_sha1_2048_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128
+keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des
### 4096-bit
rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem
@@ -470,15 +454,7 @@
all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem
keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der
-rsa_pkcs8_pbe_sha1_4096_rc4_128.der: rsa_pkcs1_4096_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.der
-rsa_pkcs8_pbe_sha1_4096_rc4_128.pem: rsa_pkcs1_4096_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_4096_rc4_128: rsa_pkcs8_pbe_sha1_4096_rc4_128.pem rsa_pkcs8_pbe_sha1_4096_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128
+keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des
###
### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1)
@@ -893,10 +869,6 @@
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
all_final += server1.req.sha1
-server1.req.md4: server1.key
- $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4
-all_final += server1.req.md4
-
server1.req.md5: server1.key
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5
all_final += server1.req.md5
@@ -1103,26 +1075,10 @@
$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
all_final += server2-sha256.crt
-# MD2, MD4, MD5 test certificates
+# MD5 test certificate
cert_md_test_key = $(cli_crt_key_file_rsa)
-cert_md2.csr: $(cert_md_test_key)
- $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD2" md=MD2
-all_intermediate += cert_md2.csr
-
-cert_md2.crt: cert_md2.csr
- $(MBEDTLS_CERT_WRITE) request_file=$< serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD2 version=3 output_file=$@
-all_final += cert_md2.crt
-
-cert_md4.csr: $(cert_md_test_key)
- $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD4" md=MD4
-all_intermediate += cert_md4.csr
-
-cert_md4.crt: cert_md4.csr
- $(MBEDTLS_CERT_WRITE) request_file=$< serial=5 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD4 version=3 output_file=$@
-all_final += cert_md4.crt
-
cert_md5.csr: $(cert_md_test_key)
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD5" md=MD5
all_intermediate += cert_md5.csr
diff --git a/tests/data_files/cert_md2.crt b/tests/data_files/cert_md2.crt
deleted file mode 100644
index 94b89af..0000000
--- a/tests/data_files/cert_md2.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDPzCCAiegAwIBAgIBCTANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G
-A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQyMIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f
-M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu
-1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw
-MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v
-4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/
-/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB
-o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf
-BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQIFAAOC
-AQEAXLWqy34iaZ2YV+5eE1QMV/9m9nQI2X/yumRH1MT1R3oYde/YDV7+HSOM6qLs
-qSgH1DSyXv1YnJww2OyTtAVhPalICLjVjUQCyeUCiFpAIO6Xz1VE6v4GMFLqhlV1
-Nox9dDtR5Go2zwPaH64Ze9GxuDZfW+VnPRNgYOrqqCBnuhnp2uPRfOewus2AAo50
-dx1XTooCEqElQlB9EIPWbvPdJZjRjruCUtDbz+oxG4J4Ml4KCYm+/MyXNPqxV9+H
-5A9oQltuHMWasMWSfXeimQI5PPpdjndmJOhfT4RGmvTw/uNC/Xuy1kPxXQKoocz6
-93U8RQvyJxdIPtQuARNMRZ7G+Q==
------END CERTIFICATE-----
diff --git a/tests/data_files/cert_md2.csr b/tests/data_files/cert_md2.csr
deleted file mode 100644
index a8c39bd..0000000
--- a/tests/data_files/cert_md2.csr
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
-GAYDVQQDDBFQb2xhclNTTCBDZXJ0IE1EMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAMh0xMy5+bV56UXZFGCwfbuT8msenzOtDY+KPFZl5dxE2cxmhQfV
-+CewSjXQY54Kbhu32vB+q+4MEJOGSRg086gq0lf1LtQvdymEYU2CUI+nlUhw9W5N
-stUTw9Ia7eZD6kIU63TqwO0f1FdOqfOo7dLgwTBxMDIw1dP2CNBWT0aO8l/5PWeR
-iDAuQrLfffvlDHf/7DHAeI+/wn/KrWwh1o3Zi2qOb+Cb+BBWzLOOExXmNARmx+75
-Ng5qlfYJmgZn9GVx+MqksSXg/jyLNQRnuuBPdoX8f/w2a7XpzS0DYk6zPQDPr3ag
-aVaDatKo1OdQcea1NgV3BW17yOTE/UzVIV8CAwEAAaAAMA0GCSqGSIb3DQEBAgUA
-A4IBAQBPUqodRcH2ZUa8A3fQX/nxrIwWiLmQ9BaOI6G7vzEWVE1sxmkrHP+pXgi9
-1eFceN9xUBKEd+LmUPmHpObZ4nwRSprFj3DeIXpn9aSBr+jGY8RaaC9cMkaSq5Mb
-q65THEJ1xemIfZvbhjvNi/ycXXu/v1Gpj62dpIFGbm+o4AXQF2ocYGEM+X1u2eVn
-mnuuvPAHTllGjB0daTSYoQtMy3luPUEj0Yct3iVR1pUeTrHchOs9p5ACDZcf6D3x
-sm9atH2ZIaXo1c9SqHzdk/uLt/CwxQrn1WU1inwOkzjim2Yq9vWgpQypfGZdScXV
-oHOmuGG901WMMemzZXjoLi+8ZpVL
------END CERTIFICATE REQUEST-----
diff --git a/tests/data_files/cert_md4.crt b/tests/data_files/cert_md4.crt
deleted file mode 100644
index 7d0f7cb..0000000
--- a/tests/data_files/cert_md4.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDPzCCAiegAwIBAgIBBTANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G
-A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQ0MIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f
-M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu
-1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw
-MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v
-4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/
-/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB
-o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf
-BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQMFAAOC
-AQEArXIW7Dy1hBXMKY8/TAfACqkFZzbGDJdD5ohQknENk6FzUHVw9SVibhi5J+nh
-/mhUhoczFg78T8ZopDcsPHKQTuy0LNcLWhZDD4S4CJCibmsf+8BWmPcSp1tsS9Zj
-etO5qNuUarL74W+rRa3qQcCXcglYTubv/PcCV+LGVqZ4XDlO5EBFJJREAREzG+iK
-Epm2y0mi1WTwjy7m7rxYHs5i5ybDHDDwU55H5wh50Vs4/vDx2kZab2K9gx6V2ggY
-CCYmRWKQHdI4XZBkpYFbbREZxMY4Y5c2PUMlr8GUq6s6eu9/GvmnIx/+EySSfxgv
-9GpN+gnyx03hjYNGO7iX8nPnXA==
------END CERTIFICATE-----
diff --git a/tests/data_files/cert_md4.csr b/tests/data_files/cert_md4.csr
deleted file mode 100644
index d8a3dbf..0000000
--- a/tests/data_files/cert_md4.csr
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
-GAYDVQQDDBFQb2xhclNTTCBDZXJ0IE1ENDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAMh0xMy5+bV56UXZFGCwfbuT8msenzOtDY+KPFZl5dxE2cxmhQfV
-+CewSjXQY54Kbhu32vB+q+4MEJOGSRg086gq0lf1LtQvdymEYU2CUI+nlUhw9W5N
-stUTw9Ia7eZD6kIU63TqwO0f1FdOqfOo7dLgwTBxMDIw1dP2CNBWT0aO8l/5PWeR
-iDAuQrLfffvlDHf/7DHAeI+/wn/KrWwh1o3Zi2qOb+Cb+BBWzLOOExXmNARmx+75
-Ng5qlfYJmgZn9GVx+MqksSXg/jyLNQRnuuBPdoX8f/w2a7XpzS0DYk6zPQDPr3ag
-aVaDatKo1OdQcea1NgV3BW17yOTE/UzVIV8CAwEAAaAAMA0GCSqGSIb3DQEBAwUA
-A4IBAQAztRb+vAecvhelhszzCctzmhGs4TGmr9h4zddZoQ8dTdy1OCsnmU+yz3oh
-oiQjy7UPLt8DS2ZKhGhvwPvtwFh5icMWQVnv2kE4Evz8xJT12VRw+U6L5rfKmf/L
-mVNxsuk17MDyBcMlwuNk+CHrYVdrXhSWUH3UCQQUH1iqqBMKmNiPa1UGU0budZ9X
-HZjn9uqyyOGy8l3hffqjDxsDjZyBDf5aqKIdnvukdrUiacPdUYVF0fwK8d1/1PA9
-dA4JjTvz+tTK6mL9Ic9Pv+64v1vwMU4Qu8IJHk5x3I0e7KuK2A/lK6az2Vb6FAh6
-MkGpWB68T8FRBoVrWLOh+a9yNwyp
------END CERTIFICATE REQUEST-----
diff --git a/tests/data_files/crl_md2.pem b/tests/data_files/crl_md2.pem
deleted file mode 100644
index e273795..0000000
--- a/tests/data_files/crl_md2.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN X509 CRL-----
-MIIBqzCBlDANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
-UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTA5MDcxOTE5NTYz
-N1oXDTA5MDkxNzE5NTYzN1owKDASAgEBFw0wOTAyMDkyMTEyMzZaMBICAQMXDTA5
-MDIwOTIxMTIzNlowDQYJKoZIhvcNAQECBQADggEBAF8F5y82zgtxcwQ4aFvrkanT
-ygyd5+RW/Y//vpck44V+CYx1d1r+QkauaXel9qUKBPsg2dUwQ+jwV/m+Sp2MHaX5
-NfW7XUb7Ji4yhwgh9/9vFPqqnKBf9esLJuJoQ4mLhcGB5J1yCcavLrynvB4PJEnG
-graTbbyizelXBmk3ApvNYxczJZxt7EzpVbrFaev7myGmOffdDkIMc2WDpDkyLTlU
-kITjB7fMJhD/dgNskKZ4fgkKKKPCMJrJPO67Wzwqx/6vsrZcACB9X+143WZr4GVO
-Fw2SaMnqfVLlUEndoOpbLCU4ugcc82kQQF3TsovXJYW7XqoWl2u/ENCwShl9rl4=
------END X509 CRL-----
diff --git a/tests/data_files/crl_md4.pem b/tests/data_files/crl_md4.pem
deleted file mode 100644
index 1f77dab..0000000
--- a/tests/data_files/crl_md4.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN X509 CRL-----
-MIIBqzCBlDANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
-UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw
-N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx
-MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEDBQADggEBAIJtYXy3uwIpmSGfi9muS8xv
-36FT6g3s1V/xicdPa54juJgBI6sxHKzQtbSNIbqadEWwUtvQ8k1EMRo9UGObhRV8
-i+UWm5qi0GFV7nMi4E2p2Ji/sFKtgdxkzhCfn+p3MoGgx/nC7YtwpnNdF+kuCV1M
-JTPqfm+taZkYADOafP/hRaPx3TI+HNE3ux4Cb7hNpWdfWzt48ZPMuhCMzItLd/UK
-xxjJam9XAGUTKi7+eWtma9XzmYOIElQv2KFPVMcx5nvg039rrWK6tObGL67kCfTH
-v+nIx7rAOW6UNU8aj1kfJHYjEKMBH1I9wjMSHUpkxBLQOKlPNRksiEVsIhmEVss=
------END X509 CRL-----
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der b/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der
deleted file mode 100644
index e7e32b0..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der
+++ /dev/null
Binary files differ
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem b/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
deleted file mode 100644
index 089945b..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIICnjAcBgoqhkiG9w0BDAEBMA4ECHgR0/cyo14UAgIIAASCAnzDfJIvSkRQKqrV
-lAzAMnhd42XlhqWAJLh6aB76LIWVmepDkNnXRNX0W1R+XE27/uzgs4lcovW5hU40
-2HZlv3R0u9MEvMhadjL4ZWS94143p9y7P4vnYembOcc2WnlhFaGSMLFSwMI5vgnL
-8xz2P9+d8IuxGpFSgw8S8zchg4Ewzk+0nSdG0px4T5K21uhsFzjvZRLrG7XXuIee
-tKluUauy4diqA5jrJ1ShmrFmNTvtzAPfMX+QohuY8nhRUeH6bx9dEWpbIq/1K/25
-1uIdInZff850YKRQpK1IkinW0YfFxoA+sUGvxs+aDecbq8w3noaRIjJN7r7ipFEK
-dhdehOxD21Mq7iqsujV9RJxAbqkuoTfECHJP6N/Dmp9CY0wpnE1lnHOTZwCWqDPh
-aumtaFsMxJdNPZ3M5xmGInPWnT3JpW2hwtoOF0Vb0pP9VSfo+3yCm9b5ipFvcs8C
-+c2MdK87zSqFvKc19cuv9tggguCzNjAcECHN7pgY4VId7cWMK/y3k4mk2C8hPQDw
-S7gm/n76BSxjZFjs9ZQn9n5meO/47ohgV1ua2WICPMuPmzz+IPJpT6mQrcPTbzm+
-nNGrBVRooPYwnHPYKGlPJWkfFzsWnQ6dRgEOcM3DJMfU29QLHmNHu0ucz2k2f2C2
-AHB1EFEIC5Rw2BxH1x/gqYlZAB7TCHZ86XWIzbYdJlyNjb+poXNczLvghpvoIBC6
-dxEEsxVVzRYCRbmLtNTdXa7XfQfEaRs5GR3qrKoNNDzms11btQWo8eiZUNIMA6sA
-i3Qhs73feJ5P3hup8Kl2P9N29MuAjYsS2oeZApjdiXAzf5IeFaqTQRHR6Vumvn65
-TLE=
------END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der b/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der
deleted file mode 100644
index 7ebca11..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der
+++ /dev/null
Binary files differ
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem b/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
deleted file mode 100644
index ad926ad..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
+++ /dev/null
@@ -1,29 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIE5DAcBgoqhkiG9w0BDAEBMA4ECLSMnow3PFQjAgIIAASCBMKuiZ+kNidmdRCN
-EYHL8FVAAPRY3RFrjZfqNK8XHSxaZzLWjaCQj5Yv14ALjs2k34Ru/xvqRfamN4NY
-M1MrPt7sUSS2jnDwm/IQ80vYYgmH9zKexVTMsZQ2CoLEM3ZMLm6wCkEHuuFZkQX4
-Z0EbnXiWs8PpfrYxed8BMT5o8cW+yiixxMesyj1x8Bgp7r82ZpVZshhDXlnzpbnc
-IiSaqe0obzGZnNu5I+/bXTbyXiAccLj2BuNqX67Om9LBqh/igwNpHQpNIaxmvxqL
-MlqdPDjRYN0qe4d6JqqnFx1YzdTiRLlAnHDnK4G5mZwb50Nixy5mrgI6IhCrsTHQ
-09/yfo1jHR9ido41Sbu7PcVxn6/gzpNVXgwDOw8ia6Bxq0dDnLH8/1IawB69DiSD
-wuNSdQcBtJy8hCZN7wa6uNCzTclvXLwOtTJ6D//UmpFRv46ZYsK6uySwFwDOeDrW
-AyuSoKd9C9cedG30XAyVHFMffkZYCxT8RnQuLrouUwMdEd+7qeApQMBw3InyII+9
-ykhoO1qiH5wyehNFmxEjQUTIdOs8hcOic71FggJ/+bMTnji4ukdPPKHBSdwPjbnc
-qe/ch/KDfIUNyy/51uNMjSdOweJqG9SIIlfDG6Pd2bMFkao1Y7VsG4AM89mGYIWo
-AJDuBrl7AEsm0WSVENyDa+7qjKsS06pcFG0JsmeZb62SSds5+/Nq1Kn5//2ShpHd
-SA1NabnMn1fpCI02tc66igk5isjqp49o3MKguXwiIjo8nGM5dSy/qYSkVhLxVTzz
-ovYhOjMoHRFYqfK1wxT9CExLz9+CI8sWawh1/hDKha2tPlhm2S1OabPTIk3Qn36W
-aCbhGXYWchILReK0d9W6SJZ2v4uNuDjbye6qrSmCHBurCw17l84kBx0vFTDDW80q
-VB3PFUOL2+XYgk17qagMVJHJa5s8ER//MZ3QDO09RJktusaKClR4kE9xkZFUQHF/
-+U4L7DyCtGr1ajdvudNXXYtlD3QoZukrsI1v9XGXPWloVRCU0+x8VCcIKLbwLmGD
-NCkeaQbOypRiPc0WRdJnwsjBlDC2Icd9zWLH8qnVBA0b2TGh3amalsUkEy9NSuGT
-yDIt05uQP0rX1T1rohMNOWHkColtcc6ZxlJuBReHWhF+9RJXPBtA3TmVgC6x0GVF
-FND8DKWHGG+7h/0DKD9r5lRNqhagmQnqwoUVtn56KtazUtrscAt6O3RsTU09Ys5A
-jsuzR+O7uTT0SHr/24YtrqNnXumJZZHayF6T0xpn8xIhWULoAjm1e4EQh/THcMYJ
-PwriuoXZVWZKLeSlomlaV6BD285eTjmjfT5SKv+Aqji3XA5PJXhUtEA7x4kue45G
-4sFWW9eCMpxXecJhO4Dwhk8/dP/3iOFTY5tHtT4OO0c3klI53O2U98D7781QIEkn
-dE3qsTXurM4arvsu7EYMM9ihrqeQbb1pEySfkdT15I4bCTFRykYI9ZIZ8iUgFtAg
-TUP66e7bkv8sxZLHKGpfOSUR+jbQLyahtWz7+EonSUYc9AbErXnnXmZH6mgQw4qd
-Dgi9i5PGWr8I2xz8l7+H9G2TbueSqLLH9ecMRfey70W0D/nX5k3B+SmpTSqQ3zvk
-k+pM9bWevlc=
------END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der b/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der
deleted file mode 100644
index f3bda63..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der
+++ /dev/null
Binary files differ
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem b/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
deleted file mode 100644
index 53867ac..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
+++ /dev/null
@@ -1,53 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJaDAcBgoqhkiG9w0BDAEBMA4ECOJxEWpN/HEEAgIIAASCCUYouEt15A4DUZoG
-aJvr19vCKfGPErYDkh1fI9u04hDEKCdb+Z7oxaqXQ34rr0H1t8/SPdhpvqms9Bsz
-3nMIlgzEPnppyiRLCa4Ycev0jtA66xkxgGGXnA5uxZQcTOFsGDR4gpTn2hi7//BO
-gHhKVDbCd6nShZkNgNUe++tclNg65Fmazm2pwpnCPfY9TGnou8bynMrJrau0CPB+
-v+pI3NR39yxDcq6MNII542Ma8bZWE++WmqmSXjsnXyEV850Dw4j7khbevXlKIh3C
-fsf1mb1/lUc+8HtsjFLgBS3Iag2D/AfAbCDCY3wWG5KcMJk2CtNayOAmMetL7P1t
-S+i/zTmqAeNVaUF/6ciwY8JNA9YHnjV/0LH04I1Dn1emQVltcqKJahDSoxwGeLD0
-lv0EMQ9CBRHqdKKVaDjBJSqLkwQzLuiqye6ZREnoeIL2cYXDqWoxZzjtxr5t261F
-jl+gGBvAX5RRKz3+Vj7hb8y4n7npYJYXk+CanrsTblsBhOMaFhgup+Vd+UhHGQku
-FqHR28bHlJzxgUvlhYV/WdMUtHlGHvpax1Zo57ToC0JxlX/o+lPHiZvvpGZegYOe
-Mta5f4xI8PcfVrVbfpHaEnt+ffZPtDVZUfhfZwlMniUKX/kJgKGdtpnrgm0wefUR
-ymKmn4af2tY/nT828+pOBcRY8WV5G5EPthkA/EemXTor04bb9mglX9ZJ78vrv0n9
-XaOXkMGYuj698Rqkx5BtaVX8EjWKnknHn/GOLSINu38UelRDV+xf5GQyDQREHsuu
-Mkj6AcygD5eP0p4AZZaHw9H6nytoZ9SX/vhUmRTk2vbrgnAPwRBFnZy6S4mipfFc
-m82EyC4RHklbIriMRRY7EHamBrUTg+8axCqBWY1jtSvTXwm40ybpigsiphtbcaCN
-9hT13VfVkglyQIbmxvxeoo9McgKv2BoP+0i5xIdmstu63bcHxO/DaMXw9WPOGgdm
-kyFU4MwJZhvk57H4HwleIPXXJd93OJ0NNunDgBWxh3mnKqnM9hpit6ljjl8y41RC
-QvJTO5cR3cKuzPpzTqfpC8eYeXiYChuFDgXKXubGE/PSSzSmU7cnKUrHAOyrXlD0
-EdCZkQBFF0gnLksVSjaF/owORlc1KualcD9ahOgWoaup4MqlyW7A+BHJ+f3Iz22z
-oezU/B/FGPTcRc+kEpPyIHG+98nNeh2N5nmY1+piXkJCsq0WdcjB13t8MHLLGqQ8
-shUpiKtkwtO45DIP3xVykntZsPb2gHuj2JoHjXYnxmZ7MRVbTe+s1F3xpITNa+G2
-2Yorp0zqVrhNfvtsLG1i0XdOwockHo5k+dAFkNngJvQVTwsBUw/gqcDwgkoG0yKZ
-NZTZDRJDv3yfopbIvGxmXBj723/OcR0prKLHUc5qaCvK5y0rvM7G+Dg2/W1rzRGx
-9IjCOyZzkUVwE9vKZO+mdsa1zeVja1DtU1sjh3k3+Lw6P2+LcVZKWI7IjJ7vcNxt
-XRI6+jlaR3/ht++3+ADgBpZUVAzBwiKeaneanFoiu0kbXv+G74bVDXvKLTXXbynv
-0mabkp8cszm2wMehp9WuqnBKtAot5Q6sPg4i6E0si3LrdDzKgENgMAF8+ShG5r4w
-ULHQBwMpvNS6LnrY69TqAQp7MNS5JoCCHnQqXSgUQN53Zmcnmaz9qysHvbJLK/On
-Rp0akU5A+WHFNPvGqkF8ou5OZRrN9XQMk75RRgi1YYY+UddiaBAsxqFQBKq5ooxN
-0sE65WM76WU2/v10va4iCNPTFjB0MhGLrq08sgSNfHhePpBK+WANuzjWDUWS+ekC
-VCTNBAARzlPoxuF0YsUUhwYxqFw/VC4PW9WeT0kx8pvaIwhf7Xk++4TKbdayQehK
-ImH5vmvpeWxNa1O7nVyvaJfNvSoj49X1zNg4PKDAOm+kEAjGvWeWKEOiHTLIXbzu
-HztTw/pjNJ5NaCNVWeThYYduFuRZaqap5khpqP4s07zvDvkTyKiJj3MSFel/K7UV
-uy1e0HPymTFToeinLW0x3YaJnLcOKDmF0DSJB1gVwl55B3rEYb8tODF6BLjz149J
-BT91EXgj/Futj3YpPTcIjJXsBDElP/KaBtB6uZGkmXgnz8OvRgg7wJR3n1uHU6r+
-S+19ugY5I5hAFFMLAIg+zO2IqSXW1B+CiE94tr5z96VTyIckO2Ov6p5fcGpI1VkB
-KtcuXGUVuF9pqFRKkFChu90OiqxdcdKYqgjHy1z1jovuYm2pfCB4kvPLn57XVsmB
-T0ZcdHFBf+SwxuKdr8KsK2k4er5c4jTTIflWWktrD9JLcWLc1WUecL18lFByOOWh
-5fF7zX+NNsbMBES3F6TG+06NfgC6z24/h29zfnps75usEExBc7YHJsmWl3Aef6bF
-vcoS2ug8ZXaiefhlFkyx/frGpRnD57ZOvLCi/TUVf2G0cynEKvfsb21LN50eMKD2
-HiIBGoNj9f3vJdIhLTDFurf42ocY5EQzLGleIQ0Zpv6285LqwqKKl5v28o+A4qnp
-Xhkt/3pqZ6aJeSCNQd9Zg5tOd1tXpcTdzl/BmFIvmE+SIsYydLxrX1UEWfJfEL41
-J6qXTzebh7N16bGfxU09OT7puztuK+/vAHEvCGINddDaOJFayVdEaMVUux9nDkoz
-b1U/5UxzpzFdNUZBHg1JjkUWK8oTGmkJTlI1aKJKKA1RfmnzwOd4PeHI1hIuT8YQ
-8qwKY72mCCb4Sr+Xiw43CqJ9NgWCxYr0ua+hqm2xv43QMhSCNd7v1Dg0bi3ZgOi8
-1eSns5VZFww2JkYo7rrKz21EiFXjhZ4u8MF45M5/cbDqbaPVb6FMx7MqaKmnkpQ8
-xT4BC2M4xCiXnYrrjhugw2/FMkMchIN9jG47IQiACQ8pNqoTd2tLFCFpTZeeRCaP
-Dgd8rvaMXjY/Uu9zB+LgRlQ/c01hGL+/d8cNEFzTU9jajOLobi3pKQqLdvlo40Dl
-qH6eLTnYusrZnZySBuZD5c57BBW4GMuetvtqr2l8iV4BJnMvLZ9tB69eA1PhKXwq
-tHY7a0YkhLUUqKFyPvYcnHjU9Bvg9PnciXnoDFMP1Obkou27vpI6NVmIFKMX1OxQ
-A2IJ5YWaN6h8nJOV/THzKjMDmPbXLmtQDuaDPpDaNE+oDwto/UlSQPV8KtW/MR+s
-k3rLyN3KXoVl95gT
------END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/data_files/server1.req.md4 b/tests/data_files/server1.req.md4
deleted file mode 100644
index 1558549..0000000
--- a/tests/data_files/server1.req.md4
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
-GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
-ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
-HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
-W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
-FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
-DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBAwUA
-A4IBAQAu8SbWDi5udXrs/lljV+jdHky2BFuVFNxZgj5QvLslffdx2/Tj4MVCsqkY
-tAcy5g/urW1WwHcnJ20PRgt60m3BSUJffdKF/kgRyTN1oBFpApHGAJEHPahR/3Mz
-hMBk4D/r6lga60iUhIfky8o8KU+ovHXROHzGfYaVySatpyJW6tkJOz/1ZKLI4s4K
-HGLFxKBd6bvyuMSCpV31J7ZHPQfSH38VEEaTLJ2QOltWDX5k4DlL/F3I5K4VFWOm
-DMndMXkb7LhL9jcaJJRzEmbX3aMdt2aXhQt2LDFMnMCeSHI014URnQd6IzRQYZPp
-qGZf2UmuJdLeIMzSNX2rZ+SVDX9o
------END CERTIFICATE REQUEST-----
diff --git a/tests/include/alt-dummy/arc4_alt.h b/tests/include/alt-dummy/arc4_alt.h
deleted file mode 100644
index b8c2e86..0000000
--- a/tests/include/alt-dummy/arc4_alt.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/* arc4_alt.h with dummy types for MBEDTLS_ARC4_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef ARC4_ALT_H
-#define ARC4_ALT_H
-
-typedef struct mbedtls_arc4_context
-{
- int dummy;
-}
-mbedtls_arc4_context;
-
-
-#endif /* arc4_alt.h */
diff --git a/tests/include/alt-dummy/blowfish_alt.h b/tests/include/alt-dummy/blowfish_alt.h
deleted file mode 100644
index 5a4f739..0000000
--- a/tests/include/alt-dummy/blowfish_alt.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* blowfish_alt.h with dummy types for MBEDTLS_BLOWFISH_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef BLOWFISH_ALT_H
-#define BLOWFISH_ALT_H
-
-typedef struct mbedtls_blowfish_context
-{
- int dummy;
-}
-mbedtls_blowfish_context;
-
-
-#endif /* blowfish_alt.h */
diff --git a/tests/include/alt-dummy/md2_alt.h b/tests/include/alt-dummy/md2_alt.h
deleted file mode 100644
index 70c7f15..0000000
--- a/tests/include/alt-dummy/md2_alt.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/* md2_alt.h with dummy types for MBEDTLS_MD2_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef MD2_ALT_H
-#define MD2_ALT_H
-
-typedef struct mbedtls_md2_context
-{
- int dummy;
-}
-mbedtls_md2_context;
-
-
-#endif /* md2_alt.h */
diff --git a/tests/include/alt-dummy/md4_alt.h b/tests/include/alt-dummy/md4_alt.h
deleted file mode 100644
index db13f3d..0000000
--- a/tests/include/alt-dummy/md4_alt.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/* md4_alt.h with dummy types for MBEDTLS_MD4_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef MD4_ALT_H
-#define MD4_ALT_H
-
-typedef struct mbedtls_md4_context
-{
- int dummy;
-}
-mbedtls_md4_context;
-
-
-#endif /* md4_alt.h */
diff --git a/tests/include/alt-dummy/xtea_alt.h b/tests/include/alt-dummy/xtea_alt.h
deleted file mode 100644
index cb21a3a..0000000
--- a/tests/include/alt-dummy/xtea_alt.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* xtea_alt.h with dummy types for MBEDTLS_XTEA_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef XTEA_ALT_H
-#define XTEA_ALT_H
-
-typedef struct mbedtls_xtea_context
-{
- int dummy;
-}
-mbedtls_xtea_context;
-
-
-#endif /* xtea_alt.h */
diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h
index 57eae58..aa0aeb5 100644
--- a/tests/include/test/psa_exercise_key.h
+++ b/tests/include/test/psa_exercise_key.h
@@ -32,11 +32,7 @@
*
* This is used in some smoke tests.
*/
-#if defined(PSA_WANT_ALG_MD2)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2
-#elif defined(PSA_WANT_ALG_MD4)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4
-#elif defined(PSA_WANT_ALG_MD5)
+#if defined(PSA_WANT_ALG_MD5)
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
* exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
@@ -111,9 +107,6 @@
#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG)
#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
-#elif defined(MBEDTLS_RC4_C)
-#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4
-#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4
#else
#undef KNOWN_SUPPORTED_CIPHER_ALG
#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 1423099..1a3bede 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1000,7 +1000,6 @@
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
# When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG,
# the SSL test programs don't have an RNG and can't work. Explicitly
# make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG.
@@ -1023,7 +1022,6 @@
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites"
@@ -1048,43 +1046,6 @@
if_build_succeeded tests/ssl-opt.sh -f 'Default\|opaque'
}
-component_test_ecp_no_internal_rng () {
- msg "build: Default plus ECP_NO_INTERNAL_RNG minus DRBG modules"
- scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
- scripts/config.py unset MBEDTLS_CTR_DRBG_C
- scripts/config.py unset MBEDTLS_HMAC_DRBG_C
- scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires a DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
-
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
- make
-
- msg "test: ECP_NO_INTERNAL_RNG, no DRBG module"
- make test
-
- # no SSL tests as they all depend on having a DRBG
-}
-
-component_test_ecp_restartable_no_internal_rng () {
- msg "build: Default plus ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG"
- scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
- scripts/config.py set MBEDTLS_ECP_RESTARTABLE
- scripts/config.py unset MBEDTLS_CTR_DRBG_C
- scripts/config.py unset MBEDTLS_HMAC_DRBG_C
- scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
-
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
- make
-
- msg "test: ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG module"
- make test
-
- # no SSL tests as they all depend on having a DRBG
-}
-
component_test_everest () {
msg "build: Everest ECDH context (ASan build)" # ~ 6 min
scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
@@ -1099,7 +1060,7 @@
msg "test: Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
# Exclude some symmetric ciphers that are redundant here to gain time.
- if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
+ if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES'
}
component_test_everest_curve25519_only () {
@@ -1187,8 +1148,8 @@
msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s
if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private'
- msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min
- if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
+ msg "test: compat.sh DES, 3DES & NULL (full config)" # ~ 2 min
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES'
msg "test: compat.sh ARIA + ChachaPoly"
if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
@@ -1418,8 +1379,8 @@
msg "test: compat.sh default (full minus MBEDTLS_USE_PSA_CRYPTO)"
if_build_succeeded tests/compat.sh
- msg "test: compat.sh RC4, DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)"
- if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
+ msg "test: compat.sh DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)"
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES'
msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)"
if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
@@ -1466,8 +1427,6 @@
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CFB"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA"
- loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2"
- loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_OFB"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160"
@@ -1596,46 +1555,6 @@
make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
}
-# This should be renamed to test and updated once the accelerator MD2 code is in place and ready to test.
-component_build_psa_accel_alg_md2() {
- # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD2 without other hashes
- msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD2 - other hashes"
- scripts/config.py full
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
- scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
- # Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD2 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator MD4 code is in place and ready to test.
-component_build_psa_accel_alg_md4() {
- # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD4 without other hashes
- msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD4 - other hashes"
- scripts/config.py full
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
- scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
- # Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD4 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
# This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test.
component_build_psa_accel_alg_md5() {
# full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD5 without other hashes
@@ -1644,8 +1563,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
@@ -1664,8 +1581,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
@@ -1684,8 +1599,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
@@ -1704,8 +1617,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
@@ -1723,8 +1634,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
@@ -1743,8 +1652,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
@@ -1762,8 +1669,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
@@ -2053,7 +1958,6 @@
component_test_when_no_ciphersuites_have_mac () {
msg "build: when no ciphersuites have MAC"
scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
- scripts/config.py unset MBEDTLS_ARC4_C
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
scripts/config.py unset MBEDTLS_CMAC_C
make
@@ -2200,8 +2104,6 @@
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CFB"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA"
- loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2"
- loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_OFB"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160"
@@ -2318,7 +2220,7 @@
msg "test: i386, Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
# Exclude some symmetric ciphers that are redundant here to gain time.
- if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
+ if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES'
}
support_test_m32_everest () {
support_test_m32_o0 "$@"
diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh
index 93b7e1d..8fcde6f 100755
--- a/tests/scripts/basic-build-test.sh
+++ b/tests/scripts/basic-build-test.sh
@@ -118,10 +118,10 @@
sh compat.sh -m 'tls1_2 dtls1_2'
echo
- echo '#### compat.sh: legacy (null, DES, RC4)'
+ echo '#### compat.sh: legacy (null, DES)'
OPENSSL_CMD="$OPENSSL_LEGACY" \
GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \
- sh compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
+ sh compat.sh -e '^$' -f 'NULL\|DES'
echo
echo '#### compat.sh: next (ARIA, ChaCha)'
diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl
index 0778481..c5f1521 100755
--- a/tests/scripts/depends-hashes.pl
+++ b/tests/scripts/depends-hashes.pl
@@ -54,8 +54,6 @@
# should be tested together. Certain options depend on eachother and
# separating them would generate invalid configurations.
my @hash_configs = (
- ['unset MBEDTLS_MD2_C'],
- ['unset MBEDTLS_MD4_C'],
['unset MBEDTLS_MD5_C'],
['unset MBEDTLS_SHA512_C', 'unset MBEDTLS_SHA384_C '],
['unset MBEDTLS_SHA384_C'],
diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py
index 8690f22..2705f06 100755
--- a/tests/scripts/set_psa_test_dependencies.py
+++ b/tests/scripts/set_psa_test_dependencies.py
@@ -61,9 +61,7 @@
# Only modules that provide cryptographic mechanisms are listed here.
# Platform, data formatting, X.509 or TLS modules are omitted.
'MBEDTLS_AES_C',
- 'MBEDTLS_ARC4_C',
'MBEDTLS_BIGNUM_C',
- #cipher#'MBEDTLS_BLOWFISH_C',
'MBEDTLS_CAMELLIA_C',
'MBEDTLS_ARIA_C',
'MBEDTLS_CCM_C',
@@ -82,8 +80,6 @@
'MBEDTLS_HKDF_C',
'MBEDTLS_HMAC_DRBG_C',
'MBEDTLS_NIST_KW_C',
- 'MBEDTLS_MD2_C',
- 'MBEDTLS_MD4_C',
'MBEDTLS_MD5_C',
'MBEDTLS_PKCS5_C',
'MBEDTLS_PKCS12_C',
@@ -93,7 +89,6 @@
'MBEDTLS_SHA1_C',
'MBEDTLS_SHA256_C',
'MBEDTLS_SHA512_C',
- 'MBEDTLS_XTEA_C',
])
def is_classic_dependency(dep):
diff --git a/tests/suites/test_suite_arc4.data b/tests/suites/test_suite_arc4.data
deleted file mode 100644
index cf32c85..0000000
--- a/tests/suites/test_suite_arc4.data
+++ /dev/null
@@ -1,27 +0,0 @@
-Test vector ARC4 [Cryptlib]
-mbedtls_arc4_crypt:"0000000000000000":"0123456789abcdef":"7494c2e7104b0879"
-
-Test vector ARC4 [COMMERCE]
-mbedtls_arc4_crypt:"dcee4cf92c":"618a63d2fb":"f13829c9de"
-
-Test vector ARC4 [SSH ARCFOUR]
-mbedtls_arc4_crypt:"527569736c696e6e756e206c61756c75206b6f727669737373616e692c2074e4686be470e46964656e2070e4e46c6ce42074e47973696b75752e204b6573e479f66e206f6e206f6e6e69206f6d616e616e692c206b61736b6973617675756e206c61616b736f7420766572686f75752e20456e206d6120696c6f697473652c20737572652068756f6b61612c206d75747461206d657473e46e2074756d6d757573206d756c6c652074756f6b61612e205075756e746f2070696c76656e2c206d692068756b6b75752c207369696e746f20766172616e207475756c6973656e2c206d69206e756b6b75752e2054756f6b7375742076616e616d6f6e206a61207661726a6f74207665656e2c206e69697374e420737964e46d656e69206c61756c756e207465656e2e202d2045696e6f204c65696e6f":"29041972fb42ba5fc7127712f13829c9":"358186999001e6b5daf05eceeb7eee21e0689c1f00eea81f7dd2caaee1d2763e68af0ead33d66c268bc946c484fbe94c5f5e0b86a59279e4f824e7a640bd223210b0a61160b7bce986ea65688003596b630a6b90f8e0caf6912a98eb872176e83c202caa64166d2cce57ff1bca57b213f0ed1aa72fb8ea52b0be01cd1e412867720b326eb389d011bd70d8af035fb0d8589dbce3c666f5ea8d4c7954c50c3f340b0467f81b425961c11843074df620f208404b394cf9d37ff54b5f1ad8f6ea7da3c561dfa7281f964463d2cc35a4d1b03490dec51b0711fbd6f55f79234d5b7c766622a66de92be996461d5e4dc878ef9bca030521e8351e4baed2fd04f9467368c4ad6ac186d08245b263a2666d1f6c5420f1599dfd9f438921c2f5a463938ce0982265eef70179bc553f339eb1a4c1af5f6a547f"
-
-Test Vector ARC4 [RFC6229 40-bit]
-mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405":"b2396305f03dc027ccc3524a0a1118a86982944f18fc82d589c403a47a0d0919"
-
-Test Vector ARC4 [RFC6229 56-bit]
-mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"01020304050607":"293f02d47f37c9b633f2af5285feb46be620f1390d19bd84e2e0fd752031afc1"
-
-Test Vector ARC4 [RFC6229 64-bit]
-mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405060708":"97ab8a1bf0afb96132f2f67258da15a88263efdb45c4a18684ef87e6b19e5b09"
-
-Test Vector ARC4 [RFC6229 128-bit]
-mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405060708090a0b0c0d0e0f10":"9ac7cc9a609d1ef7b2932899cde41b975248c4959014126a6e8a84f11d1a9e1c"
-
-TMP
-mbedtls_arc4_crypt:"1400002433c96cfa5c53a65184fcba83d9793f42522f94e49bf25edcb7a23c9eaae5ca84f6ee6da8":"5e58b1ad80":"e9a3d07ea1a3eac9fd73dcb14c409f2d434a72b6aa077e0924bcffc236f55d2d372b289707571531"
-
-ARC4 Selftest
-depends_on:MBEDTLS_SELF_TEST
-arc4_selftest:
diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function
deleted file mode 100644
index c1e2386..0000000
--- a/tests/suites/test_suite_arc4.function
+++ /dev/null
@@ -1,37 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/arc4.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ARC4_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_arc4_crypt( data_t * src_str, data_t * key_str, data_t * dst )
-{
- unsigned char dst_str[1000];
- mbedtls_arc4_context ctx;
-
- memset(dst_str, 0x00, 1000);
- mbedtls_arc4_init( &ctx );
-
-
- mbedtls_arc4_setup(&ctx, key_str->x, key_str->len);
- TEST_ASSERT( mbedtls_arc4_crypt(&ctx, src_str->len,
- src_str->x, dst_str ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( dst_str, dst->x,
- src_str->len, dst->len ) == 0 );
-
-exit:
- mbedtls_arc4_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void arc4_selftest( )
-{
- TEST_ASSERT( mbedtls_arc4_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/tests/suites/test_suite_blowfish.data b/tests/suites/test_suite_blowfish.data
deleted file mode 100644
index 0ebb642..0000000
--- a/tests/suites/test_suite_blowfish.data
+++ /dev/null
@@ -1,311 +0,0 @@
-BLOWFISH - Invalid parameters
-blowfish_invalid_param:
-
-BLOWFISH-ECB Encrypt SSLeay reference #1
-blowfish_encrypt_ecb:"0000000000000000":"0000000000000000":"4ef997456198dd78":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #2
-blowfish_encrypt_ecb:"ffffffffffffffff":"ffffffffffffffff":"51866fd5b85ecb8a":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #3
-blowfish_encrypt_ecb:"3000000000000000":"1000000000000001":"7d856f9a613063f2":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #4
-blowfish_encrypt_ecb:"1111111111111111":"1111111111111111":"2466dd878b963c9d":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #5
-blowfish_encrypt_ecb:"0123456789abcdef":"1111111111111111":"61f9c3802281b096":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #6
-blowfish_encrypt_ecb:"1111111111111111":"0123456789abcdef":"7d0cc630afda1ec7":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #7
-blowfish_encrypt_ecb:"0000000000000000":"0000000000000000":"4ef997456198dd78":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #8
-blowfish_encrypt_ecb:"fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #9
-blowfish_encrypt_ecb:"7ca110454a1a6e57":"01a1d6d039776742":"59c68245eb05282b":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #10
-blowfish_encrypt_ecb:"0131d9619dc1376e":"5cd54ca83def57da":"b1b8cc0b250f09a0":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #11
-blowfish_encrypt_ecb:"07a1133e4a0b2686":"0248d43806f67172":"1730e5778bea1da4":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #12
-blowfish_encrypt_ecb:"3849674c2602319e":"51454b582ddf440a":"a25e7856cf2651eb":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #13
-blowfish_encrypt_ecb:"04b915ba43feb5b6":"42fd443059577fa2":"353882b109ce8f1a":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #14
-blowfish_encrypt_ecb:"0113b970fd34f2ce":"059b5e0851cf143a":"48f4d0884c379918":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #15
-blowfish_encrypt_ecb:"0170f175468fb5e6":"0756d8e0774761d2":"432193b78951fc98":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #16
-blowfish_encrypt_ecb:"43297fad38e373fe":"762514b829bf486a":"13f04154d69d1ae5":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #17
-blowfish_encrypt_ecb:"07a7137045da2a16":"3bdd119049372802":"2eedda93ffd39c79":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #18
-blowfish_encrypt_ecb:"04689104c2fd3b2f":"26955f6835af609a":"d887e0393c2da6e3":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #19
-blowfish_encrypt_ecb:"37d06bb516cb7546":"164d5e404f275232":"5f99d04f5b163969":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #20
-blowfish_encrypt_ecb:"1f08260d1ac2465e":"6b056e18759f5cca":"4a057a3b24d3977b":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #21
-blowfish_encrypt_ecb:"584023641aba6176":"004bd6ef09176062":"452031c1e4fada8e":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #22
-blowfish_encrypt_ecb:"025816164629b007":"480d39006ee762f2":"7555ae39f59b87bd":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #23
-blowfish_encrypt_ecb:"49793ebc79b3258f":"437540c8698f3cfa":"53c55f9cb49fc019":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #24
-blowfish_encrypt_ecb:"4fb05e1515ab73a7":"072d43a077075292":"7a8e7bfa937e89a3":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #25
-blowfish_encrypt_ecb:"49e95d6d4ca229bf":"02fe55778117f12a":"cf9c5d7a4986adb5":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #26
-blowfish_encrypt_ecb:"018310dc409b26d6":"1d9d5c5018f728c2":"d1abb290658bc778":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #27
-blowfish_encrypt_ecb:"1c587f1c13924fef":"305532286d6f295a":"55cb3774d13ef201":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #28
-blowfish_encrypt_ecb:"0101010101010101":"0123456789abcdef":"fa34ec4847b268b2":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #29
-blowfish_encrypt_ecb:"1f1f1f1f0e0e0e0e":"0123456789abcdef":"a790795108ea3cae":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #30
-blowfish_encrypt_ecb:"e0fee0fef1fef1fe":"0123456789abcdef":"c39e072d9fac631d":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #31
-blowfish_encrypt_ecb:"0000000000000000":"ffffffffffffffff":"014933e0cdaff6e4":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #32
-blowfish_encrypt_ecb:"ffffffffffffffff":"0000000000000000":"f21e9a77b71c49bc":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #33
-blowfish_encrypt_ecb:"0123456789abcdef":"0000000000000000":"245946885754369a":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #34
-blowfish_encrypt_ecb:"fedcba9876543210":"ffffffffffffffff":"6b5c5a9c5d9e0a5a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #1
-blowfish_decrypt_ecb:"0000000000000000":"4ef997456198dd78":"0000000000000000":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #2
-blowfish_decrypt_ecb:"ffffffffffffffff":"51866fd5b85ecb8a":"ffffffffffffffff":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #3
-blowfish_decrypt_ecb:"3000000000000000":"7d856f9a613063f2":"1000000000000001":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #4
-blowfish_decrypt_ecb:"1111111111111111":"2466dd878b963c9d":"1111111111111111":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #5
-blowfish_decrypt_ecb:"0123456789abcdef":"61f9c3802281b096":"1111111111111111":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #6
-blowfish_decrypt_ecb:"1111111111111111":"7d0cc630afda1ec7":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #7
-blowfish_decrypt_ecb:"0000000000000000":"4ef997456198dd78":"0000000000000000":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #8
-blowfish_decrypt_ecb:"fedcba9876543210":"0aceab0fc6a0a28d":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #9
-blowfish_decrypt_ecb:"7ca110454a1a6e57":"59c68245eb05282b":"01a1d6d039776742":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #10
-blowfish_decrypt_ecb:"0131d9619dc1376e":"b1b8cc0b250f09a0":"5cd54ca83def57da":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #11
-blowfish_decrypt_ecb:"07a1133e4a0b2686":"1730e5778bea1da4":"0248d43806f67172":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #12
-blowfish_decrypt_ecb:"3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #13
-blowfish_decrypt_ecb:"04b915ba43feb5b6":"353882b109ce8f1a":"42fd443059577fa2":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #14
-blowfish_decrypt_ecb:"0113b970fd34f2ce":"48f4d0884c379918":"059b5e0851cf143a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #15
-blowfish_decrypt_ecb:"0170f175468fb5e6":"432193b78951fc98":"0756d8e0774761d2":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #16
-blowfish_decrypt_ecb:"43297fad38e373fe":"13f04154d69d1ae5":"762514b829bf486a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #17
-blowfish_decrypt_ecb:"07a7137045da2a16":"2eedda93ffd39c79":"3bdd119049372802":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #18
-blowfish_decrypt_ecb:"04689104c2fd3b2f":"d887e0393c2da6e3":"26955f6835af609a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #19
-blowfish_decrypt_ecb:"37d06bb516cb7546":"5f99d04f5b163969":"164d5e404f275232":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #20
-blowfish_decrypt_ecb:"1f08260d1ac2465e":"4a057a3b24d3977b":"6b056e18759f5cca":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #21
-blowfish_decrypt_ecb:"584023641aba6176":"452031c1e4fada8e":"004bd6ef09176062":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #22
-blowfish_decrypt_ecb:"025816164629b007":"7555ae39f59b87bd":"480d39006ee762f2":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #23
-blowfish_decrypt_ecb:"49793ebc79b3258f":"53c55f9cb49fc019":"437540c8698f3cfa":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #24
-blowfish_decrypt_ecb:"4fb05e1515ab73a7":"7a8e7bfa937e89a3":"072d43a077075292":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #25
-blowfish_decrypt_ecb:"49e95d6d4ca229bf":"cf9c5d7a4986adb5":"02fe55778117f12a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #26
-blowfish_decrypt_ecb:"018310dc409b26d6":"d1abb290658bc778":"1d9d5c5018f728c2":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #27
-blowfish_decrypt_ecb:"1c587f1c13924fef":"55cb3774d13ef201":"305532286d6f295a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #28
-blowfish_decrypt_ecb:"0101010101010101":"fa34ec4847b268b2":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #29
-blowfish_decrypt_ecb:"1f1f1f1f0e0e0e0e":"a790795108ea3cae":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #30
-blowfish_decrypt_ecb:"e0fee0fef1fef1fe":"c39e072d9fac631d":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #31
-blowfish_decrypt_ecb:"0000000000000000":"014933e0cdaff6e4":"ffffffffffffffff":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #32
-blowfish_decrypt_ecb:"ffffffffffffffff":"f21e9a77b71c49bc":"0000000000000000":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #33
-blowfish_decrypt_ecb:"0123456789abcdef":"245946885754369a":"0000000000000000":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #34
-blowfish_decrypt_ecb:"fedcba9876543210":"6b5c5a9c5d9e0a5a":"ffffffffffffffff":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #1
-blowfish_encrypt_ecb:"f0":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA
-
-BLOWFISH-SETKEY Setkey SSLeay reference #2
-blowfish_encrypt_ecb:"f0e1":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA
-
-BLOWFISH-SETKEY Setkey SSLeay reference #3
-blowfish_encrypt_ecb:"f0e1d2":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA
-
-BLOWFISH-SETKEY Setkey SSLeay reference #4
-blowfish_encrypt_ecb:"f0e1d2c3":"fedcba9876543210":"be1e639408640f05":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #5
-blowfish_encrypt_ecb:"f0e1d2c3b4":"fedcba9876543210":"b39e44481bdb1e6e":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #6
-blowfish_encrypt_ecb:"f0e1d2c3b4a5":"fedcba9876543210":"9457aa83b1928c0d":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #7
-blowfish_encrypt_ecb:"f0e1d2c3b4a596":"fedcba9876543210":"8bb77032f960629d":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #8
-blowfish_encrypt_ecb:"f0e1d2c3b4a59687":"fedcba9876543210":"e87a244e2cc85e82":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #9
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778":"fedcba9876543210":"15750e7a4f4ec577":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #10
-blowfish_encrypt_ecb:"f0e1d2c3b4a596877869":"fedcba9876543210":"122ba70b3ab64ae0":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #11
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a":"fedcba9876543210":"3a833c9affc537f6":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #12
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b":"fedcba9876543210":"9409da87a90f6bf2":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #13
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c":"fedcba9876543210":"884f80625060b8b4":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #14
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d":"fedcba9876543210":"1f85031c19e11968":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #15
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e":"fedcba9876543210":"79d9373a714ca34f":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #16
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f":"fedcba9876543210":"93142887ee3be15c":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #17
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00":"fedcba9876543210":"03429e838ce2d14b":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #18
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011":"fedcba9876543210":"a4299e27469ff67b":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #19
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f001122":"fedcba9876543210":"afd5aed1c1bc96a8":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #20
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233":"fedcba9876543210":"10851c0e3858da9f":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #21
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011223344":"fedcba9876543210":"e6f51ed79b9db21f":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #22
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f001122334455":"fedcba9876543210":"64a6e14afd36b46f":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #23
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566":"fedcba9876543210":"80c7d7d45a5479ad":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #24
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011223344556677":"fedcba9876543210":"05044b62fa52d080":0
-
-BLOWFISH-SETKEY Setkey 440 bits
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0f":"fedcba9876543210":"9a2ab8f1b00c73d2":0
-
-BLOWFISH-SETKEY Setkey 448 bits
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0fff":"fedcba9876543210":"2fb3ab7f0ee91b69":0
-
-BLOWFISH-SETKEY Setkey 456 bits
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0fffff":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA
-
-BLOWFISH-CBC Encrypt [#1]
-blowfish_encrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000000000":"6b77b4d63006dee605b156e27403979358deb9e7154616d959f1652bd5ff92cc":0
-
-BLOWFISH-CBC Decrypt [#1]
-blowfish_decrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC":"37363534333231204e6f77206973207468652074696d6520666f722000000000":0
-
-BLOWFISH-CBC Encrypt [#2]
-blowfish_encrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F7220000000":"":MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
-
-BLOWFISH-CBC Decrypt [#2]
-blowfish_decrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC00":"":MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
-
-BLOWFISH-CFB Encrypt
-blowfish_encrypt_cfb64:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000":"e73214a2822139caf26ecf6d2eb9e76e3da3de04d1517200519d57a6c3"
-
-BLOWFISH-CFB Decrypt
-blowfish_decrypt_cfb64:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"E73214A2822139CAF26ECF6D2EB9E76E3DA3DE04D1517200519D57A6C3":"37363534333231204e6f77206973207468652074696d6520666f722000"
-
-BLOWFISH-CTR Encrypt
-blowfish_encrypt_ctr:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000":"e73214a2822139ca60254740dd8c5b8acf5e9569c4affeb944b8fc020e"
-
-BLOWFISH-CTR Decrypt
-blowfish_encrypt_ctr:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"e73214a2822139ca60254740dd8c5b8acf5e9569c4affeb944b8fc020e":"37363534333231204e6f77206973207468652074696d6520666f722000"
diff --git a/tests/suites/test_suite_blowfish.function b/tests/suites/test_suite_blowfish.function
deleted file mode 100644
index 1fa59ee..0000000
--- a/tests/suites/test_suite_blowfish.function
+++ /dev/null
@@ -1,216 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/blowfish.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BLOWFISH_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:NOT_DEFINED */
-void blowfish_invalid_param( )
-{
- mbedtls_blowfish_context ctx;
- unsigned char buf[16] = { 0 };
- size_t invalid_mode = 42;
- size_t off;
- ((void) off);
-
- TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
- mbedtls_blowfish_crypt_ecb( &ctx,
- invalid_mode,
- buf, buf ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
- mbedtls_blowfish_crypt_cbc( &ctx,
- invalid_mode,
- sizeof( buf ),
- buf, buf, buf ) );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
- TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
- mbedtls_blowfish_crypt_cfb64( &ctx,
- invalid_mode,
- sizeof( buf ),
- &off, buf,
- buf, buf ) );
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-exit:
- return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str,
- data_t * dst, int setkey_result )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
- if( setkey_result == 0 )
- {
- TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
- }
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void blowfish_decrypt_ecb( data_t * key_str, data_t * src_str,
- data_t * dst, int setkey_result )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
- if( setkey_result == 0 )
- {
- TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
- }
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void blowfish_encrypt_cbc( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst,
- int cbc_result )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
-
- TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result );
- if( cbc_result == 0 )
- {
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
- src_str->len, dst->len ) == 0 );
- }
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void blowfish_decrypt_cbc( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst,
- int cbc_result )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result );
- if( cbc_result == 0)
- {
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
- dst->len ) == 0 );
- }
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void blowfish_encrypt_cfb64( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
- size_t iv_offset = 0;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
- dst->len ) == 0 );
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void blowfish_decrypt_cfb64( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
- size_t iv_offset = 0;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
- dst->len ) == 0 );
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char stream_str[100];
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
- size_t iv_offset = 0;
-
- memset(stream_str, 0x00, 100);
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_ctr( &ctx, src_str->len, &iv_offset, iv_str->x, stream_str, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
- dst->len ) == 0 );
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data
index 459683b..a14d4be 100644
--- a/tests/suites/test_suite_ccm.data
+++ b/tests/suites/test_suite_ccm.data
@@ -13,9 +13,9 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT
-CCM init #4 BLOWFISH-128: bad block size
-depends_on:MBEDTLS_BLOWFISH_C
-mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_BLOWFISH:128:MBEDTLS_ERR_CCM_BAD_INPUT
+CCM init #4 DES: bad block size
+depends_on:MBEDTLS_DES_C
+mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_DES:128:MBEDTLS_ERR_CCM_BAD_INPUT
CCM lengths #1 all OK
ccm_lengths:5:10:5:8:0
diff --git a/tests/suites/test_suite_cipher.arc4.data b/tests/suites/test_suite_cipher.arc4.data
deleted file mode 100644
index 7a47373..0000000
--- a/tests/suites/test_suite_cipher.arc4.data
+++ /dev/null
@@ -1,107 +0,0 @@
-ARC4 Decrypt empty buffer
-depends_on:MBEDTLS_ARC4_C
-dec_empty_buf:MBEDTLS_CIPHER_ARC4_128:0:0
-
-ARC4 Encrypt and decrypt 0 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:0:-1
-
-ARC4 Encrypt and decrypt 1 byte
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:1:-1
-
-ARC4 Encrypt and decrypt 2 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:2:-1
-
-ARC4 Encrypt and decrypt 7 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:7:-1
-
-ARC4 Encrypt and decrypt 8 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:8:-1
-
-ARC4 Encrypt and decrypt 9 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:9:-1
-
-ARC4 Encrypt and decrypt 15 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:15:-1
-
-ARC4 Encrypt and decrypt 16 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:16:-1
-
-ARC4 Encrypt and decrypt 17 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:17:-1
-
-ARC4 Encrypt and decrypt 31 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:31:-1
-
-ARC4 Encrypt and decrypt 32 bytes [#1]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:32:-1
-
-ARC4 Encrypt and decrypt 32 bytes [#2]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:33:-1
-
-ARC4 Encrypt and decrypt 47 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:47:-1
-
-ARC4 Encrypt and decrypt 48 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:48:-1
-
-ARC4 Encrypt and decrypt 49 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:49:-1
-
-ARC4 Encrypt and decrypt 0 bytes in multiple parts
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:0:-1:0:0:0:0
-
-ARC4 Encrypt and decrypt 1 bytes in multiple parts 1
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:1:0:-1:1:0:1:0
-
-ARC4 Encrypt and decrypt 1 bytes in multiple parts 2
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:1:-1:0:1:0:1
-
-ARC4 Encrypt and decrypt 16 bytes in multiple parts 1
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:0:-1:16:0:16:0
-
-ARC4 Encrypt and decrypt 16 bytes in multiple parts 2
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:16:-1:0:16:0:16
-
-ARC4 Encrypt and decrypt 16 bytes in multiple parts 3
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:1:15:-1:1:15:1:15
-
-ARC4 Encrypt and decrypt 16 bytes in multiple parts 4
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:15:1:-1:15:1:15:1
-
-ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:15:7:-1:15:7:15:7
-
-ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:6:-1:16:6:16:6
-
-ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:17:6:-1:17:6:17:6
-
-ARC4 Encrypt and decrypt 32 bytes in multiple parts 1
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:16:-1:16:16:16:16
diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data
deleted file mode 100644
index a05a4e7..0000000
--- a/tests/suites/test_suite_cipher.blowfish.data
+++ /dev/null
@@ -1,607 +0,0 @@
-BLOWFISH CBC Decrypt empty buffer
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0
-
-BLOWFISH Encrypt and decrypt 0 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1
-
-BLOWFISH Encrypt and decrypt 1 byte [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:-1
-
-BLOWFISH Encrypt and decrypt 2 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:-1
-
-BLOWFISH Encrypt and decrypt 7 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:-1
-
-BLOWFISH Encrypt and decrypt 8 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:-1
-
-BLOWFISH Encrypt and decrypt 9 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:-1
-
-BLOWFISH Encrypt and decrypt 15 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:-1
-
-BLOWFISH Encrypt and decrypt 16 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:-1
-
-BLOWFISH Encrypt and decrypt 17 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:-1
-
-BLOWFISH Encrypt and decrypt 31 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:-1
-
-BLOWFISH Encrypt and decrypt 47 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:-1
-
-BLOWFISH Encrypt and decrypt 48 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:-1
-
-BLOWFISH Encrypt and decrypt 49 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:-1
-
-BLOWFISH Encrypt and decrypt 0 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 1 byte with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 2 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 7 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 8 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 9 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 15 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 16 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 17 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 31 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 47 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 48 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 49 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 0 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 1 byte with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 2 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 7 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 8 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 9 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 15 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 16 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 17 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 31 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 47 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 48 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 49 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 0 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 1 byte with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 2 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 7 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 8 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 9 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 15 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 16 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 17 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 31 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 47 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 48 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 49 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 0 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_NONE
-
-BLOWFISH Encrypt and decrypt 8 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_NONE
-
-BLOWFISH Encrypt and decrypt 16 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_NONE
-
-BLOWFISH Encrypt and decrypt 32 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_NONE
-
-BLOWFISH Encrypt and decrypt 48 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_NONE
-
-BLOWFISH Try encrypting 1 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 2 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 7 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 9 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 15 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 17 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 31 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 33 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 47 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 49 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:0:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:0:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:1:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:0:-1:16:0:8:8
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:16:-1:0:16:0:16
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:15:-1:0:16:0:16
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:1:-1:8:8:8:8
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:7:-1:8:8:8:8
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:6:-1:16:0:8:8
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:17:6:-1:16:0:16:0
-
-BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:16:-1:16:16:8:24
-
-BLOWFISH Encrypt and decrypt 0 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:0:-1
-
-BLOWFISH Encrypt and decrypt 1 byte [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:1:-1
-
-BLOWFISH Encrypt and decrypt 2 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:2:-1
-
-BLOWFISH Encrypt and decrypt 7 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:7:-1
-
-BLOWFISH Encrypt and decrypt 8 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:8:-1
-
-BLOWFISH Encrypt and decrypt 9 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:9:-1
-
-BLOWFISH Encrypt and decrypt 15 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:15:-1
-
-BLOWFISH Encrypt and decrypt 16 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:16:-1
-
-BLOWFISH Encrypt and decrypt 17 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:17:-1
-
-BLOWFISH Encrypt and decrypt 31 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:31:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:32:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#4]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:33:-1
-
-BLOWFISH Encrypt and decrypt 47 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:47:-1
-
-BLOWFISH Encrypt and decrypt 48 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:48:-1
-
-BLOWFISH Encrypt and decrypt 49 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:49:-1
-
-BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:0:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:1:0:-1:1:0:1:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:1:-1:0:1:0:1
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:0:-1:16:0:16:0
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:16:-1:0:16:0:16
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:1:15:-1:1:15:1:15
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:15:1:-1:15:1:15:1
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#4]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:15:7:-1:15:7:15:7
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#5]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:6:-1:16:6:16:6
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#6]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:17:6:-1:17:6:17:6
-
-BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:16:-1:16:16:16:16
-
-BLOWFISH Encrypt and decrypt 0 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:0:-1
-
-BLOWFISH Encrypt and decrypt 1 byte [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:1:-1
-
-BLOWFISH Encrypt and decrypt 2 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:2:-1
-
-BLOWFISH Encrypt and decrypt 7 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:7:-1
-
-BLOWFISH Encrypt and decrypt 8 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:8:-1
-
-BLOWFISH Encrypt and decrypt 9 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:9:-1
-
-BLOWFISH Encrypt and decrypt 15 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:15:-1
-
-BLOWFISH Encrypt and decrypt 16 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:16:-1
-
-BLOWFISH Encrypt and decrypt 17 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:17:-1
-
-BLOWFISH Encrypt and decrypt 31 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:31:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#5]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:32:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#6]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:33:-1
-
-BLOWFISH Encrypt and decrypt 47 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:47:-1
-
-BLOWFISH Encrypt and decrypt 48 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:48:-1
-
-BLOWFISH Encrypt and decrypt 49 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:49:-1
-
-BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:0:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:1:0:-1:1:0:1:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:1:-1:0:1:0:1
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:0:-1:16:0:16:0
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:16:-1:0:16:0:16
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:1:15:-1:1:15:1:15
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:15:1:-1:15:1:15:1
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#7]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:15:7:-1:15:7:15:7
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#8]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:6:-1:16:6:16:6
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#9]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:17:6:-1:17:6:17:6
-
-BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:16:-1:16:16:16:16
-
-BLOWFISH CBC Encrypt and decrypt 7 bytes, 192-bits key
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":192:7:-1
-
-BLOWFISH CTR Encrypt and decrypt 7 bytes, 192-bits key
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":192:7:-1
-
-BLOWFISH CFB64 Encrypt and decrypt 7 bytes, 192-bits key
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":192:7:-1
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #1
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"0000000000000000":"4ef997456198dd78":0
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #2
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffff":"ffffffffffffffff":"51866fd5b85ecb8a":0
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #3
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #3, 64-bit key
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #3, 192-bit key
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210fedcba9876543210fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #1
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"4ef997456198dd78":"0000000000000000":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #2
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"ffffffffffffffffffffffffffffffff":"51866fd5b85ecb8a":"ffffffffffffffff":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #3
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #3, 64-bit key
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #3, 192-bit key
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e3849674c2602319e3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
diff --git a/tests/suites/test_suite_cipher.padding.data b/tests/suites/test_suite_cipher.padding.data
index dc4c9d7..0370fb3 100644
--- a/tests/suites/test_suite_cipher.padding.data
+++ b/tests/suites/test_suite_cipher.padding.data
@@ -29,18 +29,6 @@
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
set_padding:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_PKCS7:0
-Set padding with BLOWFISH-CBC
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-set_padding:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_PKCS7:0
-
-Set padding with BLOWFISH-CFB
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-set_padding:MBEDTLS_CIPHER_BLOWFISH_CFB64:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
-
-Set padding with BLOWFISH-CTR
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-set_padding:MBEDTLS_CIPHER_BLOWFISH_CTR:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
-
Set padding with NULL
depends_on:MBEDTLS_CIPHER_NULL_CIPHER
set_padding:MBEDTLS_CIPHER_NULL:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
@@ -57,10 +45,6 @@
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
set_padding:MBEDTLS_CIPHER_DES_CBC:-1:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
-Set non-existent padding with BLOWFISH-CBC
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
-set_padding:MBEDTLS_CIPHER_BLOWFISH_CBC:-1:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
-
Check PKCS padding #1 (correct)
depends_on:MBEDTLS_CIPHER_PADDING_PKCS7
check_padding:MBEDTLS_PADDING_PKCS7:"DABBAD0004040404":0:4
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 62e634a..5286bc7 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -150,7 +150,10 @@
&sec_srv_len,
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
- TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ),
+ &sec_cli_len,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( sec_srv_len == sec_cli_len );
TEST_ASSERT( sec_srv_len != 0 );
@@ -206,7 +209,10 @@
&sec_srv_len,
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
- TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ),
+ &sec_cli_len,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( sec_srv_len == sec_cli_len );
TEST_ASSERT( sec_srv_len != 0 );
diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function
index 6e8459d..94030d8 100644
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@@ -85,7 +85,8 @@
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB,
- NULL, NULL ) == 0 );
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &zB ) == 0 );
@@ -106,11 +107,13 @@
mbedtls_ecp_point qA, qB;
mbedtls_mpi dA, dB, zA, zB, check;
mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
+ mbedtls_test_rnd_pseudo_info rnd_info;
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB );
mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB );
mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB ); mbedtls_mpi_init( &check );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
@@ -169,9 +172,13 @@
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, z_str ) == 0 );
- TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &check ) == 0 );
- TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zB, &check ) == 0 );
exit:
@@ -215,7 +222,8 @@
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &res_len, res_buf, 1000,
- NULL, NULL ) == 0 );
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( len == res_len );
TEST_ASSERT( memcmp( buf, res_buf, len ) == 0 );
@@ -235,12 +243,14 @@
const unsigned char *vbuf;
size_t len;
mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
+ mbedtls_test_rnd_pseudo_info rnd_info;
int cnt_restart;
mbedtls_ecp_group grp;
mbedtls_ecp_group_init( &grp );
mbedtls_ecdh_init( &srv );
mbedtls_ecdh_init( &cli );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info_A.fallback_p_rng = NULL;
@@ -315,7 +325,8 @@
cnt_restart = 0;
do {
ret = mbedtls_ecdh_calc_secret( &srv, &len, buf, sizeof( buf ),
- NULL, NULL );
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
@@ -332,7 +343,8 @@
cnt_restart = 0;
do {
ret = mbedtls_ecdh_calc_secret( &cli, &len, buf, sizeof( buf ),
- NULL, NULL );
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index f2b6376..d795fe2 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -124,12 +124,14 @@
mbedtls_mpi dA, xA, yA, dB, xZ, yZ;
int cnt_restarts;
int ret;
+ mbedtls_test_rnd_pseudo_info rnd_info;
mbedtls_ecp_restart_init( &ctx );
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P );
mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA );
mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
@@ -147,7 +149,8 @@
cnt_restarts = 0;
do {
ECP_PT_RESET( &R );
- ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx );
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
TEST_ASSERT( ret == 0 );
@@ -162,7 +165,8 @@
cnt_restarts = 0;
do {
ECP_PT_RESET( &R );
- ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
TEST_ASSERT( ret == 0 );
@@ -176,7 +180,8 @@
* This test only makes sense when we actually restart */
if( min_restarts > 0 )
{
- ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
}
@@ -294,12 +299,14 @@
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
- TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
- TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yB ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
@@ -351,11 +358,13 @@
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
- TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
- TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
@@ -767,9 +776,11 @@
int ret )
{
mbedtls_ecp_keypair pub, prv;
+ mbedtls_test_rnd_pseudo_info rnd_info;
mbedtls_ecp_keypair_init( &pub );
mbedtls_ecp_keypair_init( &prv );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
if( id_pub != MBEDTLS_ECP_DP_NONE )
TEST_ASSERT( mbedtls_ecp_group_load( &pub.grp, id_pub ) == 0 );
@@ -780,7 +791,8 @@
TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 );
- TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret );
+ TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret );
exit:
mbedtls_ecp_keypair_free( &pub );
diff --git a/tests/suites/test_suite_hkdf.data b/tests/suites/test_suite_hkdf.data
index 1583736..d2f7ab3 100644
--- a/tests/suites/test_suite_hkdf.data
+++ b/tests/suites/test_suite_hkdf.data
@@ -15,84 +15,84 @@
HKDF RFC5869 Test Vector #1
depends_on:MBEDTLS_SHA256_C
-test_hkdf:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
HKDF RFC5869 Test Vector #2
depends_on:MBEDTLS_SHA256_C
-test_hkdf:6:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
+test_hkdf:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
HKDF RFC5869 Test Vector #3
depends_on:MBEDTLS_SHA256_C
-test_hkdf:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
+test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
HKDF RFC5869 Test Vector #4
depends_on:MBEDTLS_SHA1_C
-test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
+test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
HKDF RFC5869 Test Vector #5
depends_on:MBEDTLS_SHA1_C
-test_hkdf:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
+test_hkdf:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
HKDF RFC5869 Test Vector #6
depends_on:MBEDTLS_SHA1_C
-test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
+test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
HKDF RFC5869 Test Vector #7
depends_on:MBEDTLS_SHA1_C
-test_hkdf:4:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
+test_hkdf:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
HKDF RFC5869 Test Vector #1 Extract
depends_on:MBEDTLS_SHA256_C
-test_hkdf_extract:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5"
+test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5"
HKDF RFC5869 Test Vector #2 Extract
depends_on:MBEDTLS_SHA256_C
-test_hkdf_extract:6:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244"
+test_hkdf_extract:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244"
HKDF RFC5869 Test Vector #3 Extract
depends_on:MBEDTLS_SHA256_C
-test_hkdf_extract:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04"
+test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04"
HKDF RFC5869 Test Vector #4 Extract
depends_on:MBEDTLS_SHA1_C
-test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243"
+test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243"
HKDF RFC5869 Test Vector #5 Extract
depends_on:MBEDTLS_SHA1_C
-test_hkdf_extract:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6"
+test_hkdf_extract:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6"
HKDF RFC5869 Test Vector #6 Extract
depends_on:MBEDTLS_SHA1_C
-test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01"
+test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01"
HKDF RFC5869 Test Vector #7 Extract
depends_on:MBEDTLS_SHA1_C
-test_hkdf_extract:4:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd"
+test_hkdf_extract:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd"
HKDF RFC5869 Test Vector #1 Expand
depends_on:MBEDTLS_SHA256_C
-test_hkdf_expand:6:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+test_hkdf_expand:MBEDTLS_MD_SHA256:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
HKDF RFC5869 Test Vector #2 Expand
depends_on:MBEDTLS_SHA256_C
-test_hkdf_expand:6:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
+test_hkdf_expand:MBEDTLS_MD_SHA256:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
HKDF RFC5869 Test Vector #3 Expand
depends_on:MBEDTLS_SHA256_C
-test_hkdf_expand:6:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
+test_hkdf_expand:MBEDTLS_MD_SHA256:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
HKDF RFC5869 Test Vector #4 Expand
depends_on:MBEDTLS_SHA1_C
-test_hkdf_expand:4:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
+test_hkdf_expand:MBEDTLS_MD_SHA1:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
HKDF RFC5869 Test Vector #5 Expand
depends_on:MBEDTLS_SHA1_C
-test_hkdf_expand:4:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
+test_hkdf_expand:MBEDTLS_MD_SHA1:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
HKDF RFC5869 Test Vector #6 Expand
depends_on:MBEDTLS_SHA1_C
-test_hkdf_expand:4:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
+test_hkdf_expand:MBEDTLS_MD_SHA1:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
HKDF RFC5869 Test Vector #7 Expand
depends_on:MBEDTLS_SHA1_C
-test_hkdf_expand:4:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
+test_hkdf_expand:MBEDTLS_MD_SHA1:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data
index dbe6aa8..a741068 100644
--- a/tests/suites/test_suite_md.data
+++ b/tests/suites/test_suite_md.data
@@ -5,14 +5,6 @@
MD NULL/uninitialised arguments
md_null_args:
-Information on MD2
-depends_on:MBEDTLS_MD2_C
-md_info:MBEDTLS_MD_MD2:"MD2":16
-
-Information on MD4
-depends_on:MBEDTLS_MD4_C
-md_info:MBEDTLS_MD_MD4:"MD4":16
-
Information on MD5
depends_on:MBEDTLS_MD5_C
md_info:MBEDTLS_MD_MD5:"MD5":16
@@ -41,62 +33,6 @@
depends_on:MBEDTLS_SHA512_C
md_info:MBEDTLS_MD_SHA512:"SHA512":64
-generic mbedtls_md2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"":"8350e5a3e24c153df2275c9f80692773"
-
-generic mbedtls_md2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-generic mbedtls_md2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb"
-
-generic mbedtls_md2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
-
-generic mbedtls_md2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
-
-generic mbedtls_md2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
-
-generic mbedtls_md2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-generic mbedtls_md4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-generic mbedtls_md4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24"
-
-generic mbedtls_md4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d"
-
-generic mbedtls_md4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b"
-
-generic mbedtls_md4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-generic mbedtls_md4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
-
-generic mbedtls_md4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
generic mbedtls_md5 Test vector RFC1321 #1
depends_on:MBEDTLS_MD5_C
md_text:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e"
@@ -157,30 +93,6 @@
depends_on:MBEDTLS_RIPEMD160_C
md_text:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-generic HMAC-MD2 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
-
-generic HMAC-MD2 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
-
-generic HMAC-MD2 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
-
-generic HMAC-MD4 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f"
-
-generic HMAC-MD4 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc"
-
-generic HMAC-MD4 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b"
-
generic HMAC-MD5 Hash File OpenSSL test #1
depends_on:MBEDTLS_MD5_C
mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284"
@@ -193,14 +105,6 @@
depends_on:MBEDTLS_MD5_C
mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2"
-HMAC-MD2 Bouncy Castle test #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"dc1923ef5f161d35bef839ca8c807808"
-
-HMAC-MD4 Bouncy Castle test #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5570ce964ba8c11756cdc3970278ff5a"
-
HMAC-MD5 Bouncy Castle test #1
depends_on:MBEDTLS_MD5_C
mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc"
@@ -261,62 +165,6 @@
depends_on:MBEDTLS_RIPEMD160_C
mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
-generic multi step mbedtls_md2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD_C:MBEDTLS_MD2_C
-md_text_multi:"MD2":"":"8350e5a3e24c153df2275c9f80692773"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
generic multi step mbedtls_md5 Test vector RFC1321 #1
depends_on:MBEDTLS_MD5_C
md_text_multi:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e"
@@ -377,30 +225,6 @@
depends_on:MBEDTLS_RIPEMD160_C
md_text_multi:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-generic multi step HMAC-MD2 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
-
-generic multi step HMAC-MD2 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
-
-generic multi step HMAC-MD2 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b"
-
generic multi step HMAC-MD5 Hash File OpenSSL test #1
depends_on:MBEDTLS_MD5_C
md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284"
@@ -469,38 +293,6 @@
depends_on:MBEDTLS_RIPEMD160_C
md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
-generic MD2 Hash file #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8"
-
-generic MD2 Hash file #2
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_2":"3c027b7409909a4c4b26bbab69ad9f4f"
-
-generic MD2 Hash file #3
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_3":"6bb43eb285e81f414083a94cdbe2989d"
-
-generic MD2 Hash file #4
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_4":"8350e5a3e24c153df2275c9f80692773"
-
-generic MD4 Hash file #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_1":"8d19772c176bd27153b9486715e2c0b9"
-
-generic MD4 Hash file #2
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_2":"f2ac53b8542882a5a0007c6f84b4d9fd"
-
-generic MD4 Hash file #3
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_3":"195c15158e2d07881d9a654095ce4a42"
-
-generic MD4 Hash file #4
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_4":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
generic MD5 Hash file #1
depends_on:MBEDTLS_MD5_C
mbedtls_md_file:"MD5":"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415"
diff --git a/tests/suites/test_suite_mdx.data b/tests/suites/test_suite_mdx.data
index 3d063a4..ff3f73f 100644
--- a/tests/suites/test_suite_mdx.data
+++ b/tests/suites/test_suite_mdx.data
@@ -1,46 +1,4 @@
-# Test MD2, MD4, MD5 and RIPEMD160
-mbedtls_md2 Test vector RFC1319 #1
-md2_text:"":"8350e5a3e24c153df2275c9f80692773"
-
-mbedtls_md2 Test vector RFC1319 #2
-md2_text:"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-mbedtls_md2 Test vector RFC1319 #3
-md2_text:"abc":"da853b0d3f88d99b30283a69e6ded6bb"
-
-mbedtls_md2 Test vector RFC1319 #4
-md2_text:"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
-
-mbedtls_md2 Test vector RFC1319 #5
-md2_text:"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
-
-mbedtls_md2 Test vector RFC1319 #6
-md2_text:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
-
-mbedtls_md2 Test vector RFC1319 #7
-md2_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-mbedtls_md4 Test vector RFC1320 #1
-md4_text:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-mbedtls_md4 Test vector RFC1320 #2
-md4_text:"a":"bde52cb31de33e46245e05fbdbd6fb24"
-
-mbedtls_md4 Test vector RFC1320 #3
-md4_text:"abc":"a448017aaf21d8525fc10ae87aa6729d"
-
-mbedtls_md4 Test vector RFC1320 #4
-md4_text:"message digest":"d9130a8164549fe818874806e1c7014b"
-
-mbedtls_md4 Test vector RFC1320 #5
-md4_text:"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-mbedtls_md4 Test vector RFC1320 #6
-md4_text:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
-
-mbedtls_md4 Test vector RFC1320 #7
-md4_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
+# Test MD5 and RIPEMD160
mbedtls_md5 Test vector RFC1321 #1
md5_text:"":"d41d8cd98f00b204e9800998ecf8427e"
@@ -86,12 +44,6 @@
mbedtls_ripemd160 Test vector from paper #8
ripemd160_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-MD2 Selftest
-md2_selftest:
-
-MD4 Selftest
-md4_selftest:
-
MD5 Selftest
md5_selftest:
diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function
index 1ee7229..73f9123 100644
--- a/tests/suites/test_suite_mdx.function
+++ b/tests/suites/test_suite_mdx.function
@@ -1,50 +1,8 @@
/* BEGIN_HEADER */
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
/* END_HEADER */
-/* BEGIN_CASE depends_on:MBEDTLS_MD2_C */
-void md2_text( char * text_src_string, data_t * hash )
-{
- int ret;
- unsigned char src_str[100];
- unsigned char output[16];
-
- memset( src_str, 0x00, sizeof src_str );
- memset( output, 0x00, sizeof output );
-
- strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-
- ret = mbedtls_md2( src_str, strlen( (char *) src_str ), output );
- TEST_ASSERT( ret == 0 ) ;
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
- sizeof output, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD4_C */
-void md4_text( char * text_src_string, data_t * hash )
-{
- int ret;
- unsigned char src_str[100];
- unsigned char output[16];
-
- memset( src_str, 0x00, sizeof src_str );
- memset( output, 0x00, sizeof output );
-
- strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-
- ret = mbedtls_md4( src_str, strlen( (char *) src_str ), output );
- TEST_ASSERT( ret == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
- sizeof output, hash->len ) == 0 );
-}
-/* END_CASE */
-
/* BEGIN_CASE depends_on:MBEDTLS_MD5_C */
void md5_text( char * text_src_string, data_t * hash )
{
@@ -85,20 +43,6 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */
-void md2_selftest( )
-{
- TEST_ASSERT( mbedtls_md2_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */
-void md4_selftest( )
-{
- TEST_ASSERT( mbedtls_md4_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
/* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */
void md5_selftest( )
{
diff --git a/tests/suites/test_suite_nist_kw.data b/tests/suites/test_suite_nist_kw.data
index d0178b6..ec82824 100644
--- a/tests/suites/test_suite_nist_kw.data
+++ b/tests/suites/test_suite_nist_kw.data
@@ -20,9 +20,9 @@
depends_on:MBEDTLS_AES_C
mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_AES:224:1:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
-NIST KW init #5 BLOWFISH-128: bad cipher
-depends_on:MBEDTLS_BLOWFISH_C
-mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_BLOWFISH:128:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+NIST KW init #5 3DES: bad cipher
+depends_on:MBEDTLS_DES_C
+mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_3DES:128:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
NIST KW lengths #1 KW plaintext OK (2 to 2^54 - 1 semiblocks)
nist_kw_plaintext_lengths:16:24:MBEDTLS_KW_MODE_KW:0
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 573c9d4..5ccb072 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -177,7 +177,8 @@
/* unsupported functions: check_pair, debug */
TEST_ASSERT( mbedtls_pk_setup( &pk2,
mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
- TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 )
+ TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2,
+ mbedtls_test_rnd_std_rand, NULL )
== MBEDTLS_ERR_PK_TYPE_MISMATCH );
TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg )
== MBEDTLS_ERR_PK_TYPE_MISMATCH );
@@ -278,7 +279,8 @@
MBEDTLS_ERR_PK_BAD_INPUT_DATA );
#if defined(MBEDTLS_PK_PARSE_C)
- TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) ==
+ TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1,
+ mbedtls_test_rnd_std_rand, NULL ) ==
MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) ==
@@ -295,8 +297,8 @@
/* For the write tests to be effective, we need a valid key pair. */
mbedtls_pk_init( &pk );
TEST_ASSERT( mbedtls_pk_parse_key( &pk,
- key_data->x, key_data->len,
- NULL, 0 ) == 0 );
+ key_data->x, key_data->len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) ==
MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
@@ -348,9 +350,13 @@
mbedtls_pk_init( &alt );
TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 );
- TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL,
+ mbedtls_test_rnd_std_rand, NULL )
+ == 0 );
- TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret );
+ TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv,
+ mbedtls_test_rnd_std_rand, NULL )
+ == ret );
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA )
@@ -358,7 +364,9 @@
TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ),
mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
mbedtls_rsa_key_len_func ) == 0 );
- TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret );
+ TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt,
+ mbedtls_test_rnd_std_rand, NULL )
+ == ret );
}
#endif
diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data
index 1f73aac..1172b30 100644
--- a/tests/suites/test_suite_pkparse.data
+++ b/tests/suites/test_suite_pkparse.data
@@ -170,54 +170,6 @@
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.der":"PolarSSLTest":0
-Parse RSA Key #32 (PKCS#8 encrypted SHA1-RC4-128)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"PolarSSLTest":0
-
-Parse RSA Key #32.1 (PKCS#8 encrypted SHA1-RC4-128, wrong PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
-
-Parse RSA Key #32.2 (PKCS#8 encrypted SHA1-RC4-128, no PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
-
-Parse RSA Key #33 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"PolarSSLTest":0
-
-Parse RSA Key #33.1 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit, wrong PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
-
-Parse RSA Key #33.2 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit, no PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
-
-Parse RSA Key #34 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"PolarSSLTest":0
-
-Parse RSA Key #34.1 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit, wrong PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
-
-Parse RSA Key #34.2 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit, no PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
-
-Parse RSA Key #35 (PKCS#8 encrypted SHA1-RC4-128 DER)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der":"PolarSSLTest":0
-
-Parse RSA Key #36 (PKCS#8 encrypted SHA1-RC4-128 DER, 2048-bit)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der":"PolarSSLTest":0
-
-Parse RSA Key #37 (PKCS#8 encrypted SHA1-RC4-128 DER, 4096-bit)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der":"PolarSSLTest":0
-
Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTest":0
@@ -1032,14 +984,6 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0
-Parse EC Key #6 (PKCS8 encrypted DER)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.der":"polar":0
-
-Parse EC Key #7 (PKCS8 encrypted PEM)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.pem":"polar":0
-
Parse EC Key #8 (SEC1 PEM, secp224r1)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_224_prv.pem":"NULL":0
diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function
index 4650d33..4c7f3d2 100644
--- a/tests/suites/test_suite_pkparse.function
+++ b/tests/suites/test_suite_pkparse.function
@@ -21,7 +21,8 @@
if( strcmp( pwd, "NULL" ) == 0 )
pwd = NULL;
- res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd );
+ res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( res == result );
@@ -96,7 +97,8 @@
mbedtls_pk_init( &ctx );
- res = mbedtls_pk_parse_keyfile( &ctx, key_file, password );
+ res = mbedtls_pk_parse_keyfile( &ctx, key_file, password,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( res == result );
@@ -120,7 +122,8 @@
mbedtls_pk_init( &pk );
- TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == result );
+ TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL ) == result );
exit:
mbedtls_pk_free( &pk );
diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function
index 2bad4ed..d1e029a 100644
--- a/tests/suites/test_suite_pkwrite.function
+++ b/tests/suites/test_suite_pkwrite.function
@@ -63,7 +63,8 @@
memset( check_buf, 0, sizeof( check_buf ) );
mbedtls_pk_init( &key );
- TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
+ mbedtls_test_rnd_std_rand, NULL ) == 0 );
ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf ));
TEST_ASSERT( ret == 0 );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b58c486..5ed485e 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1000,14 +1000,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS
-PSA hash setup: good, MD2
-depends_on:PSA_WANT_ALG_MD2
-hash_setup:PSA_ALG_MD2:PSA_SUCCESS
-
-PSA hash setup: good, MD4
-depends_on:PSA_WANT_ALG_MD4
-hash_setup:PSA_ALG_MD4:PSA_SUCCESS
-
PSA hash setup: good, MD5
depends_on:PSA_WANT_ALG_MD5
hash_setup:PSA_ALG_MD5:PSA_SUCCESS
@@ -1109,14 +1101,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_compute_compare:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
-PSA hash compute: good, MD2
-depends_on:PSA_WANT_ALG_MD2
-hash_compute_compare:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash compute: good, MD4
-depends_on:PSA_WANT_ALG_MD4
-hash_compute_compare:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
PSA hash compute: good, MD5
depends_on:PSA_WANT_ALG_MD5
hash_compute_compare:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
@@ -1147,8 +1131,8 @@
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
PSA MAC setup: bad algorithm (unsupported HMAC hash algorithm)
-depends_on:!PSA_WANT_ALG_MD2
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+depends_on:!PSA_WANT_ALG_MD5
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
PSA MAC setup: bad algorithm (not a MAC algorithm)
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
@@ -1410,10 +1394,10 @@
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
-PSA cipher setup: incompatible key ARC4 for CTR
+PSA cipher setup: incompatible key ChaCha20 for CTR
depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
-cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
PSA cipher: bad order function calls
cipher_bad_order:
diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 67158d0..9f51339 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -158,62 +158,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
-PSA hash finish: MD2 Test vector RFC1319 #1
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
-
-PSA hash finish: MD2 Test vector RFC1319 #2
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-PSA hash finish: MD2 Test vector RFC1319 #3
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash finish: MD2 Test vector RFC1319 #4
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
-
-PSA hash finish: MD2 Test vector RFC1319 #5
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
-
-PSA hash finish: MD2 Test vector RFC1319 #6
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
-
-PSA hash finish: MD2 Test vector RFC1319 #7
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-PSA hash finish: MD4 Test vector RFC1320 #1
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-PSA hash finish: MD4 Test vector RFC1320 #2
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
-
-PSA hash finish: MD4 Test vector RFC1320 #3
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
-PSA hash finish: MD4 Test vector RFC1320 #4
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
-
-PSA hash finish: MD4 Test vector RFC1320 #5
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-PSA hash finish: MD4 Test vector RFC1320 #6
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
-
-PSA hash finish: MD4 Test vector RFC1320 #7
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
PSA hash finish: MD5 Test vector RFC1321 #1
depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
@@ -294,14 +238,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
-PSA hash verify: MD2
-depends_on:PSA_WANT_ALG_MD2
-hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
-
-PSA hash verify: MD4
-depends_on:PSA_WANT_ALG_MD4
-hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
-
PSA hash verify: MD5
depends_on:PSA_WANT_ALG_MD5
hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
@@ -470,62 +406,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
-PSA hash multi part: MD2 Test vector RFC1319 #1
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
-
-PSA hash multi part: MD2 Test vector RFC1319 #2
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-PSA hash multi part: MD2 Test vector RFC1319 #3
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash multi part: MD2 Test vector RFC1319 #4
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
-
-PSA hash multi part: MD2 Test vector RFC1319 #5
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
-
-PSA hash multi part: MD2 Test vector RFC1319 #6
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
-
-PSA hash multi part: MD2 Test vector RFC1319 #7
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-PSA hash multi part: MD4 Test vector RFC1320 #1
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-PSA hash multi part: MD4 Test vector RFC1320 #2
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
-
-PSA hash multi part: MD4 Test vector RFC1320 #3
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
-PSA hash multi part: MD4 Test vector RFC1320 #4
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
-
-PSA hash multi part: MD4 Test vector RFC1320 #5
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-PSA hash multi part: MD4 Test vector RFC1320 #6
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
-
-PSA hash multi part: MD4 Test vector RFC1320 #7
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
PSA hash multi part: MD5 Test vector RFC1321 #1
depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index d612548..9f72b47 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -85,12 +85,6 @@
MBEDTLS_ENTROPY_MIN_PLATFORM,
MBEDTLS_ENTROPY_SOURCE_STRONG );
#endif
-#if defined(MBEDTLS_TIMING_C)
- if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING )
- mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
- MBEDTLS_ENTROPY_MIN_HARDCLOCK,
- MBEDTLS_ENTROPY_SOURCE_WEAK );
-#endif
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE )
mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index 22056b0..9bf91b5 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -1,11 +1,3 @@
-Hash: MD2
-depends_on:PSA_WANT_ALG_MD2
-hash_algorithm:PSA_ALG_MD2:16
-
-Hash: MD4
-depends_on:PSA_WANT_ALG_MD4
-hash_algorithm:PSA_ALG_MD4:16
-
Hash: MD5
depends_on:PSA_WANT_ALG_MD5
hash_algorithm:PSA_ALG_MD5:16
@@ -34,14 +26,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_algorithm:PSA_ALG_SHA_512:64
-MAC: HMAC-MD2
-depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
-
-MAC: HMAC-MD4
-depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
-
MAC: HMAC-MD5
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
@@ -319,10 +303,6 @@
depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16
-Stream cipher key type: ARC4
-depends_on:PSA_WANT_KEY_TYPE_ARC4
-stream_cipher_key_type:PSA_KEY_TYPE_ARC4
-
Stream cipher key type: ChaCha20
depends_on:PSA_WANT_KEY_TYPE_CHACHA20
stream_cipher_key_type:PSA_KEY_TYPE_CHACHA20
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index cc5a047..e81f208 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -220,22 +220,6 @@
depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0
-RSA PKCS1 Sign #5 (MD2, 2048 bits RSA)
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0
-
-RSA PKCS1 Sign #5 Verify
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0
-
-RSA PKCS1 Sign #6 (MD4, 2048 bits RSA)
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0
-
-RSA PKCS1 Sign #6 Verify
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0
-
RSA PKCS1 Sign #7 (MD5, 2048 bits RSA)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 14b4afc..eb96e30 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -1,8 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/rsa.h"
#include "rsa_alt_helpers.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index a497076..b0a573d 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -3550,326 +3550,6 @@
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
Record crypt, AES-128-GCM, 1.2
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
@@ -7278,326 +6958,6 @@
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
Record crypt, little space, AES-128-GCM, 1.2
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index c555d74..d4aad60 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -800,7 +800,8 @@
ret = mbedtls_pk_parse_key( &( cert->pkey ),
(const unsigned char*) mbedtls_test_srv_key_rsa_der,
- mbedtls_test_srv_key_rsa_der_len, NULL, 0 );
+ mbedtls_test_srv_key_rsa_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( ret == 0 );
}
else
@@ -812,7 +813,8 @@
ret = mbedtls_pk_parse_key( &( cert->pkey ),
(const unsigned char*) mbedtls_test_srv_key_ec_der,
- mbedtls_test_srv_key_ec_der_len, NULL, 0 );
+ mbedtls_test_srv_key_ec_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( ret == 0 );
}
}
@@ -827,7 +829,8 @@
ret = mbedtls_pk_parse_key( &( cert->pkey ),
(const unsigned char *) mbedtls_test_cli_key_rsa_der,
- mbedtls_test_cli_key_rsa_der_len, NULL, 0 );
+ mbedtls_test_cli_key_rsa_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( ret == 0 );
}
else
@@ -839,7 +842,8 @@
ret = mbedtls_pk_parse_key( &( cert->pkey ),
(const unsigned char *) mbedtls_test_cli_key_ec_der,
- mbedtls_test_cli_key_ec_der_len, NULL, 0 );
+ mbedtls_test_cli_key_ec_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( ret == 0 );
}
}
diff --git a/tests/suites/test_suite_timing.data b/tests/suites/test_suite_timing.data
index 2522da1..de89239 100644
--- a/tests/suites/test_suite_timing.data
+++ b/tests/suites/test_suite_timing.data
@@ -1,15 +1,6 @@
-Timing: hardclock
-timing_hardclock:
-
Timing: get timer
timing_get_timer:
-Timing: set alarm with no delay
-timing_set_alarm:0:
-
-Timing: set alarm with 1s delay
-timing_set_alarm:1:
-
Timing: delay 0ms
timing_delay:0:
diff --git a/tests/suites/test_suite_timing.function b/tests/suites/test_suite_timing.function
index 74dc823..3483d85 100644
--- a/tests/suites/test_suite_timing.function
+++ b/tests/suites/test_suite_timing.function
@@ -17,15 +17,6 @@
*/
/* BEGIN_CASE */
-void timing_hardclock( )
-{
- (void) mbedtls_timing_hardclock();
- /* This goto is added to avoid warnings from the generated code. */
- goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
void timing_get_timer( )
{
struct mbedtls_timing_hr_time time;
@@ -37,23 +28,6 @@
/* END_CASE */
/* BEGIN_CASE */
-void timing_set_alarm( int seconds )
-{
- if( seconds == 0 )
- {
- mbedtls_set_alarm( seconds );
- TEST_ASSERT( mbedtls_timing_alarmed == 1 );
- }
- else
- {
- mbedtls_set_alarm( seconds );
- TEST_ASSERT( mbedtls_timing_alarmed == 0 ||
- mbedtls_timing_alarmed == 1 );
- }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
void timing_delay( int fin_ms )
{
mbedtls_timing_delay_context ctx;
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index dc81afb..e21b450 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -22,14 +22,6 @@
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
x509_cert_info:"data_files/test-ca.crt.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n"
-X509 CRT information MD2 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD2_C
-x509_cert_info:"data_files/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD2\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
-
-X509 CRT information MD4 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD4_C
-x509_cert_info:"data_files/cert_md4.crt":"cert. version \: 3\nserial number \: 05\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
-
X509 CRT information MD5 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD5_C
x509_cert_info:"data_files/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
@@ -202,14 +194,6 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n"
-X509 CRL Information MD2 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n"
-
-X509 CRL Information MD4 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n"
-
X509 CRL Information MD5 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n"
@@ -286,10 +270,6 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0
-X509 CSR Information RSA with MD4
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n"
-
X509 CSR Information RSA with MD5
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n"
@@ -527,26 +507,10 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL"
-X509 CRT verification #12 (Valid Cert MD2 Digest, MD2 forbidden)
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_verify:"data_files/cert_md2.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL"
-
-X509 CRT verification #12 (Valid Cert MD4 Digest, MD4 forbidden)
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL"
-
X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 forbidden)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL"
-X509 CRT verification #12 (Valid Cert MD2 Digest, MD2 allowed)
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_verify:"data_files/cert_md2.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL"
-
-X509 CRT verification #12 (Valid Cert MD4 Digest, MD4 allowed)
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL"
-
X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 allowed)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL"
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index 9e2ae01..efc2fc9 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -18,10 +18,6 @@
depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0
-Certificate Request check Server1 MD4
-depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0
-
Certificate Request check Server1 MD5
depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 44f846f..c9b7cf9 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -94,7 +94,8 @@
memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
mbedtls_pk_init( &key );
- TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
+ mbedtls_test_rnd_std_rand, NULL ) == 0 );
mbedtls_x509write_csr_init( &req );
mbedtls_x509write_csr_set_md_alg( &req, md_type );
@@ -163,7 +164,8 @@
TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
mbedtls_pk_init( &key );
- TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
+ mbedtls_test_rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 );
mbedtls_x509write_csr_init( &req );
@@ -225,10 +227,10 @@
mbedtls_x509write_crt_init( &crt );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file,
- subject_pwd ) == 0 );
+ subject_pwd, mbedtls_test_rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file,
- issuer_pwd ) == 0 );
+ issuer_pwd, mbedtls_test_rnd_std_rand, NULL ) == 0 );
#if defined(MBEDTLS_RSA_C)
/* For RSA PK contexts, create a copy as an alternative RSA context. */
diff --git a/tests/suites/test_suite_xtea.data b/tests/suites/test_suite_xtea.data
deleted file mode 100644
index d9d06d7..0000000
--- a/tests/suites/test_suite_xtea.data
+++ /dev/null
@@ -1,76 +0,0 @@
-XTEA Encrypt_ecb #1
-xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"497df3d072612cb5"
-
-XTEA Encrypt_ecb #2
-xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4141414141414141":"e78f2d13744341d8"
-
-XTEA Encrypt_ecb #3
-xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"5a5b6e278948d77f":"4141414141414141"
-
-XTEA Encrypt_ecb #4
-xtea_encrypt_ecb:"00000000000000000000000000000000":"4142434445464748":"a0390589f8b8efa5"
-
-XTEA Encrypt_ecb #5
-xtea_encrypt_ecb:"00000000000000000000000000000000":"4141414141414141":"ed23375a821a8c2d"
-
-XTEA Encrypt_ecb #6
-xtea_encrypt_ecb:"00000000000000000000000000000000":"70e1225d6e4e7655":"4141414141414141"
-
-XTEA Decrypt_ecb #1
-xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"497df3d072612cb5":"4142434445464748"
-
-XTEA Decrypt_ecb #2
-xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"e78f2d13744341d8":"4141414141414141"
-
-XTEA Decrypt_ecb #3
-xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4141414141414141":"5a5b6e278948d77f"
-
-XTEA Decrypt_ecb #4
-xtea_decrypt_ecb:"00000000000000000000000000000000":"a0390589f8b8efa5":"4142434445464748"
-
-XTEA Decrypt_ecb #5
-xtea_decrypt_ecb:"00000000000000000000000000000000":"ed23375a821a8c2d":"4141414141414141"
-
-XTEA Decrypt_ecb #6
-xtea_decrypt_ecb:"00000000000000000000000000000000":"4141414141414141":"70e1225d6e4e7655"
-
-XTEA Encrypt CBC #1
-xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"6162636465666768":"4142434445464748":"6b982bec15a7b558"
-
-XTEA Encrypt CBC #2
-xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"41414141414141414141414141414141":"2c6aeb799561c8e973b0927f072e3801"
-
-XTEA Encrypt CBC #3
-xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"41414141414141415fee100fe2c030025d8a557f2677cb33"
-
-XTEA Encrypt CBC #4
-xtea_encrypt_cbc:"00000000000000000000000000000000":"6162636465666768":"4142434445464748":"5b0c065a3803900d"
-
-XTEA Encrypt CBC #5
-xtea_encrypt_cbc:"00000000000000000000000000000000":"4142434445464748":"41414141414141414141414141414141":"bdae508aa320aa5caa7cd79dbc9c38aa"
-
-XTEA Encrypt CBC #6
-xtea_encrypt_cbc:"00000000000000000000000000000000":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"61f5082a2c996f632da3ea16ff8e06558b69f069d8637b31"
-
-XTEA Decrypt CBC #1
-xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"6162636465666768":"4142434445464748":"359def46515c71b2"
-
-XTEA Decrypt CBC #2
-xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"41414141414141414141414141414141":"1b192d63cc0e90371b1a2f66c809963e"
-
-XTEA Decrypt CBC #3
-xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"2e76e5cc03543cdc40ca03358a5764c331a0631c2f0f3714"
-
-XTEA Decrypt CBC #4
-xtea_decrypt_cbc:"00000000000000000000000000000000":"6162636465666768":"4142434445464748":"81476a15138174dc"
-
-XTEA Decrypt CBC #5
-xtea_decrypt_cbc:"00000000000000000000000000000000":"4142434445464748":"41414141414141414141414141414141":"31a361192b08311d31a0631c2f0f3714"
-
-XTEA Decrypt CBC #6
-xtea_decrypt_cbc:"00000000000000000000000000000000":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"c1e2dbbf67ee786e29e051bea18c6abc66f1de5c2daefc2a"
-
-XTEA Selftest
-depends_on:MBEDTLS_SELF_TEST
-xtea_selftest:
-
diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function
deleted file mode 100644
index 1d5b29b..0000000
--- a/tests/suites/test_suite_xtea.function
+++ /dev/null
@@ -1,86 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/xtea.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_XTEA_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void xtea_encrypt_ecb( data_t * key_str, data_t * src_str,
- data_t * dst )
-{
- unsigned char output[100];
- mbedtls_xtea_context ctx;
-
- memset(output, 0x00, 100);
-
-
- mbedtls_xtea_setup( &ctx, key_str->x );
- TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void xtea_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_xtea_context ctx;
-
- memset(output, 0x00, 100);
-
-
- mbedtls_xtea_setup( &ctx, key_str->x );
- TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_xtea_context ctx;
-
- memset(output, 0x00, 100);
-
-
- mbedtls_xtea_setup( &ctx, key_str->x );
- TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x,
- src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
- src_str->len, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_xtea_context ctx;
-
- memset(output, 0x00, 100);
-
-
- mbedtls_xtea_setup( &ctx, key_str->x );
- TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x,
- src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
- src_str->len, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void xtea_selftest( )
-{
- TEST_ASSERT( mbedtls_xtea_self_test( 1 ) == 0 );
-}
-/* END_CASE */