Merge pull request #10286 from davidhorstmann-arm/update-4.x-lts-timeline
Update note about the first 4.x LTS
diff --git a/BRANCHES.md b/BRANCHES.md
index 10f5664..8066297 100644
--- a/BRANCHES.md
+++ b/BRANCHES.md
@@ -107,6 +107,6 @@
- [`development`](https://github.com/Mbed-TLS/mbedtls/)
- [`mbedtls-3.6`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-3.6)
maintained until March 2027, see
- <https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0>.
+ <https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.4>.
Users are urged to always use the latest version of a maintained branch.
diff --git a/ChangeLog b/ChangeLog
index 1c48958..912a178 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,330 @@
Mbed TLS ChangeLog (Sorted per branch, date)
+= Mbed TLS 4.0.0-beta branch released 2025-07-04
+
+API changes
+ * The experimental functions psa_generate_key_ext() and
+ psa_key_derivation_output_key_ext() have been replaced by
+ psa_generate_key_custom() and psa_key_derivation_output_key_custom().
+ They have almost exactly the same interface, but the variable-length
+ data is passed in a separate parameter instead of a flexible array
+ member. This resolves a build failure under C++ compilers that do not
+ support flexible array members (a C99 feature not adopted by C++).
+ Fixes #9020.
+ * Align the mbedtls_ssl_ticket_setup() function with the PSA Crypto API.
+ Instead of taking a mbedtls_cipher_type_t as an argument, this function
+ now takes 3 new arguments: a PSA algorithm, key type and key size, to
+ specify the AEAD for ticket protection.
+ * The PSA and Mbed TLS error spaces are now unified. mbedtls_xxx()
+ functions can now return PSA_ERROR_xxx values.
+ There is no longer a distinction between "low-level" and "high-level"
+ Mbed TLS error codes.
+ This will not affect most applications since the error values are
+ between -32767 and -1 as before.
+ * All API functions now use the PSA random generator psa_generate_random()
+ internally. As a consequence, functions no longer take RNG parameters.
+ Please refer to the migration guide at :
+ tf-psa-crypto/docs/4.0-migration-guide.md.
+
+Default behavior changes
+ * In a PSA-client-only build (i.e. MBEDTLS_PSA_CRYPTO_CLIENT &&
+ !MBEDTLS_PSA_CRYPTO_C), do not automatically enable local crypto when the
+ corresponding PSA mechanism is enabled, since the server provides the
+ crypto. Fixes #9126.
+ * The PK, X.509, PKCS7 and TLS modules now always use the PSA subsystem
+ to perform cryptographic operations, with a few exceptions documented
+ in docs/architecture/psa-migration/psa-limitations.md. This
+ corresponds to the behavior of Mbed TLS 3.x when
+ MBEDTLS_USE_PSA_CRYPTO is enabled. In effect, MBEDTLS_USE_PSA_CRYPTO
+ is now always enabled.
+ * psa_crypto_init() must be called before performing any cryptographic
+ operation, including indirect requests such as parsing a key or
+ certificate or starting a TLS handshake.
+ * The `PSA_WANT_XXX` symbols as defined in
+ tf-psa-crypto/include/psa/crypto_config.h are now always used in the
+ configuration of the cryptographic mechanisms exposed by the PSA API.
+ This corresponds to the configuration behavior of Mbed TLS 3.x when
+ MBEDTLS_PSA_CRYPTO_CONFIG is enabled. In effect, MBEDTLS_PSA_CRYPTO_CONFIG
+ is now always enabled and the configuration option has been removed.
+ * In TLS clients, if mbedtls_ssl_set_hostname() has not been called,
+ mbedtls_ssl_handshake() now fails with
+ MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ if certificate-based authentication of the server is attempted.
+ This is because authenticating a server without knowing what name
+ to expect is usually insecure.
+
+Removals
+ * Drop support for VIA Padlock. Removes MBEDTLS_PADLOCK_C.
+ Fixes #5903.
+ * Drop support for crypto alt interface. Removes MBEDTLS_XXX_ALT options
+ at the module and function level for crypto mechanisms only. The remaining
+ alt interfaces for platform, threading and timing are unchanged.
+ Fixes #8149.
+ * Remove support for the RSA-PSK key exchange in TLS 1.2.
+ * Remove deprecated mbedtls_x509write_crt_set_serial(). The function was
+ already deprecated and superseded by
+ mbedtls_x509write_crt_set_serial_raw().
+ * Remove the function mbedtls_ssl_conf_curves() which had been deprecated
+ in favour of mbedtls_ssl_conf_groups() since Mbed TLS 3.1.
+ * Remove support for the DHE-PSK key exchange in TLS 1.2.
+ * Remove support for the DHE-RSA key exchange in TLS 1.2.
+ * Following the removal of DHM module (#9972 and TF-PSA-Crypto#175) the
+ following SSL functions are removed:
+ - mbedtls_ssl_conf_dh_param_bin
+ - mbedtls_ssl_conf_dh_param_ctx
+ - mbedtls_ssl_conf_dhm_min_bitlen
+ * Remove support for the RSA key exchange in TLS 1.2.
+ * Remove mbedtls_low_level_strerr() and mbedtls_high_level_strerr(),
+ since these concepts no longer exists. There is just mbedtls_strerror().
+ * Sample programs for the legacy crypto API have been removed.
+ pkey/rsa_genkey.c
+ pkey/pk_decrypt.c
+ pkey/dh_genprime.c
+ pkey/rsa_verify.c
+ pkey/mpi_demo.c
+ pkey/rsa_decrypt.c
+ pkey/key_app.c
+ pkey/dh_server.c
+ pkey/ecdh_curve25519.c
+ pkey/pk_encrypt.c
+ pkey/rsa_sign.c
+ pkey/key_app_writer.c
+ pkey/dh_client.c
+ pkey/ecdsa.c
+ pkey/rsa_encrypt.c
+ wince_main.c
+ aes/crypt_and_hash.c
+ random/gen_random_ctr_drbg.c
+ random/gen_entropy.c
+ hash/md_hmac_demo.c
+ hash/hello.c
+ hash/generic_sum.c
+ cipher/cipher_aead_demo.c
+ * Remove compat-2-x.h header from mbedtls.
+ * The library no longer offers interfaces to look up values by OID
+ or OID by enum values.
+ The header <mbedtls/oid.h> now only defines functions to convert
+ between binary and dotted string OID representations, and macros
+ for OID strings that are relevant to X.509.
+ The compilation option MBEDTLS_OID_C no longer
+ exists. OID tables are included in the build automatically as needed.
+
+Features
+ * When the new compilation option MBEDTLS_PSA_KEY_STORE_DYNAMIC is enabled,
+ the number of volatile PSA keys is virtually unlimited, at the expense
+ of increased code size. This option is off by default, but enabled in
+ the default mbedtls_config.h. Fixes #9216.
+ * Add a new psa_key_agreement() PSA API to perform key agreement and return
+ an identifier for the newly created key.
+ * Added new configuration option MBEDTLS_PSA_STATIC_KEY_SLOTS, which
+ uses static storage for keys, enabling malloc-less use of key slots.
+ The size of each buffer is given by the option
+ MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE. By default it accommodates the
+ largest PSA key enabled in the build.
+ * Add an interruptible version of key agreement to the PSA interface.
+ See psa_key_agreement_iop_setup() and related functions.
+ * Add an interruptible version of generate key to the PSA interface.
+ See psa_generate_key_iop_setup() and related functions.
+ * Add the function mbedtls_ssl_export_keying_material() which allows the
+ client and server to extract additional shared symmetric keys from an SSL
+ session, according to the TLS-Exporter specification in RFC 8446 and 5705.
+ This requires MBEDTLS_SSL_KEYING_MATERIAL_EXPORT to be defined in
+ mbedtls_config.h.
+
+Security
+ * Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does
+ not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when
+ MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.
+ CVE-2024-45157
+ * Fix a stack buffer overflow in mbedtls_ecdsa_der_to_raw() and
+ mbedtls_ecdsa_raw_to_der() when the bits parameter is larger than the
+ largest supported curve. In some configurations with PSA disabled,
+ all values of bits are affected. This never happens in internal library
+ calls, but can affect applications that call these functions directly.
+ CVE-2024-45158
+ * With TLS 1.3, when a server enables optional authentication of the
+ client, if the client-provided certificate does not have appropriate values
+ in keyUsage or extKeyUsage extensions, then the return value of
+ mbedtls_ssl_get_verify_result() would incorrectly have the
+ MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_EXT_KEY_USAGE bits
+ clear. As a result, an attacker that had a certificate valid for uses other
+ than TLS client authentication could be able to use it for TLS client
+ authentication anyway. Only TLS 1.3 servers were affected, and only with
+ optional authentication (required would abort the handshake with a fatal
+ alert).
+ CVE-2024-45159
+ * Fix a buffer underrun in mbedtls_pk_write_key_der() when
+ called on an opaque key, MBEDTLS_USE_PSA_CRYPTO is enabled,
+ and the output buffer is smaller than the actual output.
+ Fix a related buffer underrun in mbedtls_pk_write_key_pem()
+ when called on an opaque RSA key, MBEDTLS_USE_PSA_CRYPTO is enabled
+ and MBEDTLS_MPI_MAX_SIZE is smaller than needed for a 4096-bit RSA key.
+ CVE-2024-49195
+ * Note that TLS clients should generally call mbedtls_ssl_set_hostname()
+ if they use certificate authentication (i.e. not pre-shared keys).
+ Otherwise, in many scenarios, the server could be impersonated.
+ The library will now prevent the handshake and return
+ MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
+ if mbedtls_ssl_set_hostname() has not been called.
+ Reported by Daniel Stenberg.
+ CVE-2025-27809
+ * Fix a vulnerability in the TLS 1.2 handshake. If memory allocation failed
+ or there was a cryptographic hardware failure when calculating the
+ Finished message, it could be calculated incorrectly. This would break
+ the security guarantees of the TLS handshake.
+ CVE-2025-27810
+ * Fix possible use-after-free or double-free in code calling
+ mbedtls_x509_string_to_names(). This was caused by the function calling
+ mbedtls_asn1_free_named_data_list() on its head argument, while the
+ documentation did no suggest it did, making it likely for callers relying
+ on the documented behaviour to still hold pointers to memory blocks after
+ they were free()d, resulting in high risk of use-after-free or double-free,
+ with consequences ranging up to arbitrary code execution.
+ In particular, the two sample programs x509/cert_write and x509/cert_req
+ were affected (use-after-free if the san string contains more than one DN).
+ Code that does not call mbedtls_string_to_names() directly is not affected.
+ Found by Linh Le and Ngan Nguyen from Calif.
+ CVE-2025-47917
+ * Fix a bug in mbedtls_x509_string_to_names() and the
+ mbedtls_x509write_{crt,csr}_set_{subject,issuer}_name() functions,
+ where some inputs would cause an inconsistent state to be reached, causing
+ a NULL dereference either in the function itself, or in subsequent
+ users of the output structure, such as mbedtls_x509_write_names(). This
+ only affects applications that create (as opposed to consume) X.509
+ certificates, CSRs or CRLs. Found by Linh Le and Ngan Nguyen from Calif.
+ CVE-2025-48965
+
+Bugfix
+ * Fix TLS 1.3 client build and runtime when support for session tickets is
+ disabled (MBEDTLS_SSL_SESSION_TICKETS configuration option). Fixes #6395.
+ * Fix compilation error when memcpy() is a function-like macros. Fixes #8994.
+ * MBEDTLS_ASN1_PARSE_C and MBEDTLS_ASN1_WRITE_C are now automatically enabled
+ as soon as MBEDTLS_RSA_C is enabled. Fixes #9041.
+ * Fix undefined behaviour (incrementing a NULL pointer by zero length) when
+ passing in zero length additional data to multipart AEAD.
+ * Fix rare concurrent access bug where attempting to operate on a
+ non-existent key while concurrently creating a new key could potentially
+ corrupt the key store.
+ * Fix error handling when creating a key in a dynamic secure element
+ (feature enabled by MBEDTLS_PSA_CRYPTO_SE_C). In a low memory condition,
+ the creation could return PSA_SUCCESS but using or destroying the key
+ would not work. Fixes #8537.
+ * Fix issue of redefinition warning messages for _GNU_SOURCE in
+ entropy_poll.c and sha_256.c. There was a build warning during
+ building for linux platform.
+ Resolves #9026
+ * Fix a compilation warning in pk.c when PSA is enabled and RSA is disabled.
+ * Fix the build when MBEDTLS_PSA_CRYPTO_CONFIG is enabled and the built-in
+ CMAC is enabled, but no built-in unauthenticated cipher is enabled.
+ Fixes #9209.
+ * Fix redefinition warnings when SECP192R1 and/or SECP192K1 are disabled.
+ Fixes #9029.
+ * Fix psa_cipher_decrypt() with CCM* rejecting messages less than 3 bytes
+ long. Credit to Cryptofuzz. Fixes #9314.
+ * Fix interference between PSA volatile keys and built-in keys
+ when MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled and
+ MBEDTLS_PSA_KEY_SLOT_COUNT is more than 4096.
+ * Document and enforce the limitation of mbedtls_psa_register_se_key()
+ to persistent keys. Resolves #9253.
+ * Fix Clang compilation error when MBEDTLS_USE_PSA_CRYPTO is enabled
+ but MBEDTLS_DHM_C is disabled. Reported by Michael Schuster in #9188.
+ * Fix server mode only build when MBEDTLS_SSL_SRV_C is enabled but
+ MBEDTLS_SSL_CLI_C is disabled. Reported by M-Bab on GitHub in #9186.
+ * When MBEDTLS_PSA_CRYPTO_C was disabled and MBEDTLS_ECDSA_C enabled,
+ some code was defining 0-size arrays, resulting in compilation errors.
+ Fixed by disabling the offending code in configurations without PSA
+ Crypto, where it never worked. Fixes #9311.
+ * Fixes an issue where some TLS 1.2 clients could not connect to an
+ Mbed TLS 3.6.0 server, due to incorrect handling of
+ legacy_compression_methods in the ClientHello.
+ fixes #8995, #9243.
+ * Fix a memory leak that could occur when failing to process an RSA
+ key through some PSA functions due to low memory conditions.
+ * Fixed a regression introduced in 3.6.0 where the CA callback set with
+ mbedtls_ssl_conf_ca_cb() would stop working when connections were
+ upgraded to TLS 1.3. Fixed by adding support for the CA callback with TLS
+ 1.3.
+ * Fixed a regression introduced in 3.6.0 where clients that relied on
+ optional/none authentication mode, by calling mbedtls_ssl_conf_authmode()
+ with MBEDTLS_SSL_VERIFY_OPTIONAL or MBEDTLS_SSL_VERIFY_NONE, would stop
+ working when connections were upgraded to TLS 1.3. Fixed by adding
+ support for optional/none with TLS 1.3 as well. Note that the TLS 1.3
+ standard makes server authentication mandatory; users are advised not to
+ use authmode none, and to carefully check the results when using optional
+ mode.
+ * Fixed a regression introduced in 3.6.0 where context-specific certificate
+ verify callbacks, set with mbedtls_ssl_set_verify() as opposed to
+ mbedtls_ssl_conf_verify(), would stop working when connections were
+ upgraded to TLS 1.3. Fixed by adding support for context-specific verify
+ callback in TLS 1.3.
+ * Fix unintended performance regression when using short RSA public keys.
+ Fixes #9232.
+ * When MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE is disabled, work with
+ peers that have middlebox compatibility enabled, as long as no
+ problematic middlebox is in the way. Fixes #9551.
+ * Fix invalid JSON schemas for driver descriptions used by
+ generate_driver_wrappers.py.
+ * Use 'mbedtls_net_close' instead of 'close' in 'mbedtls_net_bind'
+ and 'mbedtls_net_connect' to prevent possible double close fd
+ problems. Fixes #9711.
+ * Fix undefined behavior in some cases when mbedtls_psa_raw_to_der() or
+ mbedtls_psa_der_to_raw() is called with bits=0.
+ * Fix compilation on MS-DOS DJGPP. Fixes #9813.
+ * Fix missing constraints on the AES-NI inline assembly which is used on
+ GCC-like compilers when building AES for generic x86_64 targets. This
+ may have resulted in incorrect code with some compilers, depending on
+ optimizations. Fixes #9819.
+ * Support re-assembly of fragmented handshake messages in TLS (both
+ 1.2 and 1.3). The lack of support was causing handshake failures with
+ some servers, especially with TLS 1.3 in practice. There are a few
+ limitations, notably a fragmented ClientHello is only supported when
+ TLS 1.3 support is enabled. See the documentation of
+ mbedtls_ssl_handshake() for details.
+ * Fix definition of MBEDTLS_PRINTF_SIZET to prevent runtime crashes that
+ occurred whenever SSL debugging was enabled on a copy of Mbed TLS built
+ with Visual Studio 2013 or MinGW.
+ Fixes #10017.
+ * Silence spurious -Wunterminated-string-initialization warnings introduced
+ by GCC 15. Fixes #9944.
+
+Changes
+ * Warn if mbedtls/check_config.h is included manually, as this can
+ lead to spurious errors. Error if a *adjust*.h header is included
+ manually, as this can lead to silently inconsistent configurations,
+ potentially resulting in buffer overflows.
+ When migrating from Mbed TLS 2.x, if you had a custom config.h that
+ included check_config.h, remove this inclusion from the Mbed TLS 3.x
+ configuration file (renamed to mbedtls_config.h). This change was made
+ in Mbed TLS 3.0, but was not announced in a changelog entry at the time.
+ * Functions regarding numeric string conversions for OIDs have been moved
+ from the OID module and now reside in X.509 module. This helps to reduce
+ the code size as these functions are not commonly used outside of X.509.
+ * Improve performance of PSA key generation with ECC keys: it no longer
+ computes the public key (which was immediately discarded). Fixes #9732.
+ * Cryptography and platform configuration options have been migrated
+ from the Mbed TLS library configuration file mbedtls_config.h to
+ crypto_config.h that will become the TF-PSA-Crypto configuration file,
+ see config-split.md for more information. The reference and test custom
+ configuration files respectively in configs/ and tests/configs/ have
+ been updated accordingly.
+ To migrate custom Mbed TLS configurations where
+ MBEDTLS_PSA_CRYPTO_CONFIG is disabled, you should first adapt them
+ to the PSA configuration scheme based on PSA_WANT_XXX symbols
+ (see psa-conditional-inclusion-c.md for more information).
+ To migrate custom Mbed TLS configurations where
+ MBEDTLS_PSA_CRYPTO_CONFIG is enabled, you should migrate the
+ cryptographic and platform configuration options from mbedtls_config.h
+ to crypto_config.h (see config-split.md for more information and configs/
+ for examples).
+ * Move the crypto part of the library (content of tf-psa-crypto directory)
+ from the Mbed TLS to the TF-PSA-Crypto repository. The crypto code and
+ tests development will now occur in TF-PSA-Crypto, which Mbed TLS
+ references as a Git submodule.
+ * The function mbedtls_x509_string_to_names() now requires its head argument
+ to point to NULL on entry. This makes it likely that existing risky uses of
+ this function (see the entry in the Security section) will be detected and
+ fixed.
+
= Mbed TLS 3.6.0 branch released 2024-03-28
API changes
diff --git a/ChangeLog.d/9126.txt b/ChangeLog.d/9126.txt
deleted file mode 100644
index 22939df..0000000
--- a/ChangeLog.d/9126.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Default behavior changes
- * In a PSA-client-only build (i.e. MBEDTLS_PSA_CRYPTO_CLIENT &&
- !MBEDTLS_PSA_CRYPTO_C), do not automatically enable local crypto when the
- corresponding PSA mechanism is enabled, since the server provides the
- crypto. Fixes #9126.
diff --git a/ChangeLog.d/9302.txt b/ChangeLog.d/9302.txt
deleted file mode 100644
index d61ba19..0000000
--- a/ChangeLog.d/9302.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Features
- * Added new configuration option MBEDTLS_PSA_STATIC_KEY_SLOTS, which
- uses static storage for keys, enabling malloc-less use of key slots.
- The size of each buffer is given by the option
- MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE. By default it accommodates the
- largest PSA key enabled in the build.
diff --git a/ChangeLog.d/9684.txt b/ChangeLog.d/9684.txt
deleted file mode 100644
index 115ded8..0000000
--- a/ChangeLog.d/9684.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Removals
- * Remove support for the DHE-PSK key exchange in TLS 1.2.
diff --git a/ChangeLog.d/9685.txt b/ChangeLog.d/9685.txt
deleted file mode 100644
index 9820aff..0000000
--- a/ChangeLog.d/9685.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Removals
- * Remove support for the DHE-RSA key exchange in TLS 1.2.
diff --git a/ChangeLog.d/9690.txt b/ChangeLog.d/9690.txt
deleted file mode 100644
index d00eb16..0000000
--- a/ChangeLog.d/9690.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-Security
- * Fix a buffer underrun in mbedtls_pk_write_key_der() when
- called on an opaque key, MBEDTLS_USE_PSA_CRYPTO is enabled,
- and the output buffer is smaller than the actual output.
- Fix a related buffer underrun in mbedtls_pk_write_key_pem()
- when called on an opaque RSA key, MBEDTLS_USE_PSA_CRYPTO is enabled
- and MBEDTLS_MPI_MAX_SIZE is smaller than needed for a 4096-bit RSA key.
- CVE-2024-49195
diff --git a/ChangeLog.d/9874.txt b/ChangeLog.d/9874.txt
deleted file mode 100644
index a4d2e03..0000000
--- a/ChangeLog.d/9874.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-API changes
- * Align the mbedtls_ssl_ticket_setup() function with the PSA Crypto API.
- Instead of taking a mbedtls_cipher_type_t as an argument, this function
- now takes 3 new arguments: a PSA algorithm, key type and key size, to
- specify the AEAD for ticket protection.
diff --git a/ChangeLog.d/9892.txt b/ChangeLog.d/9892.txt
deleted file mode 100644
index 01d21b6..0000000
--- a/ChangeLog.d/9892.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Removals
- * Remove deprecated mbedtls_x509write_crt_set_serial(). The function was
- already deprecated and superseeded by
- mbedtls_x509write_crt_set_serial_raw().
diff --git a/ChangeLog.d/9956.txt b/ChangeLog.d/9956.txt
deleted file mode 100644
index cea4af1..0000000
--- a/ChangeLog.d/9956.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Removals
- * Following the removal of DHM module (#9972 and TF-PSA-Crypto#175) the
- following SSL functions are removed:
- - mbedtls_ssl_conf_dh_param_bin
- - mbedtls_ssl_conf_dh_param_ctx
- - mbedtls_ssl_conf_dhm_min_bitlen
diff --git a/ChangeLog.d/9964.txt b/ChangeLog.d/9964.txt
deleted file mode 100644
index ca0cc4b..0000000
--- a/ChangeLog.d/9964.txt
+++ /dev/null
@@ -1,25 +0,0 @@
-Removals
- * Removal of the following sample programs:
- pkey/rsa_genkey.c
- pkey/pk_decrypt.c
- pkey/dh_genprime.c
- pkey/rsa_verify.c
- pkey/mpi_demo.c
- pkey/rsa_decrypt.c
- pkey/key_app.c
- pkey/dh_server.c
- pkey/ecdh_curve25519.c
- pkey/pk_encrypt.c
- pkey/rsa_sign.c
- pkey/key_app_writer.c
- pkey/dh_client.c
- pkey/ecdsa.c
- pkey/rsa_encrypt.c
- wince_main.c
- aes/crypt_and_hash.c
- random/gen_random_ctr_drbg.c
- random/gen_entropy.c
- hash/md_hmac_demo.c
- hash/hello.c
- hash/generic_sum.c
- cipher/cipher_aead_demo.c
diff --git a/ChangeLog.d/MBEDTLS_PSA_HMAC_DRBG_MD_TYPE.txt b/ChangeLog.d/MBEDTLS_PSA_HMAC_DRBG_MD_TYPE.txt
deleted file mode 100644
index 079cd74..0000000
--- a/ChangeLog.d/MBEDTLS_PSA_HMAC_DRBG_MD_TYPE.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Security
- * Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does
- not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when
- MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.
diff --git a/ChangeLog.d/add-psa-iop-generate-key.txt b/ChangeLog.d/add-psa-iop-generate-key.txt
deleted file mode 100644
index 0f586ee..0000000
--- a/ChangeLog.d/add-psa-iop-generate-key.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Features
- * Add an interruptible version of generate key to the PSA interface.
- See psa_generate_key_iop_setup() and related functions.
diff --git a/ChangeLog.d/add-psa-iop-key-agreement.txt b/ChangeLog.d/add-psa-iop-key-agreement.txt
deleted file mode 100644
index 92dfde1..0000000
--- a/ChangeLog.d/add-psa-iop-key-agreement.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Features
- * Add an interruptible version of key agreement to the PSA interface.
- See psa_key_agreement_iop_setup() and related functions.
-
diff --git a/ChangeLog.d/add-psa-key-agreement.txt b/ChangeLog.d/add-psa-key-agreement.txt
deleted file mode 100644
index 771e6e2..0000000
--- a/ChangeLog.d/add-psa-key-agreement.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Features
- * Add a new psa_key_agreement() PSA API to perform key agreement and return
- an identifier for the newly created key.
diff --git a/ChangeLog.d/add-tls-exporter.txt b/ChangeLog.d/add-tls-exporter.txt
deleted file mode 100644
index 1aea653..0000000
--- a/ChangeLog.d/add-tls-exporter.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Features
- * Add the function mbedtls_ssl_export_keying_material() which allows the
- client and server to extract additional shared symmetric keys from an SSL
- session, according to the TLS-Exporter specification in RFC 8446 and 5705.
- This requires MBEDTLS_SSL_KEYING_MATERIAL_EXPORT to be defined in
- mbedtls_config.h.
diff --git a/ChangeLog.d/asn1-missing-guard-in-rsa.txt b/ChangeLog.d/asn1-missing-guard-in-rsa.txt
deleted file mode 100644
index bb5b470..0000000
--- a/ChangeLog.d/asn1-missing-guard-in-rsa.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * MBEDTLS_ASN1_PARSE_C and MBEDTLS_ASN1_WRITE_C are now automatically enabled
- as soon as MBEDTLS_RSA_C is enabled. Fixes #9041.
diff --git a/ChangeLog.d/check-config.txt b/ChangeLog.d/check-config.txt
deleted file mode 100644
index 8570a11..0000000
--- a/ChangeLog.d/check-config.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-Changes
- * Warn if mbedtls/check_config.h is included manually, as this can
- lead to spurious errors. Error if a *adjust*.h header is included
- manually, as this can lead to silently inconsistent configurations,
- potentially resulting in buffer overflows.
- When migrating from Mbed TLS 2.x, if you had a custom config.h that
- included check_config.h, remove this inclusion from the Mbed TLS 3.x
- configuration file (renamed to mbedtls_config.h). This change was made
- in Mbed TLS 3.0, but was not announced in a changelog entry at the time.
diff --git a/ChangeLog.d/configuration-split.txt b/ChangeLog.d/configuration-split.txt
deleted file mode 100644
index f4d9bc6..0000000
--- a/ChangeLog.d/configuration-split.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-Changes
- * Cryptography and platform configuration options have been migrated
- from the Mbed TLS library configuration file mbedtls_config.h to
- crypto_config.h that will become the TF-PSA-Crypto configuration file,
- see config-split.md for more information. The reference and test custom
- configuration files respectively in configs/ and tests/configs/ have
- been updated accordingly.
- To migrate custom Mbed TLS configurations where
- MBEDTLS_PSA_CRYPTO_CONFIG is disabled, you should first adapt them
- to the PSA configuration scheme based on PSA_WANT_XXX symbols
- (see psa-conditional-inclusion-c.md for more information).
- To migrate custom Mbed TLS configurations where
- MBEDTLS_PSA_CRYPTO_CONFIG is enabled, you should migrate the
- cryptographic and platform configuration options from mbedtls_config.h
- to crypto_config.h (see config-split.md for more information and configs/
- for examples).
diff --git a/ChangeLog.d/dynamic-keystore.txt b/ChangeLog.d/dynamic-keystore.txt
deleted file mode 100644
index c6aac3c..0000000
--- a/ChangeLog.d/dynamic-keystore.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-Features
- * When the new compilation option MBEDTLS_PSA_KEY_STORE_DYNAMIC is enabled,
- the number of volatile PSA keys is virtually unlimited, at the expense
- of increased code size. This option is off by default, but enabled in
- the default mbedtls_config.h. Fixes #9216.
-
-Bugfix
- * Fix interference between PSA volatile keys and built-in keys
- when MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled and
- MBEDTLS_PSA_KEY_SLOT_COUNT is more than 4096.
diff --git a/ChangeLog.d/ecdsa-conversion-overflow.txt b/ChangeLog.d/ecdsa-conversion-overflow.txt
deleted file mode 100644
index 83b7f2f..0000000
--- a/ChangeLog.d/ecdsa-conversion-overflow.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Security
- * Fix a stack buffer overflow in mbedtls_ecdsa_der_to_raw() and
- mbedtls_ecdsa_raw_to_der() when the bits parameter is larger than the
- largest supported curve. In some configurations with PSA disabled,
- all values of bits are affected. This never happens in internal library
- calls, but can affect applications that call these functions directly.
diff --git a/ChangeLog.d/error-unification.txt b/ChangeLog.d/error-unification.txt
deleted file mode 100644
index bcf5ba1..0000000
--- a/ChangeLog.d/error-unification.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-API changes
- * The PSA and Mbed TLS error spaces are now unified. mbedtls_xxx()
- functions can now return PSA_ERROR_xxx values.
- There is no longer a distinction between "low-level" and "high-level"
- Mbed TLS error codes.
- This will not affect most applications since the error values are
- between -32767 and -1 as before.
-
-Removals
- * Remove mbedtls_low_level_sterr() and mbedtls_high_level_strerr(),
- since these concepts no longer exists. There is just mbedtls_strerror().
diff --git a/ChangeLog.d/fix-aesni-asm-clobbers.txt b/ChangeLog.d/fix-aesni-asm-clobbers.txt
deleted file mode 100644
index 538f0c5..0000000
--- a/ChangeLog.d/fix-aesni-asm-clobbers.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix missing constraints on the AES-NI inline assembly which is used on
- GCC-like compilers when building AES for generic x86_64 targets. This
- may have resulted in incorrect code with some compilers, depending on
- optimizations. Fixes #9819.
diff --git a/ChangeLog.d/fix-clang-psa-build-without-dhm.txt b/ChangeLog.d/fix-clang-psa-build-without-dhm.txt
deleted file mode 100644
index 7ae1c68..0000000
--- a/ChangeLog.d/fix-clang-psa-build-without-dhm.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix Clang compilation error when MBEDTLS_USE_PSA_CRYPTO is enabled
- but MBEDTLS_DHM_C is disabled. Reported by Michael Schuster in #9188.
diff --git a/ChangeLog.d/fix-compilation-when-memcpy-is-function-like-macro.txt b/ChangeLog.d/fix-compilation-when-memcpy-is-function-like-macro.txt
deleted file mode 100644
index 11e7d25..0000000
--- a/ChangeLog.d/fix-compilation-when-memcpy-is-function-like-macro.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
- * Fix compilation error when memcpy() is a function-like macros. Fixes #8994.
diff --git a/ChangeLog.d/fix-compilation-with-djgpp.txt b/ChangeLog.d/fix-compilation-with-djgpp.txt
deleted file mode 100644
index 5b79fb6..0000000
--- a/ChangeLog.d/fix-compilation-with-djgpp.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
- * Fix compilation on MS-DOS DJGPP. Fixes #9813.
diff --git a/ChangeLog.d/fix-concurrently-loading-non-existent-keys.txt b/ChangeLog.d/fix-concurrently-loading-non-existent-keys.txt
deleted file mode 100644
index 8a406a1..0000000
--- a/ChangeLog.d/fix-concurrently-loading-non-existent-keys.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix rare concurrent access bug where attempting to operate on a
- non-existent key while concurrently creating a new key could potentially
- corrupt the key store.
diff --git a/ChangeLog.d/fix-driver-schema-check.txt b/ChangeLog.d/fix-driver-schema-check.txt
deleted file mode 100644
index 9b6d8ac..0000000
--- a/ChangeLog.d/fix-driver-schema-check.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix invalid JSON schemas for driver descriptions used by
- generate_driver_wrappers.py.
diff --git a/ChangeLog.d/fix-legacy-compression-issue.txt b/ChangeLog.d/fix-legacy-compression-issue.txt
deleted file mode 100644
index 2549af8..0000000
--- a/ChangeLog.d/fix-legacy-compression-issue.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Bugfix
- * Fixes an issue where some TLS 1.2 clients could not connect to an
- Mbed TLS 3.6.0 server, due to incorrect handling of
- legacy_compression_methods in the ClientHello.
- fixes #8995, #9243.
-
diff --git a/ChangeLog.d/fix-msvc-version-guard-format-zu.txt b/ChangeLog.d/fix-msvc-version-guard-format-zu.txt
deleted file mode 100644
index eefda61..0000000
--- a/ChangeLog.d/fix-msvc-version-guard-format-zu.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix definition of MBEDTLS_PRINTF_SIZET to prevent runtime crashes that
- occurred whenever SSL debugging was enabled on a copy of Mbed TLS built
- with Visual Studio 2013 or MinGW.
- Fixes #10017.
diff --git a/ChangeLog.d/fix-psa-cmac.txt b/ChangeLog.d/fix-psa-cmac.txt
deleted file mode 100644
index e3c8aec..0000000
--- a/ChangeLog.d/fix-psa-cmac.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix the build when MBEDTLS_PSA_CRYPTO_CONFIG is enabled and the built-in
- CMAC is enabled, but no built-in unauthenticated cipher is enabled.
- Fixes #9209.
diff --git a/ChangeLog.d/fix-redefination_warning_messages_for_GNU_SOURCE.txt b/ChangeLog.d/fix-redefination_warning_messages_for_GNU_SOURCE.txt
deleted file mode 100644
index b5c2650..0000000
--- a/ChangeLog.d/fix-redefination_warning_messages_for_GNU_SOURCE.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix issue of redefinition warning messages for _GNU_SOURCE in
- entropy_poll.c and sha_256.c. There was a build warning during
- building for linux platform.
- Resolves #9026
diff --git a/ChangeLog.d/fix-rsa-performance-regression.txt b/ChangeLog.d/fix-rsa-performance-regression.txt
deleted file mode 100644
index 603612a..0000000
--- a/ChangeLog.d/fix-rsa-performance-regression.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix unintended performance regression when using short RSA public keys.
- Fixes #9232.
diff --git a/ChangeLog.d/fix-secure-element-key-creation.txt b/ChangeLog.d/fix-secure-element-key-creation.txt
deleted file mode 100644
index 23a46c0..0000000
--- a/ChangeLog.d/fix-secure-element-key-creation.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix error handling when creating a key in a dynamic secure element
- (feature enabled by MBEDTLS_PSA_CRYPTO_SE_C). In a low memory condition,
- the creation could return PSA_SUCCESS but using or destroying the key
- would not work. Fixes #8537.
diff --git a/ChangeLog.d/fix-server-mode-only-build.txt b/ChangeLog.d/fix-server-mode-only-build.txt
deleted file mode 100644
index d1d8341..0000000
--- a/ChangeLog.d/fix-server-mode-only-build.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix server mode only build when MBEDTLS_SSL_SRV_C is enabled but
- MBEDTLS_SSL_CLI_C is disabled. Reported by M-Bab on GitHub in #9186.
diff --git a/ChangeLog.d/fix-test-suite-pk-warnings.txt b/ChangeLog.d/fix-test-suite-pk-warnings.txt
deleted file mode 100644
index 2604219..0000000
--- a/ChangeLog.d/fix-test-suite-pk-warnings.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix redefinition warnings when SECP192R1 and/or SECP192K1 are disabled.
- Fixes #9029.
diff --git a/ChangeLog.d/fix_reporting_of_key_usage_issues.txt b/ChangeLog.d/fix_reporting_of_key_usage_issues.txt
deleted file mode 100644
index b81fb42..0000000
--- a/ChangeLog.d/fix_reporting_of_key_usage_issues.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-Security
- * With TLS 1.3, when a server enables optional authentication of the
- client, if the client-provided certificate does not have appropriate values
- in keyUsage or extKeyUsage extensions, then the return value of
- mbedtls_ssl_get_verify_result() would incorrectly have the
- MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_EXT_KEY_USAGE bits
- clear. As a result, an attacker that had a certificate valid for uses other
- than TLS client authentication could be able to use it for TLS client
- authentication anyway. Only TLS 1.3 servers were affected, and only with
- optional authentication (required would abort the handshake with a fatal
- alert).
diff --git a/ChangeLog.d/fix_ubsan_mp_aead_gcm.txt b/ChangeLog.d/fix_ubsan_mp_aead_gcm.txt
deleted file mode 100644
index e4726a4..0000000
--- a/ChangeLog.d/fix_ubsan_mp_aead_gcm.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix undefined behaviour (incrementing a NULL pointer by zero length) when
- passing in zero length additional data to multipart AEAD.
diff --git a/ChangeLog.d/mbedtls_psa_ecp_generate_key-no_public_key.txt b/ChangeLog.d/mbedtls_psa_ecp_generate_key-no_public_key.txt
deleted file mode 100644
index 69c00e1..0000000
--- a/ChangeLog.d/mbedtls_psa_ecp_generate_key-no_public_key.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Changes
- * Improve performance of PSA key generation with ECC keys: it no longer
- computes the public key (which was immediately discarded). Fixes #9732.
diff --git a/ChangeLog.d/mbedtls_psa_register_se_key.txt b/ChangeLog.d/mbedtls_psa_register_se_key.txt
deleted file mode 100644
index 2fc2751..0000000
--- a/ChangeLog.d/mbedtls_psa_register_se_key.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Document and enforce the limitation of mbedtls_psa_register_se_key()
- to persistent keys. Resolves #9253.
diff --git a/ChangeLog.d/mbedtls_psa_rsa_load_representation-memory_leak.txt b/ChangeLog.d/mbedtls_psa_rsa_load_representation-memory_leak.txt
deleted file mode 100644
index dba25af..0000000
--- a/ChangeLog.d/mbedtls_psa_rsa_load_representation-memory_leak.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix a memory leak that could occur when failing to process an RSA
- key through some PSA functions due to low memory conditions.
diff --git a/ChangeLog.d/mbedtls_ssl_conf_alpn_protocols.txt b/ChangeLog.d/mbedtls_ssl_conf_alpn_protocols.txt
new file mode 100644
index 0000000..0e396bb
--- /dev/null
+++ b/ChangeLog.d/mbedtls_ssl_conf_alpn_protocols.txt
@@ -0,0 +1,4 @@
+API changes
+ * The list passed to mbedtls_ssl_conf_alpn_protocols() is now declared
+ as having const elements, reflecting the fact that the library will
+ not modify it
diff --git a/ChangeLog.d/mbedtls_ssl_set_hostname.txt b/ChangeLog.d/mbedtls_ssl_set_hostname.txt
deleted file mode 100644
index 250a5ba..0000000
--- a/ChangeLog.d/mbedtls_ssl_set_hostname.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-Default behavior changes
- * In TLS clients, if mbedtls_ssl_set_hostname() has not been called,
- mbedtls_ssl_handshake() now fails with
- MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
- if certificate-based authentication of the server is attempted.
- This is because authenticating a server without knowing what name
- to expect is usually insecure.
-
-Security
- * Note that TLS clients should generally call mbedtls_ssl_set_hostname()
- if they use certificate authentication (i.e. not pre-shared keys).
- Otherwise, in many scenarios, the server could be impersonated.
- The library will now prevent the handshake and return
- MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
- if mbedtls_ssl_set_hostname() has not been called.
- Reported by Daniel Stenberg.
diff --git a/ChangeLog.d/pk-norsa-warning.txt b/ChangeLog.d/pk-norsa-warning.txt
deleted file mode 100644
index d00aa8a..0000000
--- a/ChangeLog.d/pk-norsa-warning.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
- * Fix a compilation warning in pk.c when PSA is enabled and RSA is disabled.
diff --git a/ChangeLog.d/psa-always-on.txt b/ChangeLog.d/psa-always-on.txt
deleted file mode 100644
index 45f4d9b..0000000
--- a/ChangeLog.d/psa-always-on.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-Default behavior changes
- * The PK, X.509, PKCS7 and TLS modules now always use the PSA subsystem
- to perform cryptographic operations, with a few exceptions documented
- in docs/architecture/psa-migration/psa-limitations.md. This
- corresponds to the behavior of Mbed TLS 3.x when
- MBEDTLS_USE_PSA_CRYPTO is enabled. In effect, MBEDTLS_USE_PSA_CRYPTO
- is now always enabled.
- * psa_crypto_init() must be called before performing any cryptographic
- operation, including indirect requests such as parsing a key or
- certificate or starting a TLS handshake.
diff --git a/ChangeLog.d/psa-crypto-config-always-on.txt b/ChangeLog.d/psa-crypto-config-always-on.txt
deleted file mode 100644
index d255f8c..0000000
--- a/ChangeLog.d/psa-crypto-config-always-on.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-Default behavior changes
- * The `PSA_WANT_XXX` symbols as defined in
- tf-psa-crypto/include/psa/crypto_config.h are now always used in the
- configuration of the cryptographic mechanisms exposed by the PSA API.
- This corresponds to the configuration behavior of Mbed TLS 3.x when
- MBEDTLS_PSA_CRYPTO_CONFIG is enabled. In effect, MBEDTLS_PSA_CRYPTO_CONFIG
- is now always enabled and the configuration option has been removed.
diff --git a/ChangeLog.d/psa_cipher_decrypt-ccm_star-iv_length_enforcement.txt b/ChangeLog.d/psa_cipher_decrypt-ccm_star-iv_length_enforcement.txt
deleted file mode 100644
index 39e03b9..0000000
--- a/ChangeLog.d/psa_cipher_decrypt-ccm_star-iv_length_enforcement.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix psa_cipher_decrypt() with CCM* rejecting messages less than 3 bytes
- long. Credit to Cryptofuzz. Fixes #9314.
diff --git a/ChangeLog.d/psa_generate_key_custom.txt b/ChangeLog.d/psa_generate_key_custom.txt
deleted file mode 100644
index 3fc1bd7..0000000
--- a/ChangeLog.d/psa_generate_key_custom.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-API changes
- * The experimental functions psa_generate_key_ext() and
- psa_key_derivation_output_key_ext() have been replaced by
- psa_generate_key_custom() and psa_key_derivation_output_key_custom().
- They have almost exactly the same interface, but the variable-length
- data is passed in a separate parameter instead of a flexible array
- member. This resolves a build failure under C++ compilers that do not
- support flexible array members (a C99 feature not adopted by C++).
- Fixes #9020.
diff --git a/ChangeLog.d/psa_util-bits-0.txt b/ChangeLog.d/psa_util-bits-0.txt
deleted file mode 100644
index 9aa70ad..0000000
--- a/ChangeLog.d/psa_util-bits-0.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix undefined behavior in some cases when mbedtls_psa_raw_to_der() or
- mbedtls_psa_der_to_raw() is called with bits=0.
diff --git a/ChangeLog.d/psa_util_in_builds_without_psa.txt b/ChangeLog.d/psa_util_in_builds_without_psa.txt
deleted file mode 100644
index 7c0866d..0000000
--- a/ChangeLog.d/psa_util_in_builds_without_psa.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * When MBEDTLS_PSA_CRYPTO_C was disabled and MBEDTLS_ECDSA_C enabled,
- some code was defining 0-size arrays, resulting in compilation errors.
- Fixed by disabling the offending code in configurations without PSA
- Crypto, where it never worked. Fixes #9311.
diff --git a/ChangeLog.d/removal-of-rng.txt b/ChangeLog.d/removal-of-rng.txt
deleted file mode 100644
index a8a19f4..0000000
--- a/ChangeLog.d/removal-of-rng.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-API changes
- * All API functions now use the PSA random generator psa_get_random()
- internally. As a consequence, functions no longer take RNG parameters.
- Please refer to the migration guide at :
- tf-psa-crypto/docs/4.0-migration-guide.md.
diff --git a/ChangeLog.d/remove-crypto-alt-interface.txt b/ChangeLog.d/remove-crypto-alt-interface.txt
deleted file mode 100644
index f9ab4c2..0000000
--- a/ChangeLog.d/remove-crypto-alt-interface.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Removals
- * Drop support for crypto alt interface. Removes MBEDTLS_XXX_ALT options
- at the module and function level for crypto mechanisms only. The remaining
- alt interfaces for platform, threading and timing are unchanged.
- Fixes #8149.
diff --git a/ChangeLog.d/remove-via-padlock-support.txt b/ChangeLog.d/remove-via-padlock-support.txt
deleted file mode 100644
index a3f4b96..0000000
--- a/ChangeLog.d/remove-via-padlock-support.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Removals
- * Drop support for VIA Padlock. Removes MBEDTLS_PADLOCK_C.
- Fixes #5903.
diff --git a/ChangeLog.d/remove_RSA_key_exchange.txt b/ChangeLog.d/remove_RSA_key_exchange.txt
deleted file mode 100644
index f9baaf1..0000000
--- a/ChangeLog.d/remove_RSA_key_exchange.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Removals
- * Remove support for the RSA key exchange in TLS 1.2.
diff --git a/ChangeLog.d/replace-close-with-mbedtls_net_close.txt b/ChangeLog.d/replace-close-with-mbedtls_net_close.txt
deleted file mode 100644
index 213cf55..0000000
--- a/ChangeLog.d/replace-close-with-mbedtls_net_close.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Use 'mbedtls_net_close' instead of 'close' in 'mbedtls_net_bind'
- and 'mbedtls_net_connect' to prevent possible double close fd
- problems. Fixes #9711.
diff --git a/ChangeLog.d/repo-split.txt b/ChangeLog.d/repo-split.txt
deleted file mode 100644
index f03b5ed..0000000
--- a/ChangeLog.d/repo-split.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Changes
- * Move the crypto part of the library (content of tf-psa-crypto directory)
- from the Mbed TLS to the TF-PSA-Crypto repository. The crypto code and
- tests development will now occur in TF-PSA-Crypto, which Mbed TLS
- references as a Git submodule.
diff --git a/ChangeLog.d/rm-ssl-conf-curves.txt b/ChangeLog.d/rm-ssl-conf-curves.txt
deleted file mode 100644
index 4b29adc..0000000
--- a/ChangeLog.d/rm-ssl-conf-curves.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Removals
- * Remove the function mbedtls_ssl_conf_curves() which had been deprecated
- in favour of mbedtls_ssl_conf_groups() since Mbed TLS 3.1.
-
diff --git a/ChangeLog.d/split-numeric-string-conversions-out-of-the-oid-module.txt b/ChangeLog.d/split-numeric-string-conversions-out-of-the-oid-module.txt
deleted file mode 100644
index 938e9ec..0000000
--- a/ChangeLog.d/split-numeric-string-conversions-out-of-the-oid-module.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Changes
- * Functions regarding numeric string conversions for OIDs have been moved
- from the OID module and now reside in X.509 module. This helps to reduce
- the code size as these functions are not commonly used outside of X.509.
diff --git a/ChangeLog.d/tls-hs-defrag-in.txt b/ChangeLog.d/tls-hs-defrag-in.txt
deleted file mode 100644
index 6bab02a..0000000
--- a/ChangeLog.d/tls-hs-defrag-in.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-Bugfix
- * Support re-assembly of fragmented handshake messages in TLS (both
- 1.2 and 1.3). The lack of support was causing handshake failures with
- some servers, especially with TLS 1.3 in practice. There are a few
- limitations, notably a fragmented ClientHello is only supported when
- TLS 1.3 support is enabled. See the documentation of
- mbedtls_ssl_handshake() for details.
diff --git a/ChangeLog.d/tls-key-exchange-rsa.txt b/ChangeLog.d/tls-key-exchange-rsa.txt
deleted file mode 100644
index 4df6b3e..0000000
--- a/ChangeLog.d/tls-key-exchange-rsa.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Removals
- * Remove support for the RSA-PSK key exchange in TLS 1.2.
diff --git a/ChangeLog.d/tls12-check-finished-calc.txt b/ChangeLog.d/tls12-check-finished-calc.txt
deleted file mode 100644
index cd52d32..0000000
--- a/ChangeLog.d/tls12-check-finished-calc.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Security
- * Fix a vulnerability in the TLS 1.2 handshake. If memory allocation failed
- or there was a cryptographic hardware failure when calculating the
- Finished message, it could be calculated incorrectly. This would break
- the security guarantees of the TLS handshake.
- CVE-2025-27810
diff --git a/ChangeLog.d/tls13-cert-regressions.txt b/ChangeLog.d/tls13-cert-regressions.txt
deleted file mode 100644
index 8dd8a32..0000000
--- a/ChangeLog.d/tls13-cert-regressions.txt
+++ /dev/null
@@ -1,18 +0,0 @@
-Bugfix
- * Fixed a regression introduced in 3.6.0 where the CA callback set with
- mbedtls_ssl_conf_ca_cb() would stop working when connections were
- upgraded to TLS 1.3. Fixed by adding support for the CA callback with TLS
- 1.3.
- * Fixed a regression introduced in 3.6.0 where clients that relied on
- optional/none authentication mode, by calling mbedtls_ssl_conf_authmode()
- with MBEDTLS_SSL_VERIFY_OPTIONAL or MBEDTLS_SSL_VERIFY_NONE, would stop
- working when connections were upgraded to TLS 1.3. Fixed by adding
- support for optional/none with TLS 1.3 as well. Note that the TLS 1.3
- standard makes server authentication mandatory; users are advised not to
- use authmode none, and to carefully check the results when using optional
- mode.
- * Fixed a regression introduced in 3.6.0 where context-specific certificate
- verify callbacks, set with mbedtls_ssl_set_verify() as opposed to
- mbedtls_ssl_conf_verify(), would stop working when connections were
- upgraded to TLS 1.3. Fixed by adding support for context-specific verify
- callback in TLS 1.3.
diff --git a/ChangeLog.d/tls13-middlebox-compat-disabled.txt b/ChangeLog.d/tls13-middlebox-compat-disabled.txt
deleted file mode 100644
index f5331bc..0000000
--- a/ChangeLog.d/tls13-middlebox-compat-disabled.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * When MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE is disabled, work with
- peers that have middlebox compatibility enabled, as long as no
- problematic middlebox is in the way. Fixes #9551.
diff --git a/ChangeLog.d/tls13-without-tickets.txt b/ChangeLog.d/tls13-without-tickets.txt
deleted file mode 100644
index 8ceef21..0000000
--- a/ChangeLog.d/tls13-without-tickets.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix TLS 1.3 client build and runtime when support for session tickets is
- disabled (MBEDTLS_SSL_SESSION_TICKETS configuration option). Fixes #6395.
diff --git a/configs/crypto-config-suite-b.h b/configs/crypto-config-suite-b.h
index 3fec3d0..dd304c1 100644
--- a/configs/crypto-config-suite-b.h
+++ b/configs/crypto-config-suite-b.h
@@ -49,7 +49,6 @@
#define MBEDTLS_ASN1_WRITE_C
#define MBEDTLS_CTR_DRBG_C
#define MBEDTLS_ENTROPY_C
-#define MBEDTLS_OID_C
#define MBEDTLS_PK_C
#define MBEDTLS_PK_PARSE_C
diff --git a/configs/crypto-config-thread.h b/configs/crypto-config-thread.h
index f71b1f0..18206e1 100644
--- a/configs/crypto-config-thread.h
+++ b/configs/crypto-config-thread.h
@@ -58,7 +58,6 @@
#define MBEDTLS_ENTROPY_C
#define MBEDTLS_HMAC_DRBG_C
#define MBEDTLS_MD_C
-#define MBEDTLS_OID_C
#define MBEDTLS_PK_C
#define MBEDTLS_PK_PARSE_C
diff --git a/docs/4.0-migration-guide/deprecated-removals.md b/docs/4.0-migration-guide/deprecated-removals.md
new file mode 100644
index 0000000..e74b1ad
--- /dev/null
+++ b/docs/4.0-migration-guide/deprecated-removals.md
@@ -0,0 +1,14 @@
+## Removal of deprecated functions
+
+### Removal of deprecated X.509 functions
+
+The deprecated function `mbedtls_x509write_crt_set_serial()` has been removed. The function was superseded by `mbedtls_x509write_crt_set_serial_raw()`.
+
+### Removal of deprecated SSL functions
+
+The deprecated function `mbedtls_ssl_conf_curves()` has been removed.
+The function was superseded by `mbedtls_ssl_conf_groups()`.
+
+### Removal of `compat-2.x.h`
+
+The header `compat-2.x.h`, containing some definitions for backward compatibility with Mbed TLS 2.x, has been removed.
diff --git a/docs/4.0-migration-guide/error-codes.md b/docs/4.0-migration-guide/error-codes.md
new file mode 100644
index 0000000..074acc0
--- /dev/null
+++ b/docs/4.0-migration-guide/error-codes.md
@@ -0,0 +1,28 @@
+## Error codes
+
+### Unified error code space
+
+The convention still applies that functions return 0 for success and a negative value between -32767 and -1 on error. PSA functions (`psa_xxx()` or `mbedtls_psa_xxx()`) still return a `PSA_ERROR_xxx` error codes. Non-PSA functions (`mbedtls_xxx()` excluding `mbedtls_psa_xxx()`) can return either `PSA_ERROR_xxx` or `MBEDTLS_ERR_xxx` error codes.
+
+There may be cases where an `MBEDTLS_ERR_xxx` constant has the same numerical value as a `PSA_ERROR_xxx`. In such cases, they have the same meaning: they are different names for the same error condition.
+
+### Simplified legacy error codes
+
+All values returned by a function to indicate an error now have a defined constant named `MBEDTLS_ERR_xxx` or `PSA_ERROR_xxx`. Functions no longer return the sum of a “low-level” and a “high-level” error code.
+
+Generally, functions that used to return the sum of two error codes now return the low-level code. However, as before, the exact error code returned in a given scenario can change without notice unless the condition is specifically described in the function's documentation and no other condition is applicable.
+
+As a consequence, the functions `mbedtls_low_level_strerr()` and `mbedtls_high_level_strerr()` no longer exist.
+
+### Removed error code names
+
+Many legacy error codes have been removed in favor of PSA error codes. Generally, functions that returned a legacy error code in the table below in Mbed TLS 3.6 now return the PSA error code listed on the same row. Similarly, callbacks should apply the same changes to error code, unless there has been a relevant change to the callback's interface.
+
+| Legacy constant (Mbed TLS 3.6) | PSA constant (Mbed TLS 4.0) |
+| ------------------------------ | --------------------------- |
+| `MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED` | `PSA_ERROR_CORRUPTION_DETECTED` |
+| `MBEDTLS_ERR_ERROR_GENERIC_ERROR` | `PSA_ERROR_GENERIC_ERROR` |
+| `MBEDTLS_ERR_OID_BUF_TOO_SMALL` | `PSA_ERROR_BUFFER_TOO_SMALL`
+| `MBEDTLS_ERR_OID_NOT_FOUND` | `PSA_ERROR_NOT_SUPPORTED` |
+
+See also the corresponding section in the TF-PSA-Crypto migration guide, which lists error codes from cryptography modules.
diff --git a/docs/4.0-migration-guide/feature-removals.md b/docs/4.0-migration-guide/feature-removals.md
new file mode 100644
index 0000000..ae611a1
--- /dev/null
+++ b/docs/4.0-migration-guide/feature-removals.md
@@ -0,0 +1,111 @@
+## Removed features
+
+### Removal of obsolete key exchanges methods in (D)TLS 1.2
+
+Mbed TLS 4.0 no longer supports key exchange methods that rely on finite-field Diffie-Hellman (DHE) in TLS 1.2 and DTLS 1.2. (Only ephemeral Diffie-Hellman was ever supported, Mbed TLS 3.x already did not support static Diffie-Hellman.) Finite-field Diffie-Hellman remains supported in TLS 1.3.
+
+Mbed TLS 4.0 no longer supports key exchange methods that rely on RSA decryption (without forward secrecy). RSA signatures remain supported. This affects TLS 1.2 and DTLS 1.2 (TLS 1.3 does not have key exchanges using RSA decryption).
+
+That is, the following key exchange types are no longer supported:
+
+* RSA-PSK;
+* RSA (i.e. cipher suites using only RSA decryption: cipher suites using RSA signatures remain supported);
+* DHE-PSK (except in TLS 1.3);
+* DHE-RSA (except in TLS 1.3).
+
+The full list of removed cipher suites is:
+
+```
+TLS-DHE-PSK-WITH-AES-128-CBC-SHA
+TLS-DHE-PSK-WITH-AES-128-CBC-SHA256
+TLS-DHE-PSK-WITH-AES-128-CCM
+TLS-DHE-PSK-WITH-AES-128-CCM-8
+TLS-DHE-PSK-WITH-AES-128-GCM-SHA256
+TLS-DHE-PSK-WITH-AES-256-CBC-SHA
+TLS-DHE-PSK-WITH-AES-256-CBC-SHA384
+TLS-DHE-PSK-WITH-AES-256-CCM
+TLS-DHE-PSK-WITH-AES-256-CCM-8
+TLS-DHE-PSK-WITH-AES-256-GCM-SHA384
+TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256
+TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256
+TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384
+TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384
+TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256
+TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256
+TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384
+TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384
+TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256
+TLS-DHE-PSK-WITH-NULL-SHA
+TLS-DHE-PSK-WITH-NULL-SHA256
+TLS-DHE-PSK-WITH-NULL-SHA384
+TLS-DHE-RSA-WITH-AES-128-CBC-SHA
+TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
+TLS-DHE-RSA-WITH-AES-128-CCM
+TLS-DHE-RSA-WITH-AES-128-CCM-8
+TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
+TLS-DHE-RSA-WITH-AES-256-CBC-SHA
+TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
+TLS-DHE-RSA-WITH-AES-256-CCM
+TLS-DHE-RSA-WITH-AES-256-CCM-8
+TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
+TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
+TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256
+TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
+TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384
+TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
+TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
+TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256
+TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
+TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
+TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384
+TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
+TLS-RSA-PSK-WITH-AES-128-CBC-SHA
+TLS-RSA-PSK-WITH-AES-128-CBC-SHA256
+TLS-RSA-PSK-WITH-AES-128-GCM-SHA256
+TLS-RSA-PSK-WITH-AES-256-CBC-SHA
+TLS-RSA-PSK-WITH-AES-256-CBC-SHA384
+TLS-RSA-PSK-WITH-AES-256-GCM-SHA384
+TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256
+TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256
+TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384
+TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384
+TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256
+TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256
+TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384
+TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384
+TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256
+TLS-RSA-PSK-WITH-NULL-SHA
+TLS-RSA-PSK-WITH-NULL-SHA256
+TLS-RSA-PSK-WITH-NULL-SHA384
+TLS-RSA-WITH-AES-128-CBC-SHA
+TLS-RSA-WITH-AES-128-CBC-SHA256
+TLS-RSA-WITH-AES-128-CCM
+TLS-RSA-WITH-AES-128-CCM-8
+TLS-RSA-WITH-AES-128-GCM-SHA256
+TLS-RSA-WITH-AES-256-CBC-SHA
+TLS-RSA-WITH-AES-256-CBC-SHA256
+TLS-RSA-WITH-AES-256-CCM
+TLS-RSA-WITH-AES-256-CCM-8
+TLS-RSA-WITH-AES-256-GCM-SHA384
+TLS-RSA-WITH-ARIA-128-CBC-SHA256
+TLS-RSA-WITH-ARIA-128-GCM-SHA256
+TLS-RSA-WITH-ARIA-256-CBC-SHA384
+TLS-RSA-WITH-ARIA-256-GCM-SHA384
+TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
+TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
+TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256
+TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
+TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
+TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384
+TLS-RSA-WITH-NULL-MD5
+TLS-RSA-WITH-NULL-SHA
+TLS-RSA-WITH-NULL-SHA256
+```
+
+As a consequence of the removal of support for DHE in (D)TLS 1.2, the following functions are no longer useful and have been removed:
+
+```
+mbedtls_ssl_conf_dh_param_bin()
+mbedtls_ssl_conf_dh_param_ctx()
+mbedtls_ssl_conf_dhm_min_bitlen()
+```
diff --git a/docs/4.0-migration-guide/function-prototype-changes.md b/docs/4.0-migration-guide/function-prototype-changes.md
new file mode 100644
index 0000000..52e37c7
--- /dev/null
+++ b/docs/4.0-migration-guide/function-prototype-changes.md
@@ -0,0 +1,89 @@
+## Function prototype changes
+
+A number of existing functions now take a different list of arguments, mostly to migrate them to the PSA API.
+
+### Public functions no longer take a RNG callback
+
+Functions that need randomness no longer take an RNG callback in the form of `f_rng, p_rng` arguments. Instead, they use the PSA Crypto random generator (accessible as `psa_generate_random()`). All software using the X.509 or SSL modules must call `psa_crypto_init()` before calling any of the functions listed here.
+
+### RNG removal in X.509
+
+The following function prototypes have been changed in `mbedtls/x509_crt.h`:
+
+```c
+int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
+
+int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
+```
+
+to
+
+```c
+int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size);
+
+int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size);
+```
+
+The following function prototypes have been changed in `mbedtls/x509_csr.h`:
+```c
+int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
+
+int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
+```
+
+to
+
+```c
+int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size);
+
+int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size);
+```
+
+### RNG removal in SSL
+
+The following function prototype has been changed in `mbedtls/ssl_cookie.h`:
+
+```c
+int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
+```
+
+to
+
+```c
+int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx);
+```
+
+### Removal of `mbedtls_ssl_conf_rng`
+
+`mbedtls_ssl_conf_rng()` has been removed from the library. Its sole purpose was to configure the RNG used for TLS, but now the PSA Crypto random generator is used throughout the library.
+
+### Changes to mbedtls_ssl_ticket_setup
+
+In the arguments of the function `mbedtls_ssl_ticket_setup()`, the `mbedtls_cipher_type_t` argument specifying the AEAD mechanism for ticket protection has been replaced by an equivalent PSA description consisting of a key type, a size and an algorithm. Also, the function no longer takes RNG arguments.
+
+The prototype in `mbedtls/ssl_ticket.h` has changed from
+
+```c
+int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
+ mbedtls_f_rng_t *f_rng, void *p_rng,
+ mbedtls_cipher_type_t cipher,
+ uint32_t lifetime);
+```
+
+to
+
+```c
+int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
+ psa_algorithm_t alg, psa_key_type_t key_type, psa_key_bits_t key_bits,
+ uint32_t lifetime);
+```
diff --git a/docs/4.0-migration-guide/oid.md b/docs/4.0-migration-guide/oid.md
new file mode 100644
index 0000000..875f062
--- /dev/null
+++ b/docs/4.0-migration-guide/oid.md
@@ -0,0 +1,7 @@
+## OID module
+
+The compilation option `MBEDTLS_OID_C` no longer exists. OID tables are included in the build automatically as needed for parsing and writing X.509 data.
+
+Mbed TLS no longer offers interfaces to look up values by OID or OID by enum values (`mbedtls_oid_get_<thing>()` and `mbedtls_oid_get_oid_by_<thing>()`).
+
+The header `<mbedtls/oid.h>` now only provides functions to convert between binary and dotted string OID representations. These functions are now part of `libmbedx509` rather than the crypto library. The function `mbedtls_oid_get_numeric_string()` is guarded by `MBEDTLS_X509_USE_C`, and `mbedtls_oid_from_numeric_string()` by `MBEDTLS_X509_CREATE_C`. The header also still defines macros for OID strings that are relevant to X.509.
diff --git a/docs/4.0-migration-guide/private-decls.md b/docs/4.0-migration-guide/private-decls.md
new file mode 100644
index 0000000..ff97474
--- /dev/null
+++ b/docs/4.0-migration-guide/private-decls.md
@@ -0,0 +1,33 @@
+## Private declarations
+
+Since Mbed TLS 3.0, some things that are declared in a public header are not part of the stable application programming interface (API), but instead are considered private. Private elements may be removed or may have their semantics changed in a future minor release without notice.
+
+### Understanding private declarations in public headers
+
+In Mbed TLS 4.x, private elements in header files include:
+
+* Anything appearing in a header file whose path contains `/private` (unless re-exported and documented in another non-private header).
+* Structure and union fields declared with `MBEDTLS_PRIVATE(field_name)` in the source code, and appearing as `private_field_name` in the rendered documentation. (This was already the case since Mbed TLS 3.0.)
+* Any preprocessor macro that is not documented with a Doxygen comment.
+ In the source code, Doxygen comments start with `/**` or `/*!`. If a macro only has a comment above that starts with `/*`, the macro is considered private.
+ In the rendered documentation, private macros appear with only an automatically rendered parameter list, value and location, but no custom text.
+* Any declaration that is guarded by the preprocessor macro `MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS`.
+
+### Usage of private declarations
+
+Some private declarations are present in public headers for technical reasons, because they need to be visible to the compiler. Others are present for historical reasons and may be cleaned up in later versions of the library. We strongly recommend against relying on these declarations, since they may be removed or may have their semantics changed without notice.
+
+Note that Mbed TLS 4.0 still relies on some private interfaces of TF-PSA-Crypto 1.0. We expect to remove this reliance gradually in future minor releases.
+
+Sample programs have not been fully updated yet and some of them might still
+use APIs that are no longer public. You can recognize them by the fact that they
+define the macro `MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS` (or
+`MBEDTLS_ALLOW_PRIVATE_ACCESS`) at the very top (before including headers). When
+you see one of these two macros in a sample program, be aware it has not been
+updated and parts of it do not demonstrate current practice.
+
+We strongly recommend against defining `MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS` or
+`MBEDTLS_ALLOW_PRIVATE_ACCESS` in your own application. If you do so, your code
+may not compile or work with future minor releases. If there's something you
+want to do that you feel can only be achieved by using one of these two macros,
+please reach out on github or the mailing list.
diff --git a/docs/4.0-migration-guide/psa-only.md b/docs/4.0-migration-guide/psa-only.md
new file mode 100644
index 0000000..7d7bfee
--- /dev/null
+++ b/docs/4.0-migration-guide/psa-only.md
@@ -0,0 +1,23 @@
+## PSA as the only cryptography API
+
+The PSA API is now the only API for cryptographic primitives.
+
+### Impact on application code
+
+The X.509, PKCS7 and SSL modules always use PSA for cryptography, with a few exceptions documented in the [PSA limitations](../architecture/psa-migration/psa-limitations.md) document. (These limitations are mostly transparent unless you want to leverage PSA accelerator drivers.) This corresponds to the behavior of Mbed TLS 3.x when `MBEDTLS_USE_PSA_CRYPTO` is enabled. In effect, `MBEDTLS_USE_PSA_CRYPTO` is now always enabled.
+
+`psa_crypto_init()` must be called before performing any cryptographic operation, including indirect requests such as parsing a key or certificate or starting a TLS handshake.
+
+A few functions take different parameters to migrate them to the PSA API. See “[Function prototype changes](#function-prototype-changes)”.
+
+### No random generator instantiation
+
+Formerly, applications using TLS, asymmetric cryptography operations involving a private key, or other features needing random numbers, needed to provide a random generator, generally by instantiating an entropy context (`mbedtls_entropy_context`) and a DRBG context (`mbedtls_ctr_drbg_context` or `mbedtls_hmac_drbg_context`). This is no longer necessary, or possible. All features that require a random generator (RNG) now use the one provided by the PSA subsystem.
+
+Instead, applications that use random generators or keys (even public keys) need to call `psa_crypto_init()` before any cryptographic operation or key management operation.
+
+See also [function prototype changes](#function-prototype-changes), many of which are related to the move from RNG callbacks to a global RNG.
+
+### Impact on the library configuration
+
+Mbed TLS follows the configuration of TF-PSA-Crypto with respect to cryptographic mechanisms. They are now based on `PSA_WANT_xxx` macros instead of legacy configuration macros such as `MBEDTLS_RSA_C`, `MBEDTLS_PKCS1_V15`, etc. The configuration of X.509 and TLS is not directly affected by the configuration. However, applications and middleware that rely on these configuration symbols to know which cryptographic mechanisms to support will need to migrate to `PSA_WANT_xxx` macros. For more information, consult the PSA transition guide in TF-PSA-Crypto.
diff --git a/docs/psa-transition.md b/docs/psa-transition.md
deleted file mode 100644
index 0758061..0000000
--- a/docs/psa-transition.md
+++ /dev/null
@@ -1,1318 +0,0 @@
-# Transitioning to the PSA API
-
-> I have code written for `mbedtls_` cryptography APIs. How do I migrate to `psa_` APIs?
-
-## Introduction
-
-Mbed TLS is gradually moving from legacy `mbedtls_xxx` APIs to newer `psa_xxx` APIs for cryptography. Note that this only concerns cryptography APIs, not X.509 or SSL/TLS APIs.
-
-This guide is intended to help migrate existing applications that use Mbed TLS for cryptography. It aims to cover common use cases, but cannot cover all possible scenarios.
-
-### Suggested reading
-
-This document is long, but you probably don't need to read all of it. You should start with the following sections:
-
-1. [Where can I find documentation?](#where-can-i-find-documentation)
-2. [General considerations](#general-considerations)
-
-Then use the [summary of API modules](#summary-of-api-modules), the table of contents or a text search to locate the sections that interest you, based on what legacy interfaces your code is currently using.
-
-### Where can I find documentation?
-
-**Tutorial**: See the [getting started guide](https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/).
-
-**Reference**: The [PSA Crypto API specification](https://arm-software.github.io/psa-api/crypto/) is available online. Mbed TLS implements a large subset of the specification which is documented in the [`psa/crypto*.h` headers](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto_8h/).
-
-### Additional resources
-
-* [Mbed TLS open issues](https://github.com/Mbed-TLS/mbedtls/issues)
-* [PSA API open issues](https://github.com/ARM-software/psa-api/issues) (not just cryptography APIs)
-* [Mbed TLS mailing list](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org/)
-
-### Why change the API?
-
-* Mbed TLS APIs are traditionally very transparent: the caller can access internal fields of operations. This is less true in the 3.x major version than before, but still the case to some extent. This offers applications some flexibility, but it removes flexibility from the implementation. For example, it is hard to support hardware acceleration, because the API constrains how the data must be represented. PSA APIs were designed to be more opaque, giving more freedom to the implementation.
-* Mbed TLS legacy APIs require key material to be present in the application memory. The PSA Crypto API natively supports operations on keys stored in an external [location](https://arm-software.github.io/psa-api/crypto/1.1/api/keys/lifetimes.html#c.psa_key_location_t) (secure enclave, secure element, HSM, etc.).
-* PSA APIs have [consistent conventions](https://arm-software.github.io/psa-api/crypto/1.1/overview/conventions.html#parameter-conventions) which many legacy APIs in Mbed TLS do not follow. For example, many legacy cryptography functions require the caller to know how large an output buffer needs to be based on the selected algorithm, whereas in the PSA API, all buffer arguments have a well-defined size and those sizes are checked.
-* Mbed TLS legacy APIs require passing around a random generator argument where needed. This has historically been problematic with functions that were created without an RNG argument but later needed one as part of a security countermeasure. The PSA crypto subsystem maintains a global random generator, resolving this problem.
-
-### Migration timeline
-
-* Mbed TLS 2.15.0 (Nov 2018): first release with a draft implementation of the PSA API.
-* Mbed TLS 2.18.0 (Jun 2019): The PSA API is available in the default build.
-* Mbed TLS 3.1.0 (Dec 2021): TLS 1.3 support is the first major feature that requires the PSA API.
-* Mbed TLS 4.0.0 (2024?): X.509 and TLS require the PSA API. Removal of some legacy crypto APIs.
-* Mbed TLS 5.0.0 (??): Removal of the remaining non-PSA crypto APIs.
-
-## General considerations
-
-### Configuration of the PSA subsystem
-
-To make the PSA API available, make sure that the configuration option [`MBEDTLS_PSA_CRYPTO_C`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#c.MBEDTLS_PSA_CRYPTO_C) is enabled. (It is enabled in the default configuration.)
-
-By default, the PSA crypto API offers a similar set of cryptographic mechanisms as those offered by the legacy API (configured by `MBEDTLS_XXX` macros). The PSA crypto API also has its own configuration mechanism; see “[Cryptographic mechanism availability](#cryptographic-mechanism-availability)”.
-
-### Header files
-
-Applications only need to include a single header file:
-```
-#include <psa/crypto.h>
-```
-
-### General application layout
-
-Before any cryptographic operation, call [`psa_crypto_init`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__initialization/#group__initialization_1ga2de150803fc2f7dc6101d5af7e921dd9) and check that it succeeds. (A failure indicates an abnormal system state from which most applications cannot recover.)
-
-If you wish to free all resources associated with PSA cryptography, call [`mbedtls_psa_crypto_free`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#_CPPv423mbedtls_psa_crypto_freev).
-
-The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually (no need to create an `mbedtls_entropy_context` and an `mbedtls_xxx_drbg_context`).
-
-### Error codes
-
-Mbed TLS functions return a status of type `int`: 0 for success (or occasionally a positive value which is the output length), or a negative value `MBEDTLS_ERR_xxx` indicating an error.
-
-PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/#group__error_1ga05676e70ba5c6a7565aff3c36677c1f9): `PSA_SUCCESS == 0` for success, or a negative value [`PSA_ERROR_xxx`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/) indicating an error.
-
-### Memory management
-
-Apart from keys, as described in “[Key management](#key-management)” below, APIs that need to preserve state between function calls store this state in a structure allocated by the calling code. For example, multipart operations store state in a multipart operation object.
-
-All PSA operation objects must be zero-initialized (or equivalently, initialized with the provided `PSA_XXX_INIT` macro or `psa_xxx_init()` function) before calling any API function.
-
-Functions that output data require an output buffer of sufficient size. For all PSA crypto API functions that have an output buffer, there is a corresponding macro, generally called `PSA_XXX_OUTPUT_SIZE`, that calculates a sufficient size for the output buffer, given the relevant parameters. In some cases, there may be macros with less precision which can be resolved at compile time. For example, for the size of a buffer containing a hash, you can use `PSA_HASH_LENGTH(hash_alg)` where `hash_alg` is a specific hash algorithm, or `PSA_HASH_MAX_SIZE` for a buffer that is long enough for any supported hash. See the relevant sections of this document and of the reference documentation for more details.
-
-#### Key management
-
-One of the major differences between the legacy API and the PSA API is that in the PSA API, access to keys is indirect. Operations that require a key take a parameter of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t), which is an identifier for the key. This allows the API to be used with keys that are not directly accessible to the application, for example because they are stored in a secure environment that does not allow the key material to be exported.
-
-To use a key:
-
-1. First create a key object with a key creation function. The two most common ones are [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) if you have the key material available and [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) to create a random key. The key creation function has the key identifier as an output parameter.
-2. Use the key as desired, passing the key identifier obtained during the key creation.
-3. Finally destroy the key object with [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2).
-
-See “[Cipher key management](#cipher-key-management)”, “[MAC key management](#mac-key-management)”, “[Key lifecycle for asymmetric cryptography](#key-lifecycle-for-asymmetric-cryptography)”, “[Creating keys for asymmetric cryptography](#creating-keys-for-asymmetric-cryptography)” and “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)” for more details about key management in specific workflows, including information about choosing the key's attributes.
-
-If you need access to the key material, call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf). If you need the public key corresponding to a key pair object, call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062).
-
-Note that a key consumes a key store entry, which is distinct from heap memory, until it is destroyed or the application exits. (This is not true for persistent keys, which instead consume disk space. Since persistent keys have no analog in the legacy API, we will not discuss them further in this document.)
-
-## Summary of API modules
-
-| Header | Function prefix | PSA equivalent |
-| ------ | --------------- | -------------- |
-| `aes.h` | `mbedtls_aes_` | [Symmetric encryption](#symmetric-encryption) |
-| `aria.h` | `mbedtls_aria_` | [Symmetric encryption](#symmetric-encryption) |
-| `asn1.h` | `mbedtls_asn1_` | No change ([PK support interface](#pk-format-support-interfaces)) |
-| `asn1write.h` | `mbedtls_asn1_write_` | No change ([PK support interface](#pk-format-support-interfaces)) |
-| `base64.h` | `mbedtls_base64_` | No change ([PK support interface](#pk-format-support-interfaces)) |
-| `bignum.h` | `mbedtls_mpi_` | None (no low-level arithmetic) |
-| `build_info.h` | `MBEDTLS_` | No change (not a crypto API) |
-| `camellia.h` | `mbedtls_camellia_` | [Symmetric encryption](#symmetric-encryption) |
-| `ccm.h` | `mbedtls_ccm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) |
-| `chacha20.h` | `mbedtls_chacha20_` | [Symmetric encryption](#symmetric-encryption) |
-| `chachapoly.h` | `mbedtls_chachapoly_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) |
-| `check_config.h` | N/A | No public APIs (internal support header) |
-| `cipher.h` | `mbedtls_cipher_` | [Symmetric encryption](#symmetric-encryption) |
-| `cmac.h` | `mbedtls_cipher_cmac_` | [Hashes and MAC](#hashes-and-mac), [MAC calculation](#mac-calculation) |
-| `compat-2.x.h` | various | None (transitional APIs) |
-| `config_psa.h` | N/A | No public APIs (internal support header) |
-| `constant_time.h` | `mbedtls_ct_` | [Constant-time functions](#constant-time-functions) |
-| `ctr_drbg.h` | `mbedtls_ctr_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) |
-| `debug.h` | `mbedtls_debug_` | No change (not a crypto API) |
-| `des.h` | `mbedtls_des_` | [Symmetric encryption](#symmetric-encryption) |
-| `dhm.h` | `mbedtls_dhm_` | [Asymmetric cryptography](#asymmetric-cryptography) |
-| `ecdh.h` | `mbedtls_ecdh_` | [Asymmetric cryptography](#asymmetric-cryptography) |
-| `ecdsa.h` | `mbedtls_ecdsa_` | [Asymmetric cryptography](#asymmetric-cryptography) |
-| `ecjpake.h` | `mbedtls_ecjpake_` | [EC-JPAKE](#ec-jpake) |
-| `ecp.h` | `mbedtls_ecp_` | [Asymmetric cryptography](#asymmetric-cryptography) |
-| `entropy.h` | `mbedtls_entropy_` | [Random generation interface](#random-generation-interface), [Entropy sources](#entropy-sources) |
-| `error.h` | `mbedtls_*err*` | [Error messages](#error-messages) |
-| `gcm.h` | `mbedtls_gcm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) |
-| `hkdf.h` | `mbedtls_hkdf_` | [HKDF](#hkdf) |
-| `hmac_drbg.h` | `mbedtls_hmac_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) |
-| `lms.h` | `mbedtls_lms_` | No change ([LMS signatures](#lms-signatures)) |
-| `mbedtls_config.h` | `MBEDTLS_` | [Compile-time configuration](#compile-time-configuration) |
-| `md.h` | `mbedtls_md_` | [Hashes and MAC](#hashes-and-mac) |
-| `md5.h` | `mbedtls_md5_` | [Hashes and MAC](#hashes-and-mac) |
-| `memory_buffer_alloc.h` | `mbedtls_memory_buffer_alloc_` | No change (not a crypto API) |
-| `net_sockets.h` | `mbedtls_net_` | No change (not a crypto API) |
-| `nist_kw.h` | `mbedtls_nist_kw_` | Migration path not yet defined |
-| `oid.h` | `mbedtls_oid_` | No change ([PK support interface](#pk-format-support-interfaces)) |
-| `pem.h` | `mbedtls_pem_` | No change ([PK support interface](#pk-format-support-interfaces)) |
-| `pk.h` | `mbedtls_pk_` | [Asymmetric cryptography](#asymmetric-cryptography) |
-| `pkcs5.h` | `mbedtls_pkcs5_` | [PKCS#5 module](#pkcs5-module) |
-| `pkcs7.h` | `mbedtls_pkcs7_` | No change (not a crypto API) |
-| `pkcs12.h` | `mbedtls_pkcs12_` | [PKCS#12 module](#pkcs12-module) |
-| `platform.h` | `mbedtls_platform_` | No change (not a crypto API) |
-| `platform_time.h` | `mbedtls_*time*` | No change (not a crypto API) |
-| `platform_util.h` | `mbedtls_platform_` | No change (not a crypto API) |
-| `poly1305.h` | `mbedtls_poly1305_` | None (but there is Chacha20-Poly1305 [AEAD](#symmetric-encryption)) |
-| `private_access.h` | N/A | No public APIs (internal support header) |
-| `psa_util.h` | N/A | No public APIs (internal support header) |
-| `ripemd160.h` | `mbedtls_ripemd160_` | [Hashes and MAC](#hashes-and-mac) |
-| `rsa.h` | `mbedtls_rsa_` | [Asymmetric cryptography](#asymmetric-cryptography) |
-| `sha1.h` | `mbedtls_sha1_` | [Hashes and MAC](#hashes-and-mac) |
-| `sha3.h` | `mbedtls_sha3_` | [Hashes and MAC](#hashes-and-mac) |
-| `sha256.h` | `mbedtls_sha256_` | [Hashes and MAC](#hashes-and-mac) |
-| `sha512.h` | `mbedtls_sha512_` | [Hashes and MAC](#hashes-and-mac) |
-| `ssl.h` | `mbedtls_ssl_` | No change (not a crypto API) |
-| `ssl_cache.h` | `mbedtls_ssl_cache_` | No change (not a crypto API) |
-| `ssl_ciphersuites.h` | `mbedtls_ssl_ciphersuite_` | No change (not a crypto API) |
-| `ssl_cookie.h` | `mbedtls_ssl_cookie_` | No change (not a crypto API) |
-| `ssl_ticket.h` | `mbedtls_ssl_ticket_` | No change (not a crypto API) |
-| `threading.h` | `mbedtls_threading_` | No change (not a crypto API) |
-| `timing.h` | `mbedtls_timing_` | No change (not a crypto API) |
-| `version.h` | `mbedtls_version_` | No change (not a crypto API) |
-| `x509.h` | `mbedtls_x509` | No change (not a crypto API) |
-| `x509_crl.h` | `mbedtls_x509` | No change (not a crypto API) |
-| `x509_crt.h` | `mbedtls_x509` | No change (not a crypto API) |
-| `x509_csr.h` | `mbedtls_x509` | No change (not a crypto API) |
-
-## Compile-time configuration
-
-### Cryptographic mechanism availability
-
-The cryptographic mechanisms available through the PSA API are determined by the contents of the header file `"psa/crypto_config.h"`. You can override the file location with the macro [`MBEDTLS_PSA_CRYPTO_CONFIG_FILE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a25f7e358caa101570cb9519705c2b873), and you can set [`MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1abd1870cc0d2681183a3018a7247cb137) to the path of an additional file (similar to `MBEDTLS_CONFIG_FILE` and `MBEDTLS_USER_CONFIG_FILE` for legacy configuration symbols).
-
-The availability of cryptographic mechanisms in the PSA API is based on a systematic pattern:
-
-* To make `PSA_ALG_aaa` available, enable `PSA_WANT_ALG_aaa`.
- For parametrized algorithms, there is a `PSA_WANT_` symbol both for the main macro and for each argument. For example, to make `PSA_ALG_HMAC(PSA_ALG_SHA_256)` available, enable both `PSA_WANT_ALG_HMAC` and `PSA_WANT_ALG_SHA_256`.
-
-* To make `PSA_KEY_TYPE_ttt` available, enable `PSA_WANT_KEY_TYPE_ttt`.
-
- As an exception, starting in Mbed TLS 3.5.0, for key pair types, the feature selection is more fine-grained, with an additional suffix:
- * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` enables basic support for the key type, and in particular support for operations with a key of that type for enabled algorithms. This is automatically enabled if any of the other `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy` options are enabled.
- * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_IMPORT` enables support for `psa_import_key` to import a key of that type.
- * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_GENERATE` enables support for `psa_generate_key` to randomly generate a key of that type.
- * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_DERIVE` enables support for `psa_key_derivation_output_key` to deterministically derive a key of that type.
- * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_EXPORT` enables support for `psa_export_key` to export a key of that type.
-
- Enabling any support for a key pair type automatically enables support for the corresponding public key type, as well as support for `psa_export_public_key` on the private key.
-
-* To make `PSA_ECC_FAMILY_fff` available for size sss, enable `PSA_WANT_ECC_fff_sss`.
-
-Note that all `PSA_WANT_xxx` symbols must be set to a non-zero value. In particular, setting `PSA_WANT_xxx` to an empty value may not be handled consistently.
-
-For example, the following configuration enables hashing with SHA-256, AEAD with AES-GCM, signature with deterministic ECDSA using SHA-256 on the curve secp256r1 using a randomly generated key as well as the corresponding verification, and ECDH key exchange on secp256r1 and Curve25519.
-
-```
-#define PSA_WANT_ALG_SHA_256 1
-
-#define PSA_WANT_KEY_TYPE_AES 1
-#define PSA_WANT_ALG_GCM 1
-
-#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
-// ^^ In Mbed TLS <= 3.4, enable PSA_WANT_KEY_TYPE_ECC_KEY_PAIR instead
-// ^^ implicitly enables PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
-#define PSA_WANT_ECC_SECP_R1_256 1 // secp256r1 (suitable for ECDSA and ECDH)
-#define PSA_WANT_ECC_MONTGOMERY_255 1 // Curve25519 (suitable for ECDH)
-#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
-#define PSA_WANT_ALG_ECDH
-```
-
-If a mechanism is not enabled by `PSA_WANT_xxx`, Mbed TLS will normally not include it. This allows builds that use few features to have a small code size. However, this is not guaranteed: a mechanism that is not explicitly requested can be enabled because it is a dependency of another configuration option, because it is used internally, or because the granularity is not fine enough to distinguish between it and another mechanism that is requested.
-
-Under the hood, `PSA_WANT_xxx` enables the necessary legacy modules. Note that if a mechanism has a PSA accelerator driver, the corresponding legacy module is typically not needed. Thus applications that use a cryptographic mechanism both through the legacy API and through the PSA API need to explicitly enable both the `PSA_WANT_xxx` symbols and the `MBEDTLS_xxx` symbols.
-
-### Optimization options
-
-When PSA Crypto mechanisms are implemented by the built-in code from Mbed TLS, the legacy optimization options (e.g. `MBEDTLS_SHA256_SMALLER`, `MBEDTLS_ECP_WINDOW_SIZE`, etc.) apply to the PSA implementation as well (they invoke the same code under the hood).
-
-The PSA Crypto API may use accelerator drivers. In this case any options controlling the driver behavior are driver-specific.
-
-### Alternative implementations (`MBEDTLS_xxx_ALT` options)
-
-In the Mbed TLS legacy interface, you can replace some cryptographic primitives and modes by an alternative implementation, by enabling configuration options of the form `MBEDTLS_xxx_ALT` and linking with your own implementation of the affected function or module. Alternative implementations remain supported in Mbed TLS 3.x even if the application code uses the PSA API. However, they will be removed from the next version of the library.
-
-The corresponding PSA feature is accelerator drivers. To implement an accelerator driver, see the [PSA cryptoprocessor driver example and guide](https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/development/docs/psa-driver-example-and-guide.md). In an application that uses both the legacy interface and the PSA interface for the same mechanism, only some algorithms support calling a PSA driver from the legacy interface. See the [Guide to driver-only builds](https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/development/docs/driver-only-builds.md) for more information.
-
-### Self-tests
-
-There is currently [no PSA equivalent to the self-tests](https://github.com/Mbed-TLS/mbedtls/issues/7781) enabled by `MBEDTLS_SELF_TEST`.
-
-## Miscellaneous support modules
-
-### Error messages
-
-At the time of writing, there is no equivalent to the error messages provided by `mbedtls_strerror`. However, you can use the companion program `programs/psa/psa_constant_names` to convert various numbers (`psa_status_t`, `psa_algorithm_t`, `psa_key_type_t`, `psa_ecc_family_t`, `psa_dh_family_t`, `psa_key_usage_t`) to a programmer-friendly representation. The conversion doesn't depend on the library configuration or the target platform, so you can use a native build of this program even if you cross-compile your application.
-
-```
-$ programs/psa/psa_constant_names error -138
-PSA_ERROR_BUFFER_TOO_SMALL
-$ programs/psa/psa_constant_names type 0x7112
-PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)
-$ programs/psa/psa_constant_names alg 0x06000609
-PSA_ALG_ECDSA(PSA_ALG_SHA_256)
-```
-
-The other functions in `error.h` are specific to the construction of Mbed TLS error code and are not relevant to the PSA API. PSA error codes are never the combination of multiple codes.
-
-### Constant-time functions
-
-The PSA API does not have an equivalent to the timing-side-channel-resistance utility functions in `constant_time.h`. Continue using `constant_time.h` as needed.
-
-Note that the PSA API does include features that reduce the need for `mbedtls_ct_memcmp`:
-
-* To compare a MAC with a reference value, use `psa_mac_verify` rather than `psa_mac_compute` followed by `mbedtls_ct_memcmp`, or use `psa_mac_verify_setup` and `psa_mac_verify_finish` in the multi-part case. See “[MAC calculation](#mac-calculation)”.
-* The AEAD decryption functions take care of verifying the tag. See “[Authenticated cipher operations](#authenticated-cipher-operations)”.
-
-## Symmetric encryption
-
-All PSA APIs have algorithm agility, where the functions depend only on the nature of the operation and the choice of a specific algorithm comes from an argument. There is no special API for a particular block cipher (`aes.h`, `aria.h`, `camellia.h`, `des.h`), a particular block cipher mode (`ccm.h`, `gcm.h`) or a particular stream cipher (`chacha20.h`, `chachapoly.h`). To migrate code using those low-level modules, please follow the recommendations in the following sections, using the same principles as the corresponding `cipher.h` API.
-
-### Cipher mechanism selection
-
-Instead of `mbedtls_cipher_id_t` (`MBEDTLS_CIPHER_ID_xxx` constants), `mbedtls_cipher_type_t` (`MBEDTLS_CIPHER_base_size_mode` constants), `mbedtls_cipher_mode_t` (`MBEDTLS_CIPHER_MODE_xxx` constants) and `mbedtls_cipher_padding_t` (`MBEDTLS_CIPHER_PADDING_xxx` constants), use the [`PSA_KEY_TYPE_xxx` and `PSA_ALG_xxx` constants](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/).
-
-For modes that are based on a block cipher, the key type encodes the choice of block cipher:
-[`PSA_KEY_TYPE_AES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga6ee54579dcf278c677eda4bb1a29575e),
-[`PSA_KEY_TYPE_ARIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#c.PSA_KEY_TYPE_ARIA),
-[`PSA_KEY_TYPE_CAMELLIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad8e5da742343fd5519f9d8a630c2ed81),
-[`PSA_KEY_TYPE_DES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga577562bfbbc691c820d55ec308333138).
-The algorithm encodes the mode and if relevant the padding type:
-
-* Unauthenticated cipher modes:
- [`PSA_ALG_CTR`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad318309706a769cffdc64e4c7e06b2e9),
- [`PSA_ALG_CFB`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0088c933e01d671f263a9a1f177cb5bc),
- [`PSA_ALG_OFB`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gae96bb421fa634c6fa8f571f0112f1ddb),
- [`PSA_ALG_XTS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa722c0e426a797fd6d99623f59748125),
- [`PSA_ALG_ECB_NO_PADDING`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab8f0609cd0f12cccc9c950fd5a81a0e3),
- [`PSA_ALG_CBC_NO_PADDING`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gacb332d72716958880ee7f97d8365ae66),
- [`PSA_ALG_CBC_PKCS7`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaef50d2e9716eb6d476046608e4e0c78c),
- [`PSA_ALG_CCM_STAR_NO_TAG`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga89627bb27ec3ce642853ab8554a88572).
-* Other padding modes, which are obsolete, are not available in the PSA API. If you need them, handle the padding in your application code and use the `NO_PADDING` algorithm.
-* AEAD modes:
- [`PSA_ALG_CCM`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2c0e7d21f1b2df5e76bcb4a8f84273c),
- [`PSA_ALG_GCM`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0d7d02b15aaae490d38277d99f1c637c).
-* KW/KWP modes are not available in the PSA API at the time of writing.
-
-For the ChaCha20 unauthenticated cipher, use [`PSA_KEY_TYPE_CHACHA20`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga901548883b3bce56cc21c3a22cf8d93c) with [`PSA_ALG_STREAM_CIPHER`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad98c105198f7428f7d1dffcb2cd398cd).
-For the Chacha20+Poly1305 AEAD, use [`PSA_KEY_TYPE_CHACHA20`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga901548883b3bce56cc21c3a22cf8d93c) with [`PSA_ALG_CHACHA20_POLY1305`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1fec55093541640a71bdd022d4adfb9c)
-
-### Cipher mechanism availability
-
-For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a non-zero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a non-zero value if the library is built with support for that algorithm. Note that for a mechanism to be supported, both the key type and the algorithm must be supported.
-
-For example, to test if AES-CBC-PKCS7 is supported, in the legacy API, you could write:
-```
-#if defined(MBEDTLS_AES_C) && \
- defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_CIPHER_PADDING_PKCS7)
-```
-The equivalent in the PSA API is
-```
-#if PSA_WANT_KEY_TYPE_AES && PSA_WANT_ALG_CBC_PKCS7
-```
-
-### Cipher metadata
-
-Both APIs express key sizes in bits. Note however that in the PSA API, the size of a _buffer_ is always expressed in bytes, even if that buffer contains a key.
-
-The following table lists corresponding PSA macros for maximum-size macros that take all supported algorithms into account.
-
-| Legacy macro | PSA macro |
-| ------------ | --------- |
-| `MBEDTLS_MAX_IV_LENGTH` | [`PSA_CIPHER_IV_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_MAX_SIZE), [`PSA_AEAD_NONCE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1ac2a332765ba4ccfc24935d6f7f48fcc7) |
-| `MBEDTLS_MAX_BLOCK_LENGTH` | [`PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) |
-| `MBEDTLS_MAX_KEY_LENGTH` | no equivalent|
-
-There is no equivalent to the type `mbedtls_cipher_info_t` and the functions `mbedtls_cipher_info_from_type` and `mbedtls_cipher_info_from_values` in the PSA API because it is unnecessary. All macros and functions operate directly on key type values (`psa_key_type_t`, `PSA_KEY_TYPE_xxx` constants) and algorithm values (`psa_algorithm_t`, `PSA_ALG_xxx` constants).
-
-| Legacy function | PSA macro |
-| --------------- | --------- |
-| `mbedtls_cipher_info_get_iv_size` | [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH), [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH) |
-| `mbedtls_cipher_info_get_block_size` | not available (use specific macros for the IV, nonce or tag length) |
-
-The following features have no PSA equivalent:
-
-* `mbedtls_cipher_list`: the PSA API does not currently have a discovery mechanism for cryptographic mechanisms, but one may be added in the future.
-* `mbedtls_cipher_info_has_variable_key_bitlen`, `mbedtls_cipher_info_has_variable_iv_size`: the PSA API does not currently have such mechanism for high-level metadata information.
-* `mbedtls_cipher_info_from_string`: there is no equivalent of Mbed TLS's lookup based on a (nonstandard) name.
-
-### Cipher key management
-
-The legacy API and the PSA API have a different organization of operations in several respects:
-
-* In the legacy API, each operation object contains the necessary key material. In the PSA API, an operation object contains a reference to a key object. To perform a cryptographic operation, you must create a key object first. However, for a one-shot operation, you do not need an operation object, just a single function call.
-* The legacy API uses the same interface for authenticated and non-authenticated ciphers, while the PSA API has separate functions.
-* The legacy API uses the same functions for encryption and decryption, while the PSA API has separate functions where applicable.
-
-Here is an overview of the lifecycle of a key object.
-
-1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters:
- * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”).
- * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material.
- * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `PSA_ALG_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”). By design, the same key cannot be used with multiple algorithms.
- * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_ENCRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_ENCRYPT) or [`PSA_KEY_USAGE_DECRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_DECRYPT), depending on which direction you want to use the key in. To allow both directions, use the flag mask `PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT`. The same policy flags cover authenticated and non-authenticated encryption/decryption.
-2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object.
- * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material.
- * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5).
- * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1).
-3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations.
-4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished.
-
-### Unauthenticated cipher operations
-
-Recall the workflow of an unauthenticated cipher operation in the legacy Mbed TLS cipher API:
-
-1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`.
-2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_cipher_setkey` (or `mbedtls_cipher_setup_psa`), `mbedtls_cipher_set_padding_mode` if applicable.
-3. Set the IV with `mbedtls_cipher_set_iv` (except for ECB which does not use an IV).
-4. For a one-shot operation, call `mbedtls_cipher_crypt`. To pass the input in multiple parts, call `mbedtls_cipher_update` as many times as necessary followed by `mbedtls_cipher_finish`.
-5. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`.
-
-For a one-shot operation (where the whole plaintext or ciphertext is passed as a single input), the equivalent workflow with the PSA API is to call a single function:
-
-* [`psa_cipher_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga61f02fbfa681c2659546eca52277dbf1) to perform encryption with a random IV of the default size (indicated by [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH)). (To encrypt with a specified IV, use the multi-part API described below.) You can use the macro [`PSA_CIPHER_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
-* [`psa_cipher_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gab3593f5f14d8c0431dd306d80929215e) to perform decryption with a specified IV. You can use the macro [`PSA_CIPHER_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
-
-For a multi-part operation, the equivalent workflow with the PSA API is as follows:
-
-1. Create an operation object of type [`psa_cipher_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1399de29db657e3737bb09927aae51fa) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Select the key and algorithm with [`psa_cipher_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga587374c0eb8137a572f8e2fc409bb2b4) or [`psa_cipher_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaa4ba3a167066eaef2ea49abc5dcd1d4b) depending on the desired direction.
-3. When encrypting with a random IV, use [`psa_cipher_generate_iv`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga29fd7d32a5729226a2f73e7b6487bd8a). When encrypting with a chosen IV, or when decrypting, set the IV with [`psa_cipher_set_iv`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga9caddac1a429a5032d6d4a907fb70ba1). Skip this step with ECB since it does not use an IV.
-4. Call [`psa_cipher_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gac3ca27ac6682917c48247d01fd96cd0f) as many times as needed. You can use [`PSA_CIPHER_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE) or [`PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1ab1f6598efd6a7dc56e7ad7e34719eb32) to determine a sufficient size for the output buffer.
-5. Call [`psa_cipher_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1dcb58b8befe23f8a4d7a1d49c99249b) to obtain the last part of the output. You can use [`PSA_CIPHER_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_SIZE) or [`PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
-
-If you need to interrupt the operation after calling the setup function without calling the finish function, call [`psa_cipher_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaad482cdca2098bca0620596aaa02eaa4).
-
-### Authenticated cipher operations
-
-Recall the workflow of an authenticated cipher operation in the legacy Mbed TLS cipher API (or similar workflows in the `chachapoly`, `ccm` and `gcm` modules):
-
-1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`.
-2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_cipher_setkey` (or `mbedtls_cipher_setup_psa`), `mbedtls_cipher_set_padding_mode` if applicable.
-3. Set the nonce with `mbedtls_cipher_set_iv` (or the `starts` function for low-level modules). For CCM, which requires direct use of the `ccm` module, also call `mbedtls_ccm_set_lengths` to set the length of the additional data and of the plaintext.
-4. Call `mbedtls_cipher_update_ad` to pass the unencrypted additional data.
-5. Call `mbedtls_cipher_update` as many times as necessary to pass the input plaintext or ciphertext.
-6. Call `mbedtls_cipher_finish` to obtain the last part of the output. Then call `mbedtls_cipher_write_tag` (when encrypting) or `mbedtls_cipher_check_tag` (when decrypting) to process the authentication tag.
-7. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`.
-
-Steps 3–6 can be replaced by a single call to `mbedtls_cipher_auth_encrypt_ext` or `mbedtls_cipher_auth_decrypt_ext` for a one-shot operation (where the whole plaintext or ciphertext is passed as a single input).
-
-For a one-shot operation, the PSA API allows you to call a single function:
-
-* [`psa_aead_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae72e1eb3c2da3ebd843bb9c8db8df509) to perform authenticated encryption with a random nonce of the default size (indicated by [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH)), with the authentication tag written at the end of the output. (To encrypt with a specified nonce, or to separate the tag from the rest of the ciphertext, use the multi-part API described below.) You can use the macro [`PSA_AEAD_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE) or [`PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
-* [`psa_aead_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae799f6196a22d50c216c947e0320d3ba) to perform authenticated decryption of a ciphertext with the authentication tag at the end. (If the tag is separate, use the multi-part API described below.) You can use the macro [`PSA_AEAD_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
-
-For a multi-part operation, the equivalent workflow with the PSA API is as follows:
-
-1. Create an operation object of type [`psa_aead_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga14f6a01afbaa8c5b3d8c5d345cbaa3ed) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Select the key and algorithm with [`psa_aead_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga2732c40ce8f3619d41359a329e9b46c4) or [`psa_aead_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaaa5c5018e67a7a6514b7e76b9a14de26) depending on the desired direction.
-3. When encrypting with a random nonce, use [`psa_aead_generate_nonce`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga5799df1c555efd35970b65be51cb07d1). When encrypting with a chosen nonce, or when decrypting, set the nonce with [`psa_aead_set_nonce`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga59132751a6f843d038924cb217b5e13b). If the algorithm is CCM, you must also call [`psa_aead_set_lengths`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gad3431e28d05002c2a7b0760610176050) before or after setting the nonce (for other algorithms, this is permitted but not needed).
-4. Call [`psa_aead_update_ad`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga6d0eed03f832e5c9c91cb8adf2882569) as many times as needed.
-5. Call [`psa_aead_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaf6d49864951ca42136b4a9b71ea26e5c) as many times as needed. You can use [`PSA_AEAD_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_SIZE) or [`PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
-6. Finally:
- * When encrypting, call [`psa_aead_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga759791bbe1763b377c3b5447641f1fc8) to obtain the last part of the ciphertext and the authentication tag. You can use [`PSA_AEAD_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_SIZE) or [`PSA_AEAD_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
- * When decrypting, call [`psa_aead_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae0280e2e61a185b893c36d858453f0d0) to obtain the last part of the plaintext and check the authentication tag. You can use [`PSA_AEAD_VERIFY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_SIZE) or [`PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
-
-If you need to interrupt the operation after calling the setup function without calling the finish or verify function, call [`psa_aead_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae8a5f93d92318c8f592ee9fbb9d36ba0).
-
-### Miscellaneous cipher operation management
-
-The equivalent of `mbedtls_cipher_reset` is to call [`psa_cipher_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaad482cdca2098bca0620596aaa02eaa4) or [`psa_aead_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae8a5f93d92318c8f592ee9fbb9d36ba0). Note that you must set the key again with a setup function: the PSA API does not have a special way to reuse an operation object with the same key.
-
-There is no equivalent for the `mbedtls_cipher_get_xxx` functions to extract information from an ongoing PSA cipher or AEAD operation. Applications that need this information will need to save it from the key and operation parameters.
-
-## Hashes and MAC
-
-The PSA API groups functions by purpose rather than by underlying primitive: there is a MAC API (equivalent to `md.h` for HMAC, and `cmac.h` for CMAC) and a hash API (equivalent to `md.h` for hashing). There is no special API for a particular hash algorithm (`md5.h`, `sha1.h`, `sha256.h`, `sha512.h`, `sha3.h`). To migrate code using those low-level modules, please follow the recommendations in the following section, using the same principles as the corresponding `md.h` API.
-
-The PSA API does not have a direct interface for the AES-CMAC-PRF-128 algorithm from RFC 4615 calculated by `mbedtls_aes_cmac_prf_128` at the time of writing. You can implement it using the MAC interface with an AES key and the CMAC algorithm.
-
-### Hash mechanism selection
-
-The equivalent to `mbedtls_md_type_t` and `MBEDTLS_MD_XXX` constants is the type `psa_algorithm_t` and `PSA_ALG_xxx` constants (the type encompasses all categories of cryptographic algorithms, not just hashes). PSA offers a similar selection of algorithms, but note that SHA-1 and SHA-2 are spelled slightly differently.
-
-| Mbed TLS constant | PSA constant |
-| ---------------------- | ------------------- |
-| `MBEDTLS_MD_MD5` | `PSA_ALG_MD5` |
-| `MBEDTLS_MD_SHA1` | `PSA_ALG_SHA_1` |
-| `MBEDTLS_MD_SHA224` | `PSA_ALG_SHA_224` |
-| `MBEDTLS_MD_SHA256` | `PSA_ALG_SHA_256` |
-| `MBEDTLS_MD_SHA384` | `PSA_ALG_SHA_384` |
-| `MBEDTLS_MD_SHA512` | `PSA_ALG_SHA_512` |
-| `MBEDTLS_MD_RIPEMD160` | `PSA_ALG_RIPEMD160` |
-| `MBEDTLS_MD_SHA3_224` | `PSA_ALG_SHA3_224` |
-| `MBEDTLS_MD_SHA3_256` | `PSA_ALG_SHA3_256` |
-| `MBEDTLS_MD_SHA3_384` | `PSA_ALG_SHA3_384` |
-| `MBEDTLS_MD_SHA3_512` | `PSA_ALG_SHA3_512` |
-
-The following helper functions can be used to convert between the 2 types:
-- `mbedtls_md_psa_alg_from_type()` converts from legacy `mbedtls_md_type_t` to PSA's `psa_algorithm_t`.
-- `mbedtls_md_type_from_psa_alg()` converts from PSA's `psa_algorithm_t` to legacy `mbedtls_md_type_t`.
-
-### MAC mechanism selection
-
-PSA Crypto has a generic API with the same functions for all MAC mechanisms. The mechanism is determined by a combination of an algorithm value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69) and a key type value of type [`psa_key_type_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga63fce6880ca5933b5d6baa257febf1f6).
-
-* For HMAC, the algorithm is [`PSA_ALG_HMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga70f397425684b3efcde1e0e34c28261f)`(hash)` where `hash` is the underlying hash algorithm (see “[Hash mechanism selection](#hash-mechanism-selection)”),
- for example `PSA_ALG_HMAC(PSA_ALG_SHA_256)` for HMAC-SHA-256.
- The key type is [`PSA_KEY_TYPE_HMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_KEY_TYPE_HMAC) regardless of the hash algorithm.
-* For CMAC, the algorithm is [`PSA_ALG_CMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_CMAC) regardless of the underlying block cipher. The key type determines the block cipher:
- [`PSA_KEY_TYPE_AES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga6ee54579dcf278c677eda4bb1a29575e),
- [`PSA_KEY_TYPE_ARIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#c.PSA_KEY_TYPE_ARIA),
- [`PSA_KEY_TYPE_CAMELLIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad8e5da742343fd5519f9d8a630c2ed81) or
- [`PSA_KEY_TYPE_DES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga577562bfbbc691c820d55ec308333138).
-
-### Hash and MAC mechanism availability
-
-For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a non-zero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a non-zero value if the library is built with support for that algorithm. For a compound mechanism, all parts must be supported. In particular, for HMAC, all three of `PSA_WANT_KEY_TYPE_HMAC`, `PSA_WANT_ALG_HMAC` and the underlying hash must be enabled. (A configuration with only one of `PSA_WANT_KEY_TYPE_HMAC` and `PSA_WANT_ALG_HMAC` is technically possible but not useful.)
-
-For example, to test if HMAC-SHA-256 is supported, in the legacy API, you could write:
-```
-#if defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)
-```
-The equivalent in the PSA API is
-```
-#if PSA_WANT_KEY_TYPE_HMAC && PSA_WANT_ALG_HMAC && PSA_WANT_ALG_SHA_256
-```
-
-To test if AES-CMAC is supported, in the legacy API, you could write:
-```
-if defined(MBEDTLS_AES_C) && defined(MBEDTLS_CMAC_C)
-```
-The equivalent in the PSA API is
-```
-#if PSA_WANT_KEY_TYPE_AES && PSA_WANT_ALG_CMAC
-```
-
-### Hash algorithm metadata
-
-There is no equivalent to the type `mbedtls_md_info_t` and the functions `mbedtls_md_info_from_type` and `mbedtls_md_get_type` in the PSA API because it is unnecessary. All macros and functions operate directly on algorithm (`psa_algorithm_t`, `PSA_ALG_xxx` constants).
-
-| Legacy macro | PSA macro |
-| ------------ | --------- |
-| `MBEDTLS_MD_MAX_SIZE` | [`PSA_HASH_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_MAX_SIZE) |
-| `MBEDTLS_MD_MAX_BLOCK_SIZE` | [`PSA_HMAC_MAX_HASH_BLOCK_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HMAC_MAX_HASH_BLOCK_SIZE) |
-| `mbedtls_md_get_size` | [`PSA_HASH_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_LENGTH) |
-| `mbedtls_md_get_size_from_type` | [`PSA_HASH_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_LENGTH) |
-
-The following features have no PSA equivalent:
-
-* `mbedtls_md_list`: the PSA API does not currently have a discovery mechanism for cryptographic mechanisms, but one may be added in the future.
-* `mbedtls_md_info_from_ctx`
-* `mbedtls_cipher_info_from_string`, `mbedtls_md_get_name`: there is no equivalent of Mbed TLS's lookup based on a (nonstandard) name.
-
-### Hash calculation
-
-The equivalent of `mbedtls_md` for a one-shot hash calculation is [`psa_hash_compute`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gac69f7f19d96a56c28cf3799d11b12156). In addition, to compare the hash of a message with an expected value, you can call [`psa_hash_compare`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga0c08f4797bec96b886c8c8d7acc2a553) instead of `mbedtls_md` followed by `memcmp` or a constant-time equivalent.
-
-For a multi-part hash calculation, the legacy process is as follows:
-
-1. Create a digest context of type `mbedtls_md_context_t` and initialize it with `mbedtls_md_init`.
-2. Call `mbedtls_md_setup` to select the hash algorithm, with `hmac=0`. Then call `mbedtls_md_starts` to start the hash operation.
-3. Call `mbedtls_md_update` as many times as necessary.
-4. Call `mbedtls_md_finish`. If verifying the hash against an expected value, compare the result with the expected value.
-5. Finally free the resources associated with the operation object by calling `mbedtls_md_free`.
-
-The equivalent process in the PSA API is as follows:
-
-1. Create an operation object of type [`psa_hash_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga3c4205d2ce66c4095fc5c78c25273fab) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Call [`psa_hash_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga8d72896cf70fc4d514c5c6b978912515) to specify the algorithm.
-3. Call [`psa_hash_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga65b16ef97d7f650899b7db4b7d1112ff) as many times as necessary.
-4. To obtain the hash, call [`psa_hash_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga4795fd06a0067b0adcd92e9627b8c97e). Alternatively, to verify the hash against an expected value, call [`psa_hash_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga7be923c5700c9c70ef77ee9b76d1a5c0).
-
-If you need to interrupt the operation after calling the setup function without calling the finish or verify function, call [`psa_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gab0b4d5f9912a615559497a467b532928).
-
-There is no equivalent to `mbedtls_md_file` in the PSA API. Load the file data and calculate its hash.
-
-### MAC key management
-
-The legacy API and the PSA API have a different organization of operations in several respects:
-
-* In the legacy API, each operation object contains the necessary key material. In the PSA API, an operation object contains a reference to a key object. To perform a cryptographic operation, you must create a key object first. However, for a one-shot operation, you do not need an operation object, just a single function call.
-* The legacy API uses the same interface for authenticated and non-authenticated ciphers, while the PSA API has separate functions.
-* The legacy API uses the same functions for encryption and decryption, while the PSA API has separate functions where applicable.
-
-Here is an overview of the lifecycle of a key object.
-
-1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters:
- * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”).
- * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material.
- * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `PSA_ALG_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”). By design, the same key cannot be used with multiple algorithms.
- * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_SIGN_MESSAGE) to calculate a MAC or [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_VERIFY_MESSAGE) to verify the MAC of a message. To allow both directions, use the flag mask `PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE`.
-2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object.
- * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material.
- * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5).
- * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1).
-3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations.
-4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished.
-
-### MAC calculation
-
-The process for a HMAC operation in the legacy API is as follows:
-
-1. Create a digest context of type `mbedtls_md_context_t` and initialize it with `mbedtls_md_init`.
-2. Call `mbedtls_md_setup` to select the hash algorithm, with `hmac=1`. Then call `mbedtls_md_hmac_starts` to set the key.
-3. Call `mbedtls_md_hmac_update` as many times as necessary.
-4. Call `mbedtls_md_hmac_finish`. If verifying the MAC against an expected value, compare the result with the expected value. Note that this comparison should be in constant time to avoid a side channel vulnerability, for example using `mbedtls_ct_memcmp`.
-5. Finally free the resources associated with the operation object by calling `mbedtls_md_free`.
-
-The process for a CMAC operation in the legacy API is as follows:
-
-1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`.
-2. Call `mbedtls_cipher_setup` to select the block cipher. Then call `mbedtls_md_cmac_starts` to set the key.
-3. Call `mbedtls_cipher_cmac_update` as many times as necessary.
-4. Call `mbedtls_cipher_cmac_finish`. If verifying the MAC against an expected value, compare the result with the expected value. Note that this comparison should be in constant time to avoid a side channel vulnerability, for example using `mbedtls_ct_memcmp`.
-5. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`.
-
-The process in the PSA API to calculate a MAC is as follows:
-
-1. Create an operation object of type [`psa_mac_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga78f0838b0c4e3db28b26355624d4bd37) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Call [`psa_mac_sign_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga03bc3e3c0b7e55b20d2a238e418d46cd) to specify the algorithm and the key. See “[MAC key management](#mac-key-management)” for how to obtain a key identifier.
-3. Call [`psa_mac_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga5560af371497babefe03c9da4e8a1c05) as many times as necessary.
-4. To obtain the MAC, call [`psa_mac_sign_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gac22bc0125580c96724a09226cfbc97f2).
-
-To verify a MAC against an expected value, use the following process instead:
-
-1. Create an operation object of type [`psa_mac_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga78f0838b0c4e3db28b26355624d4bd37) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Call [`psa_mac_verify_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga08ae327fcbc5f8e201172fe11e536984) to specify the algorithm and the key. See “[MAC key management](#mac-key-management)” for how to obtain a key identifier.
-3. Call [`psa_mac_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga5560af371497babefe03c9da4e8a1c05) as many times as necessary.
-4. To verify the MAC against an expected value, call [`psa_mac_verify_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gac92b2930d6728e1be4d011c05d485822).
-
-If you need to interrupt the operation after calling the setup function without calling the finish function, call [`psa_mac_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gacd8dd54855ba1bc0a03f104f252884fd).
-
-The PSA API also offers functions for a one-shot MAC calculation, similar to `mbedtls_cipher_cmac` and `mbedtls_md_hmac`:
-
-* [`psa_mac_compute`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gabf02ebd3595ea15436967092b5d52878) to calculate the MAC of a buffer in memory.
-* [`psa_mac_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gaf6988545df5d5e2466c34d753443b15a) to verify the MAC of a buffer in memory against an expected value.
-
-In both cases, see “[MAC key management](#mac-key-management)” for how to obtain a key identifier.
-
-### Miscellaneous hash or MAC operation management
-
-The equivalent of `mbedtls_md_reset`, `mbedtls_md_hmac_reset` or `mbedtls_cmac_reset` is to call [`psa_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gab0b4d5f9912a615559497a467b532928) or [`psa_mac_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gacd8dd54855ba1bc0a03f104f252884fd). Note that you must call a setup function to specify the algorithm and the key (for MAC) again, and they can be different ones.
-
-The equivalent of `mbedtls_md_clone` to clone a hash operation is [`psa_hash_clone`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga39673348f3302b4646bd780034a5aeda). A PSA MAC operation cannot be cloned.
-
-## Key derivation
-
-### HKDF
-
-PSA Crypto provides access to HKDF, HKDF-Extract and HKDF-Expand via its [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/). This is a generic interface using an operation object with one function call for each input and one function call for each output.
-
-1. Create an operation object of type [`psa_key_derivation_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga5f099b63799a0959c3d46718c86c2609) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Call [`psa_key_derivation_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac0b6a76e45cceb1862752bf041701859) to select the algorithm, which is a value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69). For HKDF and variants, use one of the macros [`PSA_ALG_HKDF`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF), [`PSA_ALG_HKDF_EXTRACT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF_EXTRACT) or [`PSA_ALG_HKDF_EXPAND`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF_EXPAND) with the [hash algorithm](#hash-mechanism-selection) passed as an argument. For example `PSA_ALG_HKDF(PSA_ALG_SHA_256)` selects HKDF-SHA-256.
-3. Call [`psa_key_derivation_input_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga8fd934dfb0ca45cbf89542ef2a5494c2) on each of the inputs in the order listed below. (Use [`psa_key_derivation_input_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gab2d7ce8705dd8e4a093f4b8a21a0c15a) instead for an input that is a PSA key object.) The input step value for each step is as follows:
- 1. [`PSA_KEY_DERIVATION_INPUT_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gab62757fb125243562c3947a752470d4a) for the salt used during the extraction step. Omit this step for HKDF-Expand. For HKDF, you may omit this step if the salt is empty.
- 2. [`PSA_KEY_DERIVATION_INPUT_SECRET`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1ga0ddfbe764baba995c402b1b0ef59392e) for the secret input.
- 3. [`PSA_KEY_DERIVATION_INPUT_INFO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gacef8df989e09c769233f4b779acb5b7d) for the info string used during the expansion step. Omit this step for HKDF-Extract.
-4. Call [`psa_key_derivation_output_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga06b7eb34a2fa88965f68e3d023fa12b9) to obtain the output of the derivation. You may call this function more than once to retrieve the output in successive chunks. Use [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1) instead if you want to use a chunk as a PSA key.
-5. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object.
-
-### PKCS#5 module
-
-Applications currently using `mbedtls_pkcs5_pbkdf2_hmac` or `mbedtls_pkcs5_pbkdf2_hmac_ext` can switch to the PSA key derivation API for PBKDF2. This is a generic interface using an operation object with one function call for each input and one function call for each output.
-
-1. Create an operation object of type [`psa_key_derivation_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga5f099b63799a0959c3d46718c86c2609) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Call [`psa_key_derivation_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac0b6a76e45cceb1862752bf041701859) to select the algorithm, which is a value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69). For PBKDF2-HMAC, select `PSA_ALG_PBKDF2_HMAC(hash)` where `hash` is the underlying hash algorithm (see “[Hash mechanism selection](#hash-mechanism-selection)”).
-3. Call `psa_key_derivation_input_cost` with the step `PSA_KEY_DERIVATION_INPUT_COST` to select the iteration count.
-4. Call [`psa_key_derivation_input_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga8fd934dfb0ca45cbf89542ef2a5494c2) on each of the inputs in the order listed below. (Use [`psa_key_derivation_input_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gab2d7ce8705dd8e4a093f4b8a21a0c15a) instead for an input that is a PSA key object.) The input step value for each step is as follows:
- 1. [`PSA_KEY_DERIVATION_INPUT_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gab62757fb125243562c3947a752470d4a) for the salt used during the extraction step. You may repeat this step to pass the salt in pieces (for example a salt and a pepper).
- 2. [`PSA_KEY_DERIVATION_INPUT_SECRET`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1ga0ddfbe764baba995c402b1b0ef59392e) for the password.
-5. Call [`psa_key_derivation_output_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga06b7eb34a2fa88965f68e3d023fa12b9) to obtain the output of the derivation. You may call this function more than once to retrieve the output in successive chunks.
- Use [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1) instead if you want to use a chunk as a PSA key.
- If you want to verify the output against an expected value (for authentication, rather than to derive key material), call [`psa_key_derivation_verify_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gaf01520beb7ba932143ffe733b0795b08) or [`psa_key_derivation_verify_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac041714e34a94742e8ee006ac7dfea5a) instead of `psa_key_derivation_output_bytes`. (Note that the `verify` functions are not yet present in the 3.5 release of Mbed TLS. They are expected to be released in version 3.6.0.)
-6. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object.
-
-The function `mbedtls_pkcs5_pbes2` is only intended as a support function to parse encrypted private keys in the PK module. It has no PSA equivalent.
-
-### PKCS#12 module
-
-The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbe` are only intended as support functions to parse encrypted private keys in the PK module. They have no PSA equivalent.
-
-## Random generation
-
-### Random generation interface
-
-The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually, so most applications using PSA crypto do not need the interfaces from `entropy.h`, `ctr_drbg.h` and `hmac_drbg.h`. See the next sections for remaining use cases for [entropy](#entropy-sources) and [DRBG](#deterministic-pseudorandom-generation).
-
-The PSA API uses its internal random generator to generate keys (`psa_generate_key`), nonces for encryption (`psa_cipher_generate_iv`, `psa_cipher_encrypt`, `psa_aead_generate_nonce`, `psa_aead_encrypt`, `psa_asymmetric_encrypt`), and other random material as needed. If you need random data for some other purposes, call [`psa_generate_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5).
-
-If your application mixes uses of the PSA crypto API and the mbedtls API and you need to pass an RNG argument to a legacy or X.509/TLS function, include the header file `<mbedtls/psa_util.h>` and use:
-
-* [`mbedtls_psa_get_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#_CPPv422mbedtls_psa_get_randomPvPh6size_t) as the `f_rng` argument;
-* [`MBEDTLS_PSA_RANDOM_STATE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#c.MBEDTLS_PSA_RANDOM_STATE) as the `p_rng` argument.
-
-You can remove the Mbed TLS RNG boilerplate (`mbedtls_entropy_init`, `mbedtls_ctr_drbg_init`, `mbedtls_ctr_drbg_seed`, `mbedtls_ctr_drbg_random`, `mbedtls_ctr_drbg_free`, `mbedtls_entropy_free` — or `hmac_drbg` equivalents of the `ctr_drbg` functions) once you have finished replacing the references to `mbedtls_ctr_drbg_random` (or `mbedtls_hmac_drbg_random`) by `mbedtls_psa_get_random`.
-
-### Entropy sources
-
-Unless explicitly configured otherwise, the PSA random generator uses the default entropy sources configured through the legacy interface (`MBEDTLS_ENTROPY_xxx` symbols). Its set of sources is equivalent to an entropy object configured with `mbedtls_entropy_init`.
-
-A future version of Mbed TLS will include a PSA interface for configuring entropy sources. This is likely to replace the legacy interface in Mbed TLS 4.0.
-
-### Deterministic pseudorandom generation
-
-The PSA API does not have a dedicated interface for pseudorandom generation. The [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) can serve a similar purpose in some applications, but it does not offer CTR\_DRBG or HMAC\_DRBG. If you need these algorithms, keep using `ctr_drbg.h` and `hmac_drbg.h`, but note that they may be removed from the public API in Mbed TLS 4.0.
-
-## Asymmetric cryptography
-
-The PSA API supports RSA (see “[RSA mechanism selection](#rsa-mechanism-selection)”), elliptic curve cryptography (see “[ECC mechanism selection](#elliptic-curve-mechanism-selection)” and “[EC-JPAKE](#ec-jpake)”) and finite-field Diffie-Hellman (see “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”).
-
-### Key lifecycle for asymmetric cryptography
-
-In the PSA API, keys are referenced by an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t).
-(Some documentation references [`mbedtls_svc_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv420mbedtls_svc_key_id_t); the two types are identical except when the library is configured for use in a multi-client cryptography service.)
-The PSA key identifier tends to play the same role as an `mbedtls_pk_context`, `mbedtls_rsa_context` or `mbedtls_ecp_keypair` structure in the legacy API. However, there are major differences in the way the two APIs can be used to create keys or to obtain information about a key.
-
-Here is an overview of the lifecycle of a PSA key object.
-
-1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters:
- * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”).
- * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's conceptual size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material.
- * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the permitted algorithm to the desired `PSA_ALG_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” as well as “[Public-key cryptography policies](#public-key-cryptography-policies)”).
- * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable the desired usage types (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
-2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object.
- * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material.
- * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5).
- * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1).
-3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations.
-4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished.
-
-### Public-key cryptography policies
-
-A key's policy indicates what algorithm(s) it can be used with (usage algorithm policy) and what operations are permitted (usage flags).
-
-The following table lists the relevant usage flags for asymmetric cryptography. You can pass those flags (combined with bitwise-or) to [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de).
-
-| Usage | Flag |
-| ----- | ---- |
-| export public key | 0 (always permitted) |
-| export private key | [`PSA_KEY_USAGE_EXPORT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga7dddccdd1303176e87a4d20c87b589ed) |
-| Sign a message directly | [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) |
-| Sign an already-calculated hash | at least one of [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) or [`PSA_KEY_USAGE_SIGN_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) |
-| Verify a message directly | [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gabea7ec4173f4f943110329ac2953b2b1) |
-| Verify an already-calculated hash | at least one of [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gabea7ec4173f4f943110329ac2953b2b1) or [`PSA_KEY_USAGE_VERIFY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gafadf131ef2182045e3483d03aadaa1bd) |
-| Encryption | [`PSA_KEY_USAGE_ENCRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga75153b296d045d529d97203a6a995dad) |
-| Decryption | [`PSA_KEY_USAGE_DECRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gac3f2d2e5983db1edde9f142ca9bf8e6a) |
-| Key agreement | [`PSA_KEY_USAGE_DERIVE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gaf19022acc5ef23cf12477f632b48a0b2) |
-
-The sections “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” cover the available algorithm values for each key type. Normally, a key can only be used with a single algorithm, following standard good practice. However, there are two ways to relax this requirement.
-
-* Many signature algorithms encode a hash algorithm. Sometimes the same key may need to be used to sign messages with multiple different hashes. In an algorithm policy, you can use [`PSA_ALG_ANY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_ANY_HASH) instead of a hash algorithm value to allow the key to be used with any hash. For example, `psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH))` allows the key to be used with RSASSA-PSS, with different hash algorithms in each operation.
-* In addition to the algorithm (or wildcard) selected with [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98), you can use [`psa_set_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaffa134b74aa52aa3ed9397fcab4005aa) to permit a second algorithm (or wildcard). This is intended for scenarios where a key is normally used with a single algorithm, but needs to be used with a different algorithm for enrollment (such as an ECDH key for which an ECDSA proof-of-possession is also required).
-
-### Asymmetric cryptographic mechanisms
-
-#### RSA mechanism selection
-
-The PK types `MBEDTLS_PK_RSA`, `MBEDTLS_PK_RSASSA_PSS` and `MBEDTLS_PK_RSA_ALT` correspond to RSA key types in the PSA API. In the PSA API, key pairs and public keys are separate object types.
-See “[RSA-ALT interface](#rsa-alt-interface)” for more information about `MBEDTLS_PK_RSA_ALT`.
-
-The PSA API uses policies and algorithm parameters rather than key types to distinguish between RSA-based mechanisms. The PSA algorithm selection corresponds to the `mbedtls_pk_type_t` value passed to `mbedtls_pk_{sign,verify}_ext`. It also replaces the use of `mbedtls_rsa_set_padding` on an `mbedtls_rsa_context` object. See the list of algorithms below and the signature and encryption sections for more information.
-
-An RSA public key has the type [`PSA_KEY_TYPE_RSA_PUBLIC_KEY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9ba0878f56c8bcd1995ac017a74f513b).
-
-An RSA key pair has the type [`PSA_KEY_TYPE_RSA_KEY_PAIR`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11745b110166e927e2abeabc7d532051). A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key).
-You can always use a private key for operations on the corresponding public key (as long as the policy permits it).
-
-The following cryptographic algorithms work with RSA keys:
-
-* PKCS#1v1.5 RSA signature: [`PSA_ALG_RSA_PKCS1V15_SIGN`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga702ff75385a6ae7d4247033f479439af), [`PSA_ALG_RSA_PKCS1V15_SIGN_RAW`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4215e2a78dcf834e9a625927faa2a817).
-* PKCS#1v1.5 RSA encryption: [`PSA_ALG_RSA_PKCS1V15_CRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4c540d3abe43fb9abcb94f2bc51acef9).
-* PKCS#1 RSASSA-PSS signature: [`PSA_ALG_RSA_PSS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga62152bf4cb4bf6aace5e1be8f143564d), [`PSA_ALG_RSA_PSS_ANY_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9b7355a2cd6bde88177634d539127f2b).
-* PKCS#1 RSAES-OAEP encryption: [`PSA_ALG_RSA_OAEP`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa1235dc3fdd9839c6c1b1a9857344c76).
-
-#### Elliptic curve mechanism selection
-
-The PK types `MBEDTLS_PK_ECKEY`, `MBEDTLS_PK_ECKEY_DH` and `MBEDTLS_PK_ECDSA` correspond to elliptic-curve key types in the PSA API. In the PSA API, key pairs and public keys are separate object types. The PSA API uses policies and algorithm parameters rather than key types to distinguish between the PK EC types.
-
-An ECC public key has the type [`PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad54c03d3b47020e571a72cd01d978cf2) where `curve` is a curve family identifier.
-
-An ECC key pair has the type [`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0b6f5d4d5037c54ffa850d8059c32df0) where `curve` is a curve family identifier. A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key).
-You can always use a private key for operations on the corresponding public key (as long as the policy permits it).
-
-A curve is fully determined by a curve family identifier and the private key size in bits. You can use the following functions to convert between the PSA and legacy elliptic curve designations:
-- [`mbedtls_ecc_group_to_psa()`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__psa__tls__helpers/#group__psa__tls__helpers_1ga9c83c095adfec7da99401cf81e164f99) converts from the legacy curve type identifier to PSA curve family and bit-size.
-- [`mbedtls_ecc_group_from_psa()`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__psa__tls__helpers/#group__psa__tls__helpers_1ga6243eb619d5b2f5fe4667811adeb8a12) converts from PSA curve family and bit-size to the legacy identifier.
-
-The following table gives the correspondence between legacy and PSA elliptic curve designations.
-
-| Mbed TLS legacy curve identifier | PSA curve family | Curve bit-size |
-| -------------------------------- | ---------------- | -------------- |
-| `MBEDTLS_ECP_DP_SECP192R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 192 |
-| `MBEDTLS_ECP_DP_SECP224R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 224 |
-| `MBEDTLS_ECP_DP_SECP256R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 |
-| `MBEDTLS_ECP_DP_SECP384R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 384 |
-| `MBEDTLS_ECP_DP_SECP521R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 521 |
-| `MBEDTLS_ECP_DP_BP256R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 256 |
-| `MBEDTLS_ECP_DP_BP384R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 384 |
-| `MBEDTLS_ECP_DP_BP512R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 512 |
-| `MBEDTLS_ECP_DP_CURVE25519` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 255 |
-| `MBEDTLS_ECP_DP_SECP192K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 192 |
-| `MBEDTLS_ECP_DP_SECP224K1` | not supported | N/A |
-| `MBEDTLS_ECP_DP_SECP256K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 |
-| `MBEDTLS_ECP_DP_CURVE448` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 448 |
-
-The following cryptographic algorithms work with ECC keys:
-
-* ECDH key agreement (including X25519 and X448): [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43).
-* ECDSA: [`PSA_ALG_ECDSA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7e3ce9f514a227d5ba5d8318870452e3), [`PSA_ALG_ECDSA_ANY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga51d6b6044a62e33cae0cf64bfc3b22a4), [`PSA_ALG_DETERMINISTIC_ECDSA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11da566bcd341661c8de921e2ca5ed03).
-* EC-JPAKE (see “[EC-JPAKE](#ec-jpake)”.
-
-#### Diffie-Hellman mechanism selection
-
-A finite-field Diffie-Hellman key pair has the type [`PSA_KEY_TYPE_DH_KEY_PAIR(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c) where `group` is a group family as explained below.
-
-A finite-field Diffie-Hellman public key has the type [`PSA_KEY_TYPE_DH_PUBLIC_KEY(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa22f0f2ea89b929f2fadc19890cc5d5c) where `group` is a group family as explained below. Due to the design of the API, there is rarely a need to use Diffie-Hellman public key objects.
-
-The PSA API only supports Diffie-Hellman with predefined groups. A group is fully determined by a group family identifier and the public key size in bits.
-
-| Mbed TLS DH group P value | PSA DH group family | Bit-size |
-| ------------------------- | ------------------- | -------- |
-| `MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 2048 |
-| `MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 3072 |
-| `MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 4096 |
-| `MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 6144 |
-| `MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 8192 |
-
-A finite-field Diffie-Hellman key can be used for key agreement with the algorithm [`PSA_ALG_FFDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0ebbb6f93a05b6511e6f108ffd2d1eb4).
-
-### Creating keys for asymmetric cryptography
-
-The easiest way to create a key pair object is by randomly generating it with [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). Compared with the low-level functions from the legacy API (`mbedtls_rsa_gen_key`, `mbedtls_ecp_gen_privkey`, `mbedtls_ecp_gen_keypair`, `mbedtls_ecp_gen_keypair_base`, `mbedtls_ecdsa_genkey`), this directly creates an object that can be used with high-level APIs, but removes some of the flexibility. Note that if you want to export the generated private key, you must pass the flag [`PSA_KEY_USAGE_EXPORT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga7dddccdd1303176e87a4d20c87b589ed) to [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de); exporting the public key with [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) is always permitted.
-
-For RSA keys, `psa_generate_key` uses 65537 as the public exponent. You can use [`psa_generate_key_custom`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#ga0415617443afe42a712027bbb8ad89f0) to select a different public exponent. As of Mbed TLS 3.6.1, selecting a different public exponent is only supported with the built-in RSA implementation, not with PSA drivers.
-
-To create a key object from existing material, use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). This function has the same basic goal as the PK parse functions (`mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`), but only supports a single format that just contains the number(s) that make up the key, with very little metadata. The table below summarizes the PSA import/export format for key pairs and public keys; see the documentation of [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) and [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) for more details.
-
-| Key type | PSA import/export format |
-| -------- | ------------------------ |
-| RSA key pair | PKCS#1 RSAPrivateKey DER encoding (including both private exponent and CRT parameters) |
-| RSA public key | PKCS#1 RSAPublicKey DER encoding |
-| ECC key pair | Fixed-length private value (not containing the public key) |
-| ECC public key (Weierstrass curve) | Fixed-length uncompressed point |
-| ECC public key (Montgomery curve) | Fixed-length public value |
-| FFDH key pair | Fixed-length private value (not containing the public key) |
-| FFDH public key | Fixed-length public value |
-
-There is no equivalent of `mbedtls_pk_parse_keyfile` and `mbedtls_pk_parse_public_keyfile`. Either call the legacy function or load the file data manually.
-
-A future extension of the PSA API will support other import formats. Until those are implemented, see the following subsection for how to use the PK module for key parsing and construct a PSA key object from the PK object.
-
-### Creating a PSA key via PK
-
-You can use the PK module as an intermediate step to create an RSA or ECC key for use with PSA. This is useful for use cases that the PSA API does not currently cover, such as:
-
-* Parsing a key in a format with metadata without knowing its type ahead of time.
-* Parsing a key in a format that the PK module supports, but `psa_import_key` doesn't.
-* Importing a key which you have in the form of a list of numbers, rather than the binary encoding required by `psa_import_key`.
-* Importing a key with less information than what the PSA API needs, for example an ECC public key in a compressed format, an RSA private key without the private exponent, or an RSA private key without the CRT parameters.
-
-For such use cases:
-
-1. First create a PK object with the desired key material.
-2. Call [`mbedtls_pk_get_psa_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/pk_8h/#pk_8h_1a7aa7b33cffb6981d95d1632631de9244) to fill PSA attributes corresponding to the PK key. Pass one of the following values as the `usage` parameter:
- * `PSA_KEY_USAGE_SIGN_HASH` or `PSA_KEY_USAGE_SIGN_MESSAGE` for a key pair used for signing.
- * `PSA_KEY_USAGE_DECRYPT` for a key pair used for decryption.
- * `PSA_KEY_USAGE_DERIVE` for a key pair used for key agreement.
- * `PSA_KEY_USAGE_VERIFY_HASH` or `PSA_KEY_USAGE_VERIFY_MESSAGE` for a public key pair used for signature verification.
- * `PSA_KEY_USAGE_ENCRYPT` for a key pair used for encryption.
-3. Optionally, tweak the attributes (this is rarely necessary). For example:
- * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de), [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) and/or [`psa_set_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#group__attributes_1gaffa134b74aa52aa3ed9397fcab4005aa) to change the key's policy (by default, it allows what can be done through the PK module).
- · Call [`psa_set_key_id`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae48fcfdc72a23e7499957d7f54ff5a64) and perhaps [`psa_set_key_lifetime`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac03ccf09ca6d36cc3d5b43f8303db6f7) to create a PSA persistent key.
-4. Call [`mbedtls_pk_import_into_psa`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/pk_8h/#pk_8h_1ad59835d14832daf0f4b4bd0a4555abb9) to import the key into the PSA key store.
-5. You can now free the PK object with `mbedtls_pk_free`.
-
-Here is some sample code illustrating the above process, with error checking omitted.
-
-```
-mbedtls_pk_context pk;
-mbedtls_pk_init(&pk);
-mbedtls_pk_parse_key(&pk, key_buffer, key_buffer_length, NULL, 0,
- mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE);
-psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-mbedtls_pk_get_psa_attributes(&pk, PSA_KEY_USAGE_SIGN_HASH, &attributes);
-psa_key_id_t key_id;
-mbedtls_pk_import_into_psa(&pk, &attributes, &key_id);
-mbedtls_pk_free(&pk);
-psa_sign_hash(key_id, ...);
-```
-
-#### Importing an elliptic curve key from ECP
-
-This section explains how to use the `ecp.h` API to create an elliptic curve key in a format suitable for `psa_import_key`.
-
-You can use this, for example, to import an ECC key in the form of a compressed point by calling `mbedtls_ecp_point_read_binary` then following the process below.
-
-The following code snippet illustrates how to import a private key which is initially in an `mbedtls_ecp_keypair` object. (This includes `mbedtls_ecdsa_keypair` objects since that is just a type alias.) Error checks are omitted for simplicity. A future version of Mbed TLS [will provide a function to calculate the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764).
-
-```
-mbedtls_ecp_keypair ec;
-mbedtls_ecp_keypair_init(&ec);
-// Omitted: fill ec with key material
-// (the public key will not be used and does not need to be set)
-unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)];
-size_t length;
-mbedtls_ecp_write_key_ext(&ec, &length, buf, sizeof(buf));
-psa_ecc_curve_t curve = ...; // need to determine the curve family manually
-psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-psa_set_key_attributes(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(curve));
-psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...);
-psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...);
-psa_key_id_t key_id = 0;
-psa_import_key(&attributes, buf, length, &key_id);
-mbedtls_ecp_keypair_free(&ec);
-```
-The following code snippet illustrates how to import a private key which is initially in an `mbedtls_ecp_keypair` object. Error checks are omitted for simplicity.
-
-```
-mbedtls_ecp_group grp;
-mbedtls_ecp_group_init(&grp);
-mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_...);
-mbedtls_ecp_point pt;
-mbedtls_ecp_point_init(&pt);
-// Omitted: fill pt with key material
-unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_PUBLIC_KEY_MAX_SIZE)];
-size_t length;
-mbedtls_ecp_point_write_binary(&grp, &pt, &length, buf, sizeof(buf));
-psa_ecc_curve_t curve = ...; // need to determine the curve family manually
-psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-psa_set_key_attributes(&attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve));
-psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...);
-psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...);
-psa_key_id_t key_id = 0;
-psa_import_key(&attributes, buf, length, &key_id);
-mbedtls_ecp_point_free(&pt);
-mbedtls_ecp_group_free(&grp);
-```
-
-### Key pair and public key metadata
-
-There is no equivalent to the type `mbedtls_pk_info_t` and the functions `mbedtls_pk_info_from_type` in the PSA API because it is unnecessary. All macros and functions operate directly on key type values (`psa_key_type_t`, `PSA_KEY_TYPE_xxx` constants) and algorithm values (`psa_algorithm_t`, `PSA_ALG_xxx` constants).
-
-You can call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) to populate a structure with the attributes of a key, then functions such as [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain a key's type (`PSA_KEY_TYPE_xxx` value) and size (nominal size in bits).
-
-The bit-size from `psa_get_key_bits` is the same as the one from `mbedtls_pk_get_bitlen`. To convert to bytes as `mbedtls_pk_get_len` or `mbedtls_rsa_get_len` do, you can use the macro `PSA_BITS_TO_BYTES`. However, note that the PSA API has generic macros for each related buffer size (export, signature size, etc.), so you should generally use those instead. The present document lists those macros where it explains the usage of the corresponding function.
-
-Most code that calls `mbedtls_pk_get_type` or `mbedtls_pk_can_do` only requires the key's type as reported by [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918). For code that uses both `mbedtls_pk_context` objects and PSA metadata encoding, [`mbedtls_pk_can_do_ext`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/pk_8h/#pk_8h_1a256d3e8d4323a45aafa7d2b6c59a36f6) checks the compatibility between a key object and a mechanism. If needed, you can also access a key's policy from its attributes with [`psa_get_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaa1af20f142ca722222c6d98678a0c448), [`psa_get_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac255da850a00bbed925390044f016b34) and [`psa_get_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga39803b62a97198cf630854db9b53c588). The algorithm policy also conveys the padding and hash information provided by `mbedtls_rsa_get_padding_mode` and `mbedtls_rsa_get_md_alg`.
-
-### Exporting a public key or a key pair
-
-To export a PSA key pair or public key, call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf). If the key is a key pair, its policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
-
-To export a PSA public key or to export the public key of a PSA key pair object, call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062). This is always permitted regardless of the key's policy.
-
-The export format is the same format used for `psa_import_key`, described in “[Creating keys for asymmetric cryptography](#creating-keys-for-asymmetric-cryptography)” above.
-
-A future extension of the PSA API will support other export formats. Until those are implemented, see “[Exposing a PSA key via PK](#exposing-a-psa-key-via-pk)” for ways to use the PK module to format a PSA key.
-
-#### Exposing a PSA key via PK
-
-This section discusses how to use a PSA key in a context that requires a PK object, such as PK formatting functions (`mbedtls_pk_write_key_der`, `mbedtls_pk_write_pubkey_der`, `mbedtls_pk_write_pubkey_pem`, `mbedtls_pk_write_key_pem` or `mbedtls_pk_write_pubkey`), Mbed TLS X.509 functions, Mbed TLS SSL functions, or another API that involves `mbedtls_pk_context` objects. The PSA key must be an RSA or ECC key since the PK module does not support DH keys. Three functions from `pk.h` help with that:
-
-* [`mbedtls_pk_copy_from_psa`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/pk_8h/#pk_8h_1ab8e88836fd9ee344ffe630c40447bd08) copies a PSA key into a PK object. The PSA key must be exportable. The PK object remains valid even if the PSA key is destroyed.
-* [`mbedtls_pk_copy_public_from_psa`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/pk_8h/#pk_8h_1a2a50247a528889c12ea0ddddb8b15a4e) copies the public part of a PSA key into a PK object. The PK object remains valid even if the PSA key is destroyed.
-* [`mbedtls_pk_setup_opaque`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/pk_8h/#pk_8h_1a4c04ac22ab9c1ae09cc29438c308bf05) sets up a PK object that wraps the PSA key. The PK object has the type `MBEDTLS_PK_OPAQUE` regardless of whether the key is an RSA or ECC key. The PK object can only be used as permitted by the PSA key's policy. The PK object contains a reference to the PSA key identifier, therefore PSA key must not be destroyed as long as the PK object remains alive.
-
-Here is some sample code illustrating how to use the PK module to format a PSA public key or the public key of a PSA key pair.
-```
-int write_psa_pubkey(psa_key_id_t key_id,
- unsigned char *buf, size_t size, size_t *len) {
- mbedtls_pk_context pk;
- mbedtls_pk_init(&pk);
- int ret = mbedtls_pk_copy_public_from_psa(key_id, &pk);
- if (ret != 0) goto exit;
- ret = mbedtls_pk_write_pubkey_der(&pk, buf, size);
- if (ret < 0) goto exit;
- *len = ret;
- memmove(buf, buf + size - ret, ret);
- ret = 0;
-exit:
- mbedtls_pk_free(&pk);
-}
-```
-
-### Signature operations
-
-The equivalent of `mbedtls_pk_sign` or `mbedtls_pk_sign_ext` to sign an already calculated hash is [`psa_sign_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga785e746a31a7b2a35ae5175c5ace3c5c).
-The key must be a key pair allowing the usage `PSA_KEY_USAGE_SIGN_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
-Use [`PSA_SIGN_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGN_OUTPUT_SIZE) or [`PSA_SIGNATURE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGNATURE_MAX_SIZE) (similar to `MBEDTLS_PK_SIGNATURE_MAX_SIZE`) to determine a sufficient size for the output buffer.
-This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pss_sign`, `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext` and `mbedtls_ecdsa_write_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details.
-
-The equivalent of `mbedtls_pk_verify` or `mbedtls_pk_verify_ext` to verify an already calculated hash is [`psa_verify_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gae2ffbf01e5266391aff22b101a49f5f5).
-The key must be a public key (or a key pair) allowing the usage `PSA_KEY_USAGE_VERIFY_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
-This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_verify`, `mbedtls_rsa_rsassa_pkcs1_v15_verify`, `mbedtls_rsa_rsassa_pss_verify`, `mbedtls_rsa_rsassa_pss_verify_ext`, `mbedtls_ecdsa_verify` and `mbedtls_ecdsa_read_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details.
-
-Generally, `psa_sign_hash` and `psa_verify_hash` require the input to have the correct length for the hash (this has historically not always been enforced in the corresponding legacy APIs).
-
-See also “[Restartable ECDSA signature](#restartable-ecdsa-signature)” for a restartable variant of this API.
-
-The PSA API also has functions [`psa_sign_message`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga963ecadae9c38c85826f9a13cf1529b9) and [`psa_verify_message`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga01c11f480b185a4268bebd013df7c14c). These functions combine the hash calculation with the signature calculation or verification.
-For `psa_sign_message`, either the usage flag `PSA_KEY_USAGE_SIGN_MESSAGE` or `PSA_KEY_USAGE_SIGN_HASH` is sufficient.
-For `psa_verify_message`, either the usage flag `PSA_KEY_USAGE_VERIFY_MESSAGE` or `PSA_KEY_USAGE_VERIFY_HASH` is sufficient.
-
-Most signature algorithms involve a hash algorithm. See “[Hash mechanism selection](#hash-mechanism-selection)”.
-
-The following subsections describe the PSA signature mechanisms that correspond to legacy Mbed TLS mechanisms.
-
-#### ECDSA signature
-
-**Note: in the PSA API, the format of an ECDSA signature is the raw fixed-size format. This is different from the legacy API** which uses the ASN.1 DER format for ECDSA signatures. To convert between the two formats, use [`mbedtls_ecdsa_raw_to_der`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#group__psa__tls__helpers_1ga9295799b5437bdff8ce8abd524c5ef2e) or [`mbedtls_ecdsa_der_to_raw`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#group__psa__tls__helpers_1ga33b3cf65d5992ccc724b7ee00186ae61).
-
-<!-- The following are specific to the DER format and therefore have no PSA equivalent: MBEDTLS_ECDSA_MAX_SIG_LEN, MBEDTLS_ECDSA_MAX_LEN -->
-
-ECDSA is the mechanism provided by `mbedtls_pk_sign` and `mbedtls_pk_verify` for ECDSA keys, as well as by `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext`, `mbedtls_ecdsa_write_signature`, `mbedtls_ecdsa_verify` and `mbedtls_ecdsa_read_signature`.
-
-The PSA API offers three algorithm constructors for ECDSA. They differ only for signature, and have exactly the same behavior for verification.
-
-* [`PSA_ALG_ECDSA(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7e3ce9f514a227d5ba5d8318870452e3) is a randomized ECDSA signature of a hash calculated with the algorithm `hash`.
-* [`PSA_ALG_ECDSA_ANY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga51d6b6044a62e33cae0cf64bfc3b22a4) is equivalent to `PSA_ALG_ECDSA`, but does not require specifying a hash as part of the algorithm. It can only be used with `psa_sign_hash` and `psa_verify_hash`, with no constraint on the length of the hash.
-* [`PSA_ALG_DETERMINISTIC_ECDSA(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11da566bcd341661c8de921e2ca5ed03) is a deterministic ECDSA signature of a hash calculated with the algorithm `hash`. This is the same as the functionality offered by `MBEDTLS_ECDSA_DETERMINISTIC` in the legacy API.
- * For `psa_sign_message` with `PSA_ALG_DETERMINISTIC_ECDSA`, the same hash algorithm is used to hash the message and to parametrize the deterministic signature generation.
-
-Unlike the legacy API, where `mbedtls_pk_sign` and `mbedtls_ecdsa_write_signature` automatically select deterministic ECDSA if both are available, the PSA API requires the application to select the preferred variant. ECDSA verification cannot distinguish between randomized and deterministic ECDSA (except in so far as if the same message is signed twice and the signatures are different, then at least one of the signatures is not the determinstic variant), so in most cases switching between the two is a compatible change.
-
-#### Restartable ECDSA signature
-
-The legacy API includes an API for “restartable” ECC operations: the operation returns after doing partial computation, and can be resumed. This is intended for highly constrained devices where long cryptographic calculations need to be broken up to poll some inputs, where interrupt-based scheduling is not desired. The legacy API consists of the functions `mbedtls_pk_sign_restartable`, `mbedtls_pk_verify_restartable`, `mbedtls_ecdsa_sign_restartable`, `mbedtls_ecdsa_verify_restartable`, `mbedtls_ecdsa_write_signature_restartable`, `mbedtls_ecdsa_read_signature_restartable`, as well as several configuration and data manipulation functions.
-
-The PSA API offers similar functionality via “interruptible” public-key operations. As of Mbed TLS 3.5, it is only implemented for ECDSA, for the same curves as the legacy API. This will likely be extended to ECDH in the short term. At the time of writing, no extension is planned to other curves or other algorithms.
-
-The flow of operations for an interruptible signature operation is as follows:
-
-1. Create an operation object of type [`psa_sign_hash_interruptible_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6948d4653175b1b530a265540066a7e7) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Call [`psa_sign_hash_start`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga441988da830205182b3e791352537fac) with the private key object and the hash to verify.
-3. Call [`psa_sign_hash_complete`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga79849aaa7004a85d2ffbc4b658a333dd) repeatedly until it returns a status other than `PSA_OPERATION_INCOMPLETE`.
-
-The flow of operations for an interruptible signature verification operation is as follows:
-
-1. Create an operation object of type [`psa_verify_hash_interruptible_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga537054cf4909ad1426331ae4ce7148bb) and zero-initialize it (or use the corresponding `INIT` macro).
-2. Call [`psa_verify_hash_start`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga912eb51fb94056858f451f276ee289cb) with the private key object and the hash and signature to verify.
-3. Call [`psa_verify_hash_complete`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga67fe82352bc2f8c0343e231a70a5bc7d) repeatedly until it returns a status other than `PSA_OPERATION_INCOMPLETE`.
-
-If you need to cancel the operation after calling the start function without waiting for the loop calling the complete function to finish, call [`psa_sign_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1gae893a4813aa8e03bd201fe4f1bbbb403) or [`psa_verify_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga18dc9c0cc27d590c5e3b186094d90f88).
-
-Call [`psa_interruptible_set_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6d86790b31657c13705214f373af869e) to set the number of basic operations per call. This is the same unit as `mbedtls_ecp_set_max_ops`. You can retrieve the current value with [`psa_interruptible_get_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga73e66a6d93f2690b626fcea20ada62b2). The value is [`PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible/#group__interruptible_1gad19c1da7f6b7d59d5873d5b68eb943d4) if operations are not restartable, which corresponds to `mbedtls_ecp_restart_is_enabled()` being false.
-
-#### PKCS#1 v1.5 RSA signature
-
-This mechanism corresponds to `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_rsa_pkcs1_sign` and `mbedtls_rsa_pkcs1_verify` for an RSA key, unless PSS has been selected with `mbedtls_rsa_set_padding` on the underlying RSA key context. This mechanism also corresponds to `mbedtls_rsa_rsassa_pkcs1_v15_sign` and `mbedtls_rsa_rsassa_pkcs1_v15_verify`.
-
-The PSA API has two algorithm constructors:
-
-* [`PSA_ALG_RSA_PKCS1V15_SIGN(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga702ff75385a6ae7d4247033f479439af) formats the hash as specified in PKCS#1. The hash algorithm corresponds to the `md_alg` parameter of the legacy functions.
-* [`PSA_ALG_RSA_PKCS1V15_SIGN_RAW`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4215e2a78dcf834e9a625927faa2a817) uses the “hash” input in lieu of a DigestInfo structure. This is the same as calling the legacy functions with `md_alg=MBEDTLS_MD_NONE`.
-
-#### PKCS#1 RSASSA-PSS signature
-
-This mechanism corresponds to `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext` for an RSA key, as well as `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_rsa_pkcs1_sign` and `mbedtls_rsa_pkcs1_verify` if PSS has been selected on the underlying RSA context with `mbedlts_rsa_set_padding`.
-It also corresponds to `mbedtls_rsa_rsassa_pss_sign` and `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_rsa_rsassa_pss_verify` and `mbedtls_rsa_rsassa_pss_verify_ext`.
-
-The PSA API has two algorithm constructors: [`PSA_ALG_RSA_PSS(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga62152bf4cb4bf6aace5e1be8f143564d) and [`PSA_ALG_RSA_PSS_ANY_SALT(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9b7355a2cd6bde88177634d539127f2b). They differ only for verification, and have exactly the same behavior for signature. The hash algorithm `hash` corresponds to the `md_alg` parameter passed to the legacy API. It is used to hash the message, to create the salted hash, and for the mask generation with MGF1. The PSA API does not support using different hash algorithms for these different purposes.
-
-With respect to the salt length:
-
-* When signing, the salt is random, and the salt length is the largest possible salt length up to the hash length. This is the same as passing `MBEDTLS_RSA_SALT_LEN_ANY` as the salt length to `xxx_ext` legacy functions or using a legacy function that does not have a `saltlen` argument.
-* When verifying, `PSA_ALG_RSA_PSS` requires the the salt length to the largest possible salt length up to the hash length (i.e. the same that would be used for signing).
-* When verifying, `PSA_ALG_RSA_PSS_ANY_SALT` accepts any salt length. This is the same as passing `MBEDTLS_RSA_SALT_LEN_ANY` as the salt length to `xxx_ext` legacy functions or using a legacy function that does not have a `saltlen` argument.
-
-### Asymmetric encryption and decryption
-
-The equivalent of `mbedtls_pk_encrypt`, `mbedtls_rsa_pkcs1_encrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_encrypt` or `mbedtls_rsa_rsaes_oaep_encrypt` to encrypt a short message (typically a symmetric key) is [`psa_asymmetric_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gaa17f61e4ddafd1823d2c834b3706c290).
-The key must be a public key (or a key pair) allowing the usage `PSA_KEY_USAGE_ENCRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
-Use the macro [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1a66ba3bd93e5ec52870ccc3848778bad8) or [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE) to determine the output buffer size.
-
-The equivalent of `mbedtls_pk_decrypt`, `mbedtls_rsa_pkcs1_decrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_decrypt` or `mbedtls_rsa_rsaes_oaep_decrypt` to decrypt a short message (typically a symmetric key) is [`psa_asymmetric_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga4f968756f6b22aab362b598b202d83d7).
-The key must be a key pair allowing the usage `PSA_KEY_USAGE_DECRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
-Use the macro [`PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1a61a246f3eac41989821d982e56fea6c1) or [`PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE) to determine the output buffer size.
-
-The following subsections describe the PSA asymmetric encryption mechanisms that correspond to legacy Mbed TLS mechanisms.
-
-#### RSA PKCS#1v1.5 encryption
-
-This is the mechanism used by the PK functions and by `mbedtls_rsa_pkcs1_{encrypt,decrypt}` unless `mbedtls_rsa_set_padding` has been called on the underlying RSA key context.
-This is also the mechanism used by `mbedtls_rsa_rsaes_pkcs1_v15_{encrypt,decrypt}`.
-
-The PSA algorithm is [`PSA_ALG_RSA_PKCS1V15_CRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4c540d3abe43fb9abcb94f2bc51acef9).
-
-Beware that PKCS#1v1.5 decryption is subject to padding oracle attacks. Revealing when `psa_asymmetric_decrypt` returns `PSA_ERROR_INVALID_PADDING` may allow an adversary to decrypt arbitrary ciphertexts.
-
-#### RSA RSAES-OAEP
-
-This is the mechanism used by `mbedtls_rsa_rsaes_oaep_{encrypt,decrypt}`.
-
-The PSA algorithm is [`PSA_ALG_RSA_OAEP(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa1235dc3fdd9839c6c1b1a9857344c76) where `hash` is a hash algorithm value (`PSA_ALG_xxx`, see “[Hash mechanism selection](#hash-mechanism-selection)”).
-
-As with the PK API, the mask generation is MGF1, the label is empty, and the same hash algorithm is used for MGF1 and to hash the label. The PSA API does not offer a way to choose a different label or a different hash algorithm for the label.
-
-### Private-public key consistency
-
-There is no direct equivalent of the functions `mbedtls_rsa_check_privkey`, `mbedtls_rsa_check_pubkey`,`mbedtls_ecp_check_privkey`, `mbedtls_ecp_check_pubkey`. The PSA API performs some basic checks when it imports a key, and may perform additional checks before performing an operation if needed, so it will never perform an operation on a key that does not satisfy these checks, but the details of when the check is performed may change between versions of the library.
-
-The legacy API provides functions `mbedtls_pk_check_pair`, `mbedtls_rsa_check_pub_priv` and `mbedtls_ecp_check_pub_priv`, which can be used to check the consistency between a private key and a public key. To perform such a check with the PSA API, you can export the public keys; this works because the PSA representation of public keys is canonical.
-
-* Prepare a key object containing the private key, for example with [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b).
-* Prepare a key object containing the public key, for example with [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b).
-* Export both public keys with [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) (this is possible regardless of the usage policies on the keys) and compare the output.
- ```
- // Error checking omitted
- unsigned char pub1[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
- unsigned char pub2[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
- size_t length1, length2;
- psa_export_public_key(key1, pub1, sizeof(pub1), &length1);
- psa_export_public_key(key2, pub2, sizeof(pub2), &length2);
- if (length1 == length2 && !memcmp(pub1, pub2, length1))
- puts("The keys match");
- else
- puts("The keys do not match");
- ```
-
-### PK functionality with no PSA equivalent
-
-There is no PSA equivalent of the debug functionality provided by `mbedtls_pk_debug`. Use `psa_export_key` to export the key if desired.
-
-There is no PSA equivalent to Mbed TLS's custom key type names exposed by `mbedtls_pk_get_name`.
-
-### Key agreement
-
-The PSA API has a generic interface for key agreement, covering the main use of both `ecdh.h` and `dhm.h`.
-
-<!-- TODO: static FFDH/ECDH (including `mbedtls_ecdh_get_params`)
- https://github.com/Mbed-TLS/mbedtls/pull/7766#discussion_r1410568541
- -->
-
-#### Diffie-Hellman key pair management
-
-The PSA API manipulates keys as such, rather than via an operation context. Thus, to use Diffie-Hellman, you need to create a key object, then perform the key exchange, then destroy the key. There is no equivalent to the types `mbedtls_ecdh_context` and `mbedtls_dhm_context`.
-
-Here is an overview of the lifecycle of a key object.
-
-1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters:
- * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value:
- * [`PSA_KEY_TYPE_DH_KEY_PAIR(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c) for finite-field Diffie-Hellman (see “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”).
- * [`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0b6f5d4d5037c54ffa850d8059c32df0) for elliptic-curve Diffie-Hellman (see “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)”).
- * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the private key size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material.
- * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to select the appropriate algorithm:
- * [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43) or [`PSA_ALG_FFDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0ebbb6f93a05b6511e6f108ffd2d1eb4) for a raw key agreement.
- * [`PSA_ALG_KEY_AGREEMENT(ka, kdf)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga78bb81cffb87a635c247725eeb2a2682) if the key will be used as part of a key derivation, where:
- * `ka` is either `PSA_ALG_ECDH` or `PSA_ALG_FFDH`.
- * `kdf` is a key derivation algorithm.
- * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_DERIVE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_DERIVE). See “[Public-key cryptography policies](#public-key-cryptography-policies)” for more information.
-2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object.
- * Use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) to generate a random key. This is normally the case for a Diffie-Hellman key.
- * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material.
- * If the key is derived deterministically from other material, use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1).
-3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations.
-4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished.
-
-#### Performing a key agreement
-
-Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain the public key that needs to be sent to the other party.
-Use the macros [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to determine a sufficient size for the output buffer.
-
-Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to calculate the shared secret from your private key and the other party's public key.
-Use the macros [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer.
-
-Call [`psa_key_derivation_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga2cd5a8ac906747d3204ec442db78745f) instead of `psa_raw_key_agreement` to use the resulting shared secret as the secret input to a key derivation. See “[HKDF](#hkdf)” for an example of the key derivation interface.
-
-#### Translating a legacy key agreement contextless workflow
-
-A typical workflow for ECDH using the legacy API without a context object is:
-
-1. Initialize objects:
- * `mbedtls_ecp_group grp` for the curve;
- * `mbedtls_mpi our_priv` for our private key;
- * `mbedtls_ecp_point our_pub` for our public key;
- * `mbedtls_ecp_point their_pub` for their public key (this may be the same variable as `our_pub` if the application does not need to hold both at the same time);
- * `mbedtls_mpi z` for the shared secret (this may be the same variable as `our_priv` when doing ephemeral ECDH).
-2. Call `mbedtls_ecp_group_load` on `grp` to select the curve.
-3. Call `mbedtls_ecdh_gen_public` on `grp`, `our_priv` (output) and `our_pub` (output) to generate a key pair and retrieve the corresponding public key.
-4. Send `our_pub` to the peer. Retrieve the peer's public key and import it into `their_pub`. These two actions may be performed in either order.
-5. Call `mbedtls_ecdh_compute_shared` on `grp`, `z` (output), `their_pub` and `our_priv`. Use the raw shared secret `z`, typically, to construct a shared key.
-6. Free `grp`, `our_priv`, `our_pub`, `their_pub` and `z`.
-
-The corresponding workflow with the PSA API is as follows:
-
-1. Initialize objects:
- * `psa_key_id_t our_key`: a handle to our key pair;
- * `psa_key_attributes_t attributes`: key attributes used in steps 2–3;;
- * `our_pub`: a buffer of size [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) (where `key_type` is the value passed to `psa_set_key_size` in step 2) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to hold our key.
- * `their_pub`: a buffer of the same size, to hold the peer's key. This can be the same as `our_pub` if the application does not need to hold both at the same time;
- * `shared_secret`: a buffer of size [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) (if not using a key derivation operation).
-2. Prepare an attribute structure as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”, in particular selecting the curve with `psa_set_key_type`.
-3. Call [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) on `attributes` and `our_key` (output) to generate a key pair, then [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on `our_key` and `our_pub` (output) to obtain our public key.
-4. Send `our_pub` to the peer. Retrieve the peer's public key and import it into `their_pub`. These two actions may be performed in either order.
-5. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output).
- Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”).
-6. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) on `key_id`, and free the memory buffers.
-
-Steps 4–6 are only performed once for a "true" ephemeral Diffie-Hellman. They may be repeated multiple times for a "fake ephemeral" Diffie-Hellman where the same private key is used for multiple key exchanges, but it not saved.
-
-#### Translating a legacy ephemeral key agreement TLS server workflow
-
-The legacy API offers the following workflow for an ephemeral Diffie-Hellman key agreement in a TLS 1.2 server. The PSA version of this workflow can also be used with other protocols, on the side of the party that selects the curve or group and sends its public key first.
-
-1. Setup phase:
- 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`.
- 2. Call `mbedtls_ecdh_setup` or `mbedtls_dhm_set_group` to select the curve or group.
- 3. Call `mbedtls_ecdh_make_params` or `mbedtls_dhm_make_params` to generate our key pair and obtain a TLS ServerKeyExchange message encoding the selected curve/group and our public key.
-2. Send the ServerKeyExchange message to the peer.
-3. Retrieve the peer's public key.
-4. Call `mbedtls_ecdh_read_public` or `mbedtls_dhm_read_public` on the peer's public key, then call `mbedtls_ecdh_calc_secret` or `mbedtls_dhm_calc_secret` to calculate the shared secret.
-5. Free the context with `mbedtls_ecdh_free` or `mbedtls_dhm_free`.
-
-The corresponding workflow with the PSA API is as follows:
-
-1. Setup phase:
- 1. Generate an ECDH or DHM key pair with `psa_generate_key` as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”.
- 2. Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain our public key.
- 3. Format a ServerKeyExchange message containing the curve/group selection and our public key.
-2. Send the ServerKeyExchange message to the peer.
-3. Retrieve the peer's public key.
-4. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output).
- Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”).
-5. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to free the resources associated with our key pair.
-
-#### Translating a legacy ephemeral key agreement TLS client workflow
-
-The legacy API offers the following workflow for an ephemeral Diffie-Hellman key agreement in a TLS 1.2 client. The PSA version of this workflow can also be used with other protocols, on the side of the party that receives a message indicating both the choice of curve or group, and the peer's public key.
-
-1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key:
- 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`.
- 2. Call `mbedtls_ecdh_read_params` or `mbedtls_dhm_read_params` to input the data from the ServerKeyExchange message.
-2. Call `mbedtls_ecdh_make_public` or `mbedtls_dh_make_public` to generate our private key and export our public key.
-3. Send our public key to the peer.
-4. Call `mbedtls_ecdh_calc_secret` or `mbedtls_dhm_calc_secret` to calculate the shared secret.
-5. Free the context with `mbedtls_ecdh_free` or `mbedtls_dhm_free`.
-
-The corresponding workflow with the PSA API is as follows:
-
-1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key:
- 1. Decode the selected curve/group and use this to determine a PSA key type (`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)` or `PSA_KEY_TYPE_DH_KEY_PAIR(group)`), a key size and an algorithm.
-2. Generate an ECDH or DHM key pair with `psa_generate_key` as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”.
- Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain our public key.
-3. Send our public key to the peer.
-4. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output).
- Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”).
-5. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to free the resources associated with our key pair.
-
-#### ECDH and DHM metadata functions
-
-You can obtain data and metadata from an ECDH key agreement through the PSA API as follows:
-
-* With either side, accessing the group: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the key identifier, then [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain metadata about the key.
-* Accessing our public key: call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on the PSA key identifier.
-* Accessing our private key: call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
-* Accessing the peer's public key: there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately.
-
-The functions `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len` and `mbedtls_dhm_get_value` allow the caller to obtain metadata about the keys used for the key exchange. The PSA equivalents access the key identifier:
-
-* `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len`: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the PSA key identifier, then [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06).
-* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_X` (our private key): call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”).
-* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GX` (our public key): call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on the PSA key identifier.
-* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GY` (peer's public key): the there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately.
-* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_K` (shared secret): this is the value calculated by `psa_raw_key_agreement` or `psa_key_derivation_key_agreement`. If you need to use it multiple times (for example to derive multiple values independently), call `psa_raw_key_agreement` and make a copy.
-* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_P` or `MBEDTLS_DHM_PARAM_G` (group parameters): [there is no PSA API to retrieve these values](https://github.com/Mbed-TLS/mbedtls/issues/7780).
-
-The PSA API for finite-field Diffie-Hellman only supports predefined groups. Therefore there is no equivalent to `mbedtls_dhm_parse_dhm`, `mbedtls_dhm_parse_dhmfile`, and the `MBEDTLS_DHM_xxx_BIN` macros.
-
-#### Restartable key agreement
-
-Restartable key agreement (enabled by `mbedtls_ecdh_enable_restart`) is not yet available through the PSA API. It will be added under the name “interruptible key agreement” in a future version of the library, with an interface that's similar to the interruptible signature interface described in “[Restartable ECDSA signature](#restartable-ecdsa-signature)”.
-
-### Additional information about Elliptic-curve cryptography
-
-#### Information about a curve
-
-The legacy API identifies a curve by an `MBEDTLS_ECP_DP_xxx` value of type `mbedtls_ecp_group_id`. The PSA API identifies a curve by a `PSA_ECC_FAMILY_xxx` value and the private value's bit-size. See “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” for the correspondence between the two sets of values.
-
-There is no PSA equivalent of the `mbedtls_ecp_group` data structure (and so no equivalent to `mbedtls_ecp_group_init`, `mbedtls_ecp_group_load`, `mbedtls_ecp_group_copy` and `mbedtls_ecp_group_free`) or of the `mbedtls_ecp_curve_info` data structure (and so no equivalent to `mbedtls_ecp_curve_info_from_grp_id`) because they are not needed. All API elements identify the curve directly by its family and size.
-
-The bit-size used by the PSA API is the size of the private key. For most curves, the PSA bit-size, the `bit_size` field in `mbedtls_ecp_curve_info`, the `nbits` field in `mbedtls_ecp_group` and the `pbits` field in `mbedtls_ecp_group` are the same. The following table lists curves for which they are different.
-
-| Curve | `grp->nbits` | `grp->pbits` | `curve_info->bit_size` | PSA bit-size |
-| ----- | ------------ | ------------ | ---------------------- | ------------ |
-| secp224k1 | 225 | 224 | 224 | not supported |
-| Curve25519 | 253 | 255 | 256 | 255 |
-| Curve448 | 446 | 448 | 448 | 448 |
-
-There is no exact PSA equivalent of the type `mbedtls_ecp_curve_type` and the function `mbedtls_ecp_get_type`, but the curve family encodes the same information. `PSA_ECC_FAMILY_MONTGOMERY` is the only Montgomery family. All other families supported in Mbed TLS 3.4.0 are short Weierstrass families.
-
-There is no PSA equivalent for the following functionality:
-
-* The `name` field of `mbedtls_ecp_curve_info`, and the function `mbedtls_ecp_curve_info_from_name`. There is no equivalent of Mbed TLS's lookup based on the name used for the curve in TLS specifications.
-* The `tls_id` field of `mbedtls_ecp_curve_info`, the constant `MBEDTLS_ECP_TLS_NAMED_CURVE`, and the functions `mbedtls_ecp_curve_info_from_tls_id`, `mbedtls_ecp_tls_read_group`, `mbedtls_ecp_tls_read_group_id` and `mbedtls_ecp_tls_write_group`. The PSA crypto API does not have this dedicated support for the TLS protocol.
-* Retrieving the parameters of a curve from the fields of an `mbedtls_ecp_group` structure.
-
-#### Information about supported curves
-
-The PSA API does not currently have a discovery mechanism for cryptographic mechanisms (although one may be added in the future). Thus there is no equivalent for `MBEDTLS_ECP_DP_MAX` and the functions `mbedtls_ecp_curve_list` and `mbedtls_ecp_grp_id_list`.
-
-The API provides macros that give the maximum supported sizes for various kinds of objects. The following table lists equivalents for `MBEDTLS_ECP_MAX_xxx` macros.
-
-| Legacy macro | PSA equivalent |
-| ------------ | -------------- |
-| `MBEDTLS_ECP_MAX_BITS` | [`PSA_VENDOR_ECC_MAX_CURVE_BITS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_VENDOR_ECC_MAX_CURVE_BITS) |
-| `MBEDTLS_ECP_MAX_BYTES` | `PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)` |
-| `MBEDTLS_ECP_MAX_PT_LEN` | [`PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE) |
-
-#### Restartable ECC
-
-The PSA API supports the equivalent of restartable operations, but only for signatures at the time of writing. See “[Restartable ECDSA signature](#restartable-ecdsa-signature)”.
-
-There is no PSA API for elliptic curve arithmetic as such, and therefore no equivalent of `mbedtls_ecp_restart_ctx` and functions that operate on it.
-
-There is PSA no equivalent of the `MBEDTLS_ECP_OPS_xxx` constants.
-
-#### ECC functionality with no PSA equivalent
-
-There is no PSA equivalent of `mbedtls_ecdsa_can_do` and `mbedtls_ecdh_can_do` to query the capabilities of a curve at runtime. Check the documentation of each curve family to see what algorithms it supports.
-
-There is no PSA equivalent to the types `mbedtls_ecdsa_context` and `mbedtls_ecdsa_restart_ctx`, and to basic ECDSA context manipulation functions including `mbedtls_ecdsa_from_keypair`, because they are not needed: the PSA API does not have ECDSA-specific context types.
-
-#### No curve arithmetic
-
-The PSA API is a cryptography API, not an arithmetic API. As a consequence, there is no PSA equivalent for the ECC arithmetic functionality exposed by `ecp.h`:
-
-* Manipulation of point objects and input-output: the type `mbedtls_ecp_point` and functions operating on it (`mbedtls_ecp_point_xxx`, `mbedtls_ecp_copy`, `mbedtls_ecp_{set,is}_zero`, `mbedtls_ecp_tls_{read,write}_point`). Note that the PSA export format for public keys corresponds to the uncompressed point format (`MBEDTLS_ECP_PF_UNCOMPRESSED`), so [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b), [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) and [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) are equivalent to `mbedtls_ecp_point_read_binary` and `mbedtls_ecp_point_write_binary` for uncompressed points. The PSA API does not currently support compressed points, but it is likely that such support will be added in the future.
-* Manipulation of key pairs as such, with a bridge to bignum arithmetic (`mbedtls_ecp_keypair` type, `mbedtls_ecp_export`). However, the PSA export format for ECC private keys used by [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b), [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) is the same as the format used by `mbedtls_ecp_read_key` and `mbedtls_ecp_write_key_ext`.
-* Elliptic curve arithmetic (`mbedtls_ecp_mul`, `mbedtls_ecp_muladd` and their restartable variants).
-
-### Additional information about RSA
-
-#### RSA-ALT interface
-
-Implementers of the RSA-ALT interface (`MBEDTLS_PK_RSA_ALT` pk type, `mbedtls_pk_setup_rsa_alt` setup function) should migrate to the [PSA cryptoprocessor driver interface](https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/development/docs/psa-driver-example-and-guide.md).
-
-* If the purpose of the ALT interface is acceleration only: use the accelerator driver interface. This is fully transparent to application code.
-* If the purpose of the ALT interface is to isolate the private key in a high-security environment: use the opaque driver interface. This is mostly transparent to user code. Code that uses a key via its key identifier does not need to know whether the key is transparent (equivalent of `MBEDTLS_PK_RSA`) or opaque (equivalent of `MBEDTLS_PK_RSA_ALT`). When creating a key, it will be transparent by default; to create an opaque key, call [`psa_set_key_lifetime`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac03ccf09ca6d36cc3d5b43f8303db6f7) to set the key's location to the chosen location value for the driver, e.g.
- ```
- psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
- PSA_KEY_PERSISTENCE_VOLATILE, MY_RSA_DRIVER_LOCATION));
- ```
-
-The PSA subsystem uses its internal random generator both for randomized algorithms and to generate blinding values. As a consequence, none of the API functions take an RNG parameter.
-
-#### RSA functionality with no PSA equivalent
-
-The PSA API does not provide direct access to the exponentiation primitive as with `mbedtls_rsa_public` and `mbedtls_rsa_private`. If you need an RSA-based mechanism that is not supported by the PSA API, please [submit an issue on GitHub](https://github.com/ARM-software/psa-api/issues) so that we can extend the API to support it.
-
-The PSA API does not support constructing RSA keys progressively from numbers with `mbedtls_rsa_import` or `mbedtls_rsa_import_raw` followed by `mbedtls_rsa_complete`. See “[Importing a PK key by wrapping](#importing-a-pk-key-by-wrapping)”.
-
-There is no direct equivalent of `mbedtls_rsa_export`, `mbedtls_rsa_export_raw` and `mbedtls_rsa_export_crt` to export some of the numbers in a key. You can export the whole key with `psa_export_key`, or with `psa_export_public_key` to export the public key from a key pair object. See also “[Exporting a public key or a key pair](#exporting-a-public-key-or-a-key-pair)”.
-
-A PSA key object is immutable, so there is no need for an equivalent of `mbedtls_rsa_copy`. (There is a function `psa_copy_key`, but it is only useful to make a copy of a key with a different policy of ownership; both concepts are out of scope of this document since they have no equivalent in the legacy API.)
-
-### LMS signatures
-
-A future version of Mbed TLS will support LMS keys and signatures through the PSA API (`psa_generate_key`, `psa_export_public_key`, `psa_import_key`, `psa_sign_hash`, `psa_verify_hash`, etc.). However, this is likely to happen after Mbed TLS 4.0, therefore the next major version of Mbed TLS will likely keep the existing `lms.h` interface.
-
-### PK format support interfaces
-
-The interfaces in `base64.h`, `asn1.h`, `asn1write.h`, `oid.h` and `pem.h` are intended to support X.509 and key file formats. They have no PSA equivalent since they are not directly about cryptography.
-
-In Mbed TLS 4.0, we are planning to keep the ASN.1 interfaces mostly unchanged. The evolution of Base64, OID and PEM as separate interfaces is still undecided at the time of writing.
-
-## EC-JPAKE
-
-The PSA API exposes EC-JPAKE via the algorithm [`PSA_ALG_JPAKE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#c.PSA_ALG_JPAKE) and the PAKE API functions. At the time of writing, the PAKE API is still experimental, but it should offer the same functionality as the legacy `ecjpake.h`. Please consult the documentation of your version of Mbed TLS for more information.
-
-Please note a few differences between the two APIs: the legacy API is geared towards the use of EC-JPAKE in TLS 1.2, whereas the PSA API is protocol-agnostic.
-
-* The PSA API is finer-grained and offers more flexibility in message ordering. Where the legacy API makes a single function call, the PSA API may require multiple calls.
-* The legacy API uses the TLS 1.2 wire format in the input or output format of several functions. In particular, one of the messages embeds the curve identifier in the TLS protocol. The PSA API uses protocol-agnostic formats.
-* The legacy API always applies the key derivation specified by TLS 1.2 to the shared secret. With the PSA API, use a key derivation with `PSA_ALG_TLS12_ECJPAKE_TO_PMS` for the same calculation.
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index fb4439a..c1d0f36 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -10,10 +10,43 @@
*/
/**
- * @mainpage Mbed TLS v4.0.0 API Documentation
+ * @mainpage Mbed TLS v4.0.0-beta API Documentation
*
- * This documentation describes the internal structure of Mbed TLS. It was
- * automatically generated from specially formatted comment blocks in
- * Mbed TLS's source code using Doxygen. (See
- * https://www.doxygen.nl for more information on Doxygen)
+ * This documentation describes the application programming interface (API)
+ * of Mbed TLS.
+ * It was automatically generated from specially formatted comment blocks in
+ * Mbed TLS's source code using [Doxygen](https://www.doxygen.nl).
+ *
+ * ## Main entry points
+ *
+ * You can explore the full API from the “Files” or “Files list” section.
+ * Locate the header file for the module that you are interested in and
+ * explore its contents.
+ *
+ * Some parts of the API are best explored from the “Topics” or
+ * “Group list” section.
+ * This is notably the case for the PSA Cryptography API.
+ * Note that many parts of the API are not classified under a topic and
+ * can only be seen through the file structure.
+ *
+ * For information on configuring the library at compile time, see the
+ * configuration header files mbedtls/mbedtls_config.h and
+ * psa/crypto_config.h.
+ *
+ * ## Private interfaces
+ *
+ * For technical reasons, the rendered documentation includes elements
+ * that are not considered part of the stable API. Private elements may
+ * be removed or may have their semantics changed in a future minor release
+ * without notice.
+ *
+ * The following elements are considered private:
+ *
+ * - Any header file whose path contains `/private`, and its contents
+ * (unless re-exported and documented in another non-private header).
+ * - Any structure or union field whose name starts with `private_`.
+ * - Any preprocessor macro that is just listed with its automatically
+ * rendered parameter list, value and location. Macros are part of
+ * the API only if their documentation has custom text.
+ *
*/
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 6b09ae3..04a4f17 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -1,4 +1,4 @@
-PROJECT_NAME = "Mbed TLS v4.0.0"
+PROJECT_NAME = "Mbed TLS v4.0.0-beta"
OUTPUT_DIRECTORY = ../apidoc/
FULL_PATH_NAMES = NO
OPTIMIZE_OUTPUT_FOR_C = YES
@@ -6,8 +6,7 @@
EXTRACT_PRIVATE = YES
EXTRACT_STATIC = YES
CASE_SENSE_NAMES = NO
-INPUT = ../include ../tf-psa-crypto/include input ../tf-psa-crypto/drivers/builtin/include ../tests/include/alt-dummy
-EXCLUDE = ../tf-psa-crypto/drivers/builtin/include/mbedtls/build_info.h
+INPUT = ../include input ../tf-psa-crypto/include ../tests/include/alt-dummy
FILE_PATTERNS = *.h
RECURSIVE = YES
EXCLUDE_SYMLINKS = YES
diff --git a/framework b/framework
index 1e7b5d5..893ad9e 160000
--- a/framework
+++ b/framework
@@ -1 +1 @@
-Subproject commit 1e7b5d54d3823b65fd4755bcf60f9ca39cfcbca3
+Subproject commit 893ad9e8450a8e7459679d952abd5d6df26c41c4
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 4328f71..22ddaa8 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -287,14 +287,12 @@
#endif
#if defined(MBEDTLS_X509_USE_C) && \
- (!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \
- !defined(MBEDTLS_PK_PARSE_C))
+ (!defined(MBEDTLS_ASN1_PARSE_C) || !defined(MBEDTLS_PK_PARSE_C))
#error "MBEDTLS_X509_USE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_X509_CREATE_C) && \
- (!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \
- !defined(MBEDTLS_PK_PARSE_C))
+ (!defined(MBEDTLS_ASN1_WRITE_C) || !defined(MBEDTLS_PK_PARSE_C))
#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites"
#endif
@@ -389,7 +387,7 @@
#endif
#if defined(MBEDTLS_PKCS7_C) && ( ( !defined(MBEDTLS_ASN1_PARSE_C) ) || \
- ( !defined(MBEDTLS_OID_C) ) || ( !defined(MBEDTLS_PK_PARSE_C) ) || \
+ ( !defined(MBEDTLS_PK_PARSE_C) ) || \
( !defined(MBEDTLS_X509_CRT_PARSE_C) ) || \
( !defined(MBEDTLS_X509_CRL_PARSE_C) ) || \
( !defined(MBEDTLS_MD_C) ) )
diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h
deleted file mode 100644
index 096341b..0000000
--- a/include/mbedtls/compat-2.x.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * \file compat-2.x.h
- *
- * \brief Compatibility definitions
- *
- * \deprecated Use the new names directly instead
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#warning "Including compat-2.x.h is deprecated"
-#endif
-
-#ifndef MBEDTLS_COMPAT2X_H
-#define MBEDTLS_COMPAT2X_H
-
-/*
- * Macros for renamed functions
- */
-#define mbedtls_ctr_drbg_update_ret mbedtls_ctr_drbg_update
-#define mbedtls_hmac_drbg_update_ret mbedtls_hmac_drbg_update
-#define mbedtls_md5_starts_ret mbedtls_md5_starts
-#define mbedtls_md5_update_ret mbedtls_md5_update
-#define mbedtls_md5_finish_ret mbedtls_md5_finish
-#define mbedtls_md5_ret mbedtls_md5
-#define mbedtls_ripemd160_starts_ret mbedtls_ripemd160_starts
-#define mbedtls_ripemd160_update_ret mbedtls_ripemd160_update
-#define mbedtls_ripemd160_finish_ret mbedtls_ripemd160_finish
-#define mbedtls_ripemd160_ret mbedtls_ripemd160
-#define mbedtls_sha1_starts_ret mbedtls_sha1_starts
-#define mbedtls_sha1_update_ret mbedtls_sha1_update
-#define mbedtls_sha1_finish_ret mbedtls_sha1_finish
-#define mbedtls_sha1_ret mbedtls_sha1
-#define mbedtls_sha256_starts_ret mbedtls_sha256_starts
-#define mbedtls_sha256_update_ret mbedtls_sha256_update
-#define mbedtls_sha256_finish_ret mbedtls_sha256_finish
-#define mbedtls_sha256_ret mbedtls_sha256
-#define mbedtls_sha512_starts_ret mbedtls_sha512_starts
-#define mbedtls_sha512_update_ret mbedtls_sha512_update
-#define mbedtls_sha512_finish_ret mbedtls_sha512_finish
-#define mbedtls_sha512_ret mbedtls_sha512
-
-#endif /* MBEDTLS_COMPAT2X_H */
diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index e6f5dad..b6d4e27 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -37,11 +37,6 @@
mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X)
#endif
-#if defined(MBEDTLS_ECP_C)
-#define MBEDTLS_SSL_DEBUG_ECP(level, text, X) \
- mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X)
-#endif
-
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if !defined(MBEDTLS_X509_REMOVE_INFO)
#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) \
@@ -51,11 +46,6 @@
#endif /* MBEDTLS_X509_REMOVE_INFO */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_ECDH_C)
-#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) \
- mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
-#endif
-
#else /* MBEDTLS_DEBUG_C */
#define MBEDTLS_SSL_DEBUG_MSG(level, args) do { } while (0)
@@ -64,7 +54,6 @@
#define MBEDTLS_SSL_DEBUG_MPI(level, text, X) do { } while (0)
#define MBEDTLS_SSL_DEBUG_ECP(level, text, X) do { } while (0)
#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0)
-#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) do { } while (0)
#endif /* MBEDTLS_DEBUG_C */
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index d5a4883..ddab7d0 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1100,7 +1100,7 @@
*
* Module: library/pkcs7.c
*
- * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_PK_PARSE_C,
* MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C,
* MBEDTLS_BIGNUM_C, MBEDTLS_MD_C
*
@@ -1115,7 +1115,7 @@
*
* Module: library/x509_create.c
*
- * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_PK_PARSE_C,
*
* \warning You must call psa_crypto_init() before doing any X.509 operation.
*
@@ -1247,7 +1247,7 @@
* library/x509_crt.c
* library/x509_csr.c
*
- * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_PK_PARSE_C
*
* \warning You must call psa_crypto_init() before doing any X.509 operation.
*
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
new file mode 100644
index 0000000..375ea60
--- /dev/null
+++ b/include/mbedtls/oid.h
@@ -0,0 +1,303 @@
+/**
+ * \file oid.h
+ *
+ * \brief Object Identifier (OID) values
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_OID_H
+#define MBEDTLS_OID_H
+
+#include "mbedtls/build_info.h"
+
+/*
+ * Top level OID tuples
+ */
+#define MBEDTLS_OID_ISO_MEMBER_BODIES "\x2a" /* {iso(1) member-body(2)} */
+#define MBEDTLS_OID_ISO_IDENTIFIED_ORG "\x2b" /* {iso(1) identified-organization(3)} */
+#define MBEDTLS_OID_ISO_CCITT_DS "\x55" /* {joint-iso-ccitt(2) ds(5)} */
+#define MBEDTLS_OID_ISO_ITU_COUNTRY "\x60" /* {joint-iso-itu-t(2) country(16)} */
+
+/*
+ * ISO Member bodies OID parts
+ */
+#define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */
+#define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
+#define MBEDTLS_OID_RSA_COMPANY MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
+ MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
+#define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */
+#define MBEDTLS_OID_ANSI_X9_62 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
+ MBEDTLS_OID_ORG_ANSI_X9_62
+
+/*
+ * ISO Identified organization OID parts
+ */
+#define MBEDTLS_OID_ORG_DOD "\x06" /* {dod(6)} */
+#define MBEDTLS_OID_ORG_OIW "\x0e"
+#define MBEDTLS_OID_OIW_SECSIG MBEDTLS_OID_ORG_OIW "\x03"
+#define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02"
+#define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a"
+#define MBEDTLS_OID_ORG_THAWTE "\x65" /* thawte(101) */
+#define MBEDTLS_OID_THAWTE MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+ MBEDTLS_OID_ORG_THAWTE
+#define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
+#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+ MBEDTLS_OID_ORG_CERTICOM
+#define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */
+#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+ MBEDTLS_OID_ORG_TELETRUST
+
+/*
+ * ISO ITU OID parts
+ */
+#define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */
+#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \
+ MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
+
+#define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */
+#define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
+
+#define MBEDTLS_OID_ORG_NETSCAPE "\x86\xF8\x42" /* {netscape(113730)} */
+#define MBEDTLS_OID_NETSCAPE MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_NETSCAPE /* Netscape OID {joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730)} */
+
+/* ISO arc for standard certificate and CRL extensions */
+#define MBEDTLS_OID_ID_CE MBEDTLS_OID_ISO_CCITT_DS "\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */
+
+#define MBEDTLS_OID_NIST_ALG MBEDTLS_OID_GOV "\x03\x04" /** { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) */
+
+/**
+ * Private Internet Extensions
+ * { iso(1) identified-organization(3) dod(6) internet(1)
+ * security(5) mechanisms(5) pkix(7) }
+ */
+#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD \
+ "\x01"
+#define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07"
+
+/*
+ * Arc for standard naming attributes
+ */
+#define MBEDTLS_OID_AT MBEDTLS_OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
+#define MBEDTLS_OID_AT_CN MBEDTLS_OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */
+#define MBEDTLS_OID_AT_SUR_NAME MBEDTLS_OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */
+#define MBEDTLS_OID_AT_SERIAL_NUMBER MBEDTLS_OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */
+#define MBEDTLS_OID_AT_COUNTRY MBEDTLS_OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */
+#define MBEDTLS_OID_AT_LOCALITY MBEDTLS_OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */
+#define MBEDTLS_OID_AT_STATE MBEDTLS_OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */
+#define MBEDTLS_OID_AT_ORGANIZATION MBEDTLS_OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */
+#define MBEDTLS_OID_AT_ORG_UNIT MBEDTLS_OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
+#define MBEDTLS_OID_AT_TITLE MBEDTLS_OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */
+#define MBEDTLS_OID_AT_POSTAL_ADDRESS MBEDTLS_OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */
+#define MBEDTLS_OID_AT_POSTAL_CODE MBEDTLS_OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */
+#define MBEDTLS_OID_AT_GIVEN_NAME MBEDTLS_OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
+#define MBEDTLS_OID_AT_INITIALS MBEDTLS_OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
+#define MBEDTLS_OID_AT_GENERATION_QUALIFIER MBEDTLS_OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
+#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributeType:= {id-at 45} */
+#define MBEDTLS_OID_AT_DN_QUALIFIER MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
+#define MBEDTLS_OID_AT_PSEUDONYM MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */
+
+#define MBEDTLS_OID_UID "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x01" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) uid(1)} */
+#define MBEDTLS_OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */
+
+/*
+ * OIDs for standard certificate extensions
+ */
+#define MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */
+#define MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */
+#define MBEDTLS_OID_KEY_USAGE MBEDTLS_OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */
+#define MBEDTLS_OID_CERTIFICATE_POLICIES MBEDTLS_OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */
+#define MBEDTLS_OID_POLICY_MAPPINGS MBEDTLS_OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */
+#define MBEDTLS_OID_SUBJECT_ALT_NAME MBEDTLS_OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */
+#define MBEDTLS_OID_ISSUER_ALT_NAME MBEDTLS_OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */
+#define MBEDTLS_OID_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */
+#define MBEDTLS_OID_BASIC_CONSTRAINTS MBEDTLS_OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */
+#define MBEDTLS_OID_NAME_CONSTRAINTS MBEDTLS_OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */
+#define MBEDTLS_OID_POLICY_CONSTRAINTS MBEDTLS_OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */
+#define MBEDTLS_OID_EXTENDED_KEY_USAGE MBEDTLS_OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */
+#define MBEDTLS_OID_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */
+#define MBEDTLS_OID_INIHIBIT_ANYPOLICY MBEDTLS_OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */
+#define MBEDTLS_OID_FRESHEST_CRL MBEDTLS_OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */
+
+/*
+ * Certificate policies
+ */
+#define MBEDTLS_OID_ANY_POLICY MBEDTLS_OID_CERTIFICATE_POLICIES "\x00" /**< anyPolicy OBJECT IDENTIFIER ::= { id-ce-certificatePolicies 0 } */
+
+/*
+ * Netscape certificate extensions
+ */
+#define MBEDTLS_OID_NS_CERT MBEDTLS_OID_NETSCAPE "\x01"
+#define MBEDTLS_OID_NS_CERT_TYPE MBEDTLS_OID_NS_CERT "\x01"
+#define MBEDTLS_OID_NS_BASE_URL MBEDTLS_OID_NS_CERT "\x02"
+#define MBEDTLS_OID_NS_REVOCATION_URL MBEDTLS_OID_NS_CERT "\x03"
+#define MBEDTLS_OID_NS_CA_REVOCATION_URL MBEDTLS_OID_NS_CERT "\x04"
+#define MBEDTLS_OID_NS_RENEWAL_URL MBEDTLS_OID_NS_CERT "\x07"
+#define MBEDTLS_OID_NS_CA_POLICY_URL MBEDTLS_OID_NS_CERT "\x08"
+#define MBEDTLS_OID_NS_SSL_SERVER_NAME MBEDTLS_OID_NS_CERT "\x0C"
+#define MBEDTLS_OID_NS_COMMENT MBEDTLS_OID_NS_CERT "\x0D"
+#define MBEDTLS_OID_NS_DATA_TYPE MBEDTLS_OID_NETSCAPE "\x02"
+#define MBEDTLS_OID_NS_CERT_SEQUENCE MBEDTLS_OID_NS_DATA_TYPE "\x05"
+
+/*
+ * OIDs for CRL extensions
+ */
+#define MBEDTLS_OID_PRIVATE_KEY_USAGE_PERIOD MBEDTLS_OID_ID_CE "\x10"
+#define MBEDTLS_OID_CRL_NUMBER MBEDTLS_OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */
+
+/*
+ * X.509 v3 Extended key usage OIDs
+ */
+#define MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE MBEDTLS_OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */
+
+#define MBEDTLS_OID_KP MBEDTLS_OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */
+#define MBEDTLS_OID_SERVER_AUTH MBEDTLS_OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */
+#define MBEDTLS_OID_CLIENT_AUTH MBEDTLS_OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */
+#define MBEDTLS_OID_CODE_SIGNING MBEDTLS_OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */
+#define MBEDTLS_OID_EMAIL_PROTECTION MBEDTLS_OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */
+#define MBEDTLS_OID_TIME_STAMPING MBEDTLS_OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */
+#define MBEDTLS_OID_OCSP_SIGNING MBEDTLS_OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */
+
+/**
+ * Wi-SUN Alliance Field Area Network
+ * { iso(1) identified-organization(3) dod(6) internet(1)
+ * private(4) enterprise(1) WiSUN(45605) FieldAreaNetwork(1) }
+ */
+#define MBEDTLS_OID_WISUN_FAN MBEDTLS_OID_INTERNET "\x04\x01\x82\xe4\x25\x01"
+
+#define MBEDTLS_OID_ON MBEDTLS_OID_PKIX "\x08" /**< id-on OBJECT IDENTIFIER ::= { id-pkix 8 } */
+#define MBEDTLS_OID_ON_HW_MODULE_NAME MBEDTLS_OID_ON "\x04" /**< id-on-hardwareModuleName OBJECT IDENTIFIER ::= { id-on 4 } */
+
+/*
+ * PKCS definition OIDs
+ */
+
+#define MBEDTLS_OID_PKCS MBEDTLS_OID_RSA_COMPANY "\x01" /**< pkcs OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 1 } */
+#define MBEDTLS_OID_PKCS1 MBEDTLS_OID_PKCS "\x01" /**< pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } */
+#define MBEDTLS_OID_PKCS5 MBEDTLS_OID_PKCS "\x05" /**< pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } */
+#define MBEDTLS_OID_PKCS7 MBEDTLS_OID_PKCS "\x07" /**< pkcs-7 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 7 } */
+#define MBEDTLS_OID_PKCS9 MBEDTLS_OID_PKCS "\x09" /**< pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } */
+#define MBEDTLS_OID_PKCS12 MBEDTLS_OID_PKCS "\x0c" /**< pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } */
+
+/*
+ * PKCS#1 OIDs
+ */
+#define MBEDTLS_OID_PKCS1_MD5 MBEDTLS_OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */
+#define MBEDTLS_OID_PKCS1_SHA1 MBEDTLS_OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */
+#define MBEDTLS_OID_PKCS1_SHA224 MBEDTLS_OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */
+#define MBEDTLS_OID_PKCS1_SHA256 MBEDTLS_OID_PKCS1 "\x0b" /**< sha256WithRSAEncryption ::= { pkcs-1 11 } */
+#define MBEDTLS_OID_PKCS1_SHA384 MBEDTLS_OID_PKCS1 "\x0c" /**< sha384WithRSAEncryption ::= { pkcs-1 12 } */
+#define MBEDTLS_OID_PKCS1_SHA512 MBEDTLS_OID_PKCS1 "\x0d" /**< sha512WithRSAEncryption ::= { pkcs-1 13 } */
+
+#define MBEDTLS_OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
+
+#define MBEDTLS_OID_PKCS9_EMAIL MBEDTLS_OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */
+
+/* RFC 4055 */
+#define MBEDTLS_OID_RSASSA_PSS MBEDTLS_OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */
+#define MBEDTLS_OID_MGF1 MBEDTLS_OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */
+
+/*
+ * Digest algorithms
+ */
+#define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+ MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA384 MBEDTLS_OID_NIST_ALG "\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA512 MBEDTLS_OID_NIST_ALG "\x02\x03" /**< id-mbedtls_sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */
+
+#define MBEDTLS_OID_DIGEST_ALG_RIPEMD160 MBEDTLS_OID_TELETRUST "\x03\x02\x01" /**< id-ripemd160 OBJECT IDENTIFIER :: { iso(1) identified-organization(3) teletrust(36) algorithm(3) hashAlgorithm(2) ripemd160(1) } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */
+
+/*
+ * PKCS#7 OIDs
+ */
+#define MBEDTLS_OID_PKCS7_DATA MBEDTLS_OID_PKCS7 "\x01" /**< Content type is Data OBJECT IDENTIFIER ::= {pkcs-7 1} */
+#define MBEDTLS_OID_PKCS7_SIGNED_DATA MBEDTLS_OID_PKCS7 "\x02" /**< Content type is Signed Data OBJECT IDENTIFIER ::= {pkcs-7 2} */
+#define MBEDTLS_OID_PKCS7_ENVELOPED_DATA MBEDTLS_OID_PKCS7 "\x03" /**< Content type is Enveloped Data OBJECT IDENTIFIER ::= {pkcs-7 3} */
+#define MBEDTLS_OID_PKCS7_SIGNED_AND_ENVELOPED_DATA MBEDTLS_OID_PKCS7 "\x04" /**< Content type is Signed and Enveloped Data OBJECT IDENTIFIER ::= {pkcs-7 4} */
+#define MBEDTLS_OID_PKCS7_DIGESTED_DATA MBEDTLS_OID_PKCS7 "\x05" /**< Content type is Digested Data OBJECT IDENTIFIER ::= {pkcs-7 5} */
+#define MBEDTLS_OID_PKCS7_ENCRYPTED_DATA MBEDTLS_OID_PKCS7 "\x06" /**< Content type is Encrypted Data OBJECT IDENTIFIER ::= {pkcs-7 6} */
+
+#define MBEDTLS_OID_PKCS9_CSR_EXT_REQ MBEDTLS_OID_PKCS9 "\x0e" /**< extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} */
+
+
+/*
+ * ECDSA signature identifiers, from RFC 5480
+ */
+#define MBEDTLS_OID_ANSI_X9_62_SIG MBEDTLS_OID_ANSI_X9_62 "\x04" /* signatures(4) */
+#define MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 MBEDTLS_OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */
+
+/* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= {
+ * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } */
+#define MBEDTLS_OID_ECDSA_SHA1 MBEDTLS_OID_ANSI_X9_62_SIG "\x01"
+
+/* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= {
+ * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ * ecdsa-with-SHA2(3) 1 } */
+#define MBEDTLS_OID_ECDSA_SHA224 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x01"
+
+/* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= {
+ * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ * ecdsa-with-SHA2(3) 2 } */
+#define MBEDTLS_OID_ECDSA_SHA256 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x02"
+
+/* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= {
+ * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ * ecdsa-with-SHA2(3) 3 } */
+#define MBEDTLS_OID_ECDSA_SHA384 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x03"
+
+/* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= {
+ * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ * ecdsa-with-SHA2(3) 4 } */
+#define MBEDTLS_OID_ECDSA_SHA512 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x04"
+
+#if defined(MBEDTLS_X509_USE_C)
+/**
+ * \brief Translate an ASN.1 OID into its numeric representation
+ * (e.g. "\x2A\x86\x48\x86\xF7\x0D" into "1.2.840.113549")
+ *
+ * \param buf buffer to put representation in
+ * \param size size of the buffer
+ * \param oid OID to translate
+ *
+ * \return Length of the string written (excluding final NULL) or
+ * PSA_ERROR_BUFFER_TOO_SMALL in case of error
+ */
+int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid);
+#endif /* MBEDTLS_X509_USE_C */
+
+#if defined(MBEDTLS_X509_CREATE_C)
+/**
+ * \brief Translate a string containing a dotted-decimal
+ * representation of an ASN.1 OID into its encoded form
+ * (e.g. "1.2.840.113549" into "\x2A\x86\x48\x86\xF7\x0D").
+ * On success, this function allocates oid->buf from the
+ * heap. It must be freed by the caller using mbedtls_free().
+ *
+ * \param oid #mbedtls_asn1_buf to populate with the DER-encoded OID
+ * \param oid_str string representation of the OID to parse
+ * \param size length of the OID string, not including any null terminator
+ *
+ * \return 0 if successful
+ * \return #MBEDTLS_ERR_ASN1_INVALID_DATA if \p oid_str does not
+ * represent a valid OID
+ * \return #MBEDTLS_ERR_ASN1_ALLOC_FAILED if the function fails to
+ * allocate oid->buf
+ */
+int mbedtls_oid_from_numeric_string(mbedtls_asn1_buf *oid, const char *oid_str, size_t size);
+#endif /* MBEDTLS_X509_CREATE_C */
+
+#endif /* oid.h */
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index c77cec8..7ea0174 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -987,20 +987,10 @@
* to store an operation context for later retrieval
* by the resume or cancel callback.
*
- * \note For RSA signatures, this function must produce output
- * that is consistent with PKCS#1 v1.5 in the same way as
- * mbedtls_rsa_pkcs1_sign(). Before the private key operation,
- * apply the padding steps described in RFC 8017, section 9.2
- * "EMSA-PKCS1-v1_5" as follows.
- * - If \p md_alg is #MBEDTLS_MD_NONE, apply the PKCS#1 v1.5
- * encoding, treating \p hash as the DigestInfo to be
- * padded. In other words, apply EMSA-PKCS1-v1_5 starting
- * from step 3, with `T = hash` and `tLen = hash_len`.
- * - If `md_alg != MBEDTLS_MD_NONE`, apply the PKCS#1 v1.5
- * encoding, treating \p hash as the hash to be encoded and
- * padded. In other words, apply EMSA-PKCS1-v1_5 starting
- * from step 2, with `digestAlgorithm` obtained by calling
- * mbedtls_oid_get_oid_by_md() on \p md_alg.
+ * \note For an RSA key, this function must produce a PKCS#1v1.5
+ * signature in the standard format (like
+ * #PSA_ALG_RSA_PKCS1V15_SIGN). \c md_alg is guaranteed to be
+ * a hash that is supported by the library.
*
* \note For ECDSA signatures, the output format is the DER encoding
* `Ecdsa-Sig-Value` defined in
@@ -1569,7 +1559,7 @@
#endif /* MBEDTLS_SSL_EARLY_DATA */
#if defined(MBEDTLS_SSL_ALPN)
- const char **MBEDTLS_PRIVATE(alpn_list); /*!< ordered list of protocols */
+ const char *const *MBEDTLS_PRIVATE(alpn_list); /*!< ordered list of protocols */
#endif
#if defined(MBEDTLS_SSL_DTLS_SRTP)
@@ -4011,7 +4001,8 @@
*
* \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
*/
-int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos);
+int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf,
+ const char *const *protos);
/**
* \brief Get the name of the negotiated Application Layer Protocol.
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 18df19c..b1a80e3 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -167,26 +167,23 @@
*
* Comments refer to the status for using certificates. Status can be
* different for writing certificates or reading CRLs or CSRs.
- *
- * Those are defined in oid.h as oid.c needs them in a data structure. Since
- * these were previously defined here, let's have aliases for compatibility.
*/
-#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER
-#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER
-#define MBEDTLS_X509_EXT_KEY_USAGE MBEDTLS_OID_X509_EXT_KEY_USAGE
-#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES
-#define MBEDTLS_X509_EXT_POLICY_MAPPINGS MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS
-#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME /* Supported (DNS) */
-#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME
-#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS
-#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS /* Supported */
-#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS
-#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS
-#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE
-#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS
-#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY
-#define MBEDTLS_X509_EXT_FRESHEST_CRL MBEDTLS_OID_X509_EXT_FRESHEST_CRL
-#define MBEDTLS_X509_EXT_NS_CERT_TYPE MBEDTLS_OID_X509_EXT_NS_CERT_TYPE
+#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
+#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
+#define MBEDTLS_X509_EXT_KEY_USAGE (1 << 2)
+#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES (1 << 3)
+#define MBEDTLS_X509_EXT_POLICY_MAPPINGS (1 << 4)
+#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */
+#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME (1 << 6)
+#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
+#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */
+#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS (1 << 9)
+#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS (1 << 10)
+#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE (1 << 11)
+#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
+#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
+#define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14)
+#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16)
/*
* Storage format identifiers
@@ -332,7 +329,8 @@
* call to mbedtls_asn1_free_named_data_list().
*
* \param[out] head Address in which to store the pointer to the head of the
- * allocated list of mbedtls_x509_name
+ * allocated list of mbedtls_x509_name. Must point to NULL on
+ * entry.
* \param[in] name The string representation of a DN to convert
*
* \return 0 on success, or a negative error code.
@@ -492,38 +490,6 @@
p += (size_t) ret; \
} while (0)
-/**
- * \brief Translate an ASN.1 OID into its numeric representation
- * (e.g. "\x2A\x86\x48\x86\xF7\x0D" into "1.2.840.113549")
- *
- * \param buf buffer to put representation in
- * \param size size of the buffer
- * \param oid OID to translate
- *
- * \return Length of the string written (excluding final NULL) or
- * MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
- */
-int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid);
-
-/**
- * \brief Translate a string containing a dotted-decimal
- * representation of an ASN.1 OID into its encoded form
- * (e.g. "1.2.840.113549" into "\x2A\x86\x48\x86\xF7\x0D").
- * On success, this function allocates oid->buf from the
- * heap. It must be freed by the caller using mbedtls_free().
- *
- * \param oid #mbedtls_asn1_buf to populate with the DER-encoded OID
- * \param oid_str string representation of the OID to parse
- * \param size length of the OID string, not including any null terminator
- *
- * \return 0 if successful
- * \return #MBEDTLS_ERR_ASN1_INVALID_DATA if \p oid_str does not
- * represent a valid OID
- * \return #MBEDTLS_ERR_ASN1_ALLOC_FAILED if the function fails to
- * allocate oid->buf
- */
-int mbedtls_oid_from_numeric_string(mbedtls_asn1_buf *oid, const char *oid_str, size_t size);
-
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index e08767e..e59d165 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -83,7 +83,6 @@
mbedtls_x509_buf MBEDTLS_PRIVATE(sig);
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
- void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
/** Next element in the linked list of CRL.
* \p NULL indicates the end of the list.
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 9817d35..a3f0789 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -82,7 +82,6 @@
mbedtls_x509_buf MBEDTLS_PRIVATE(sig); /**< Signature: hash of the tbs part signed with the private key. */
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
- void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
/** Next certificate in the linked list that constitutes the CA chain.
* \p NULL indicates the end of the list.
@@ -273,7 +272,7 @@
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
} mbedtls_x509_crt_verify_chain;
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
/**
* \brief Context for resuming X.509 verify operations
@@ -300,12 +299,12 @@
} mbedtls_x509_crt_restart_ctx;
-#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+#else /* MBEDTLS_ECP_RESTARTABLE */
/* Now we can declare functions that take a pointer to that */
typedef void mbedtls_x509_crt_restart_ctx;
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+#endif /* MBEDTLS_ECP_RESTARTABLE */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**
@@ -734,7 +733,7 @@
* to disable restartable ECC.
*
* \return See \c mbedtls_crt_verify_with_profile(), or
- * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ * \return #PSA_OPERATION_INCOMPLETE if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops().
*/
int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt,
@@ -881,7 +880,7 @@
*/
void mbedtls_x509_crt_free(mbedtls_x509_crt *crt);
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
/**
* \brief Initialize a restart context
*/
@@ -891,7 +890,7 @@
* \brief Free the components of a restart context
*/
void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx);
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+#endif /* MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index f9eb04d..bed1c95 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -56,7 +56,6 @@
mbedtls_x509_buf MBEDTLS_PRIVATE(sig);
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
- void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
}
mbedtls_x509_csr;
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index a32b4bc..451dbfd 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -6,6 +6,7 @@
x509_crl.c
x509_crt.c
x509_csr.c
+ x509_oid.c
x509write.c
x509write_crt.c
x509write_csr.c
@@ -170,7 +171,7 @@
add_library(${mbedx509_target} SHARED ${src_x509})
set_base_compile_options(${mbedx509_target})
target_compile_options(${mbedx509_target} PRIVATE ${LIBS_C_FLAGS})
- set_target_properties(${mbedx509_target} PROPERTIES VERSION 4.0.0 SOVERSION 7)
+ set_target_properties(${mbedx509_target} PROPERTIES VERSION 4.0.0 SOVERSION 8)
target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${tfpsacrypto_target})
add_library(${mbedtls_target} SHARED ${src_tls})
diff --git a/library/Makefile b/library/Makefile
index 1c0e4d9..a880f26 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -82,7 +82,7 @@
endif
SOEXT_TLS?=so.21
-SOEXT_X509?=so.7
+SOEXT_X509?=so.8
SOEXT_CRYPTO?=so.16
# Set AR_DASH= (empty string) to use an ar implementation that does not accept
@@ -109,82 +109,10 @@
endif
endif
-OBJS_CRYPTO= \
- $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto.o \
- $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_client.o \
- $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers_no_static.o \
- $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_slot_management.o \
- $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_storage.o \
- $(TF_PSA_CRYPTO_CORE_PATH)/psa_its_file.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aes.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aesni.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aesce.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aria.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/asn1parse.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/asn1write.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/base64.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/bignum.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/bignum_core.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/bignum_mod.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/bignum_mod_raw.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/block_cipher.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/camellia.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ccm.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/chacha20.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/chachapoly.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/cipher.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/cipher_wrap.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/cmac.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/constant_time.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ctr_drbg.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/des.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecdh.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecdsa.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecjpake.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp_curves.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp_curves_new.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy_poll.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/gcm.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hkdf.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hmac_drbg.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/lmots.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/lms.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/md.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/md5.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/memory_buffer_alloc.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/nist_kw.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/oid.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pem.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pk.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pk_ecc.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pk_wrap.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pkcs12.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pkcs5.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pkparse.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pkwrite.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/platform.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/platform_util.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/poly1305.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_aead.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_cipher.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_ecp.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_ffdh.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_hash.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_mac.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_pake.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_rsa.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_util.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ripemd160.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/rsa.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/rsa_alt_helpers.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/sha1.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/sha256.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/sha512.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/sha3.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/threading.o \
- # This line is intentionally left blank
+OBJS_CRYPTO = $(patsubst %.c, %.o,$(wildcard $(TF_PSA_CRYPTO_CORE_PATH)/*.c $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/*.c))
+GENERATED_OBJS_CRYPTO = $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers_no_static.o
+OBJS_CRYPTO := $(filter-out $(GENERATED_OBJS_CRYPTO),$(OBJS_CRYPTO))
+OBJS_CRYPTO += $(GENERATED_OBJS_CRYPTO)
THIRDPARTY_DIR := $(MBEDTLS_PATH)/tf-psa-crypto/drivers
include $(MBEDTLS_PATH)/tf-psa-crypto/drivers/everest/Makefile.inc
@@ -198,6 +126,7 @@
x509_crl.o \
x509_crt.o \
x509_csr.o \
+ x509_oid.o \
x509write.o \
x509write_crt.o \
x509write_csr.o \
diff --git a/library/debug.c b/library/debug.c
index a486353..94b1c27 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -167,100 +167,6 @@
}
}
-#if defined(MBEDTLS_ECP_LIGHT)
-void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_ecp_point *X)
-{
- char str[DEBUG_BUF_SIZE];
-
- if (NULL == ssl ||
- NULL == ssl->conf ||
- NULL == ssl->conf->f_dbg ||
- level > debug_threshold) {
- return;
- }
-
- mbedtls_snprintf(str, sizeof(str), "%s(X)", text);
- mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->X);
-
- mbedtls_snprintf(str, sizeof(str), "%s(Y)", text);
- mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->Y);
-}
-#endif /* MBEDTLS_ECP_LIGHT */
-
-#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
-static void mbedtls_debug_print_ec_coord(const mbedtls_ssl_context *ssl, int level,
- const char *file, int line, const char *text,
- const unsigned char *buf, size_t len)
-{
- char str[DEBUG_BUF_SIZE];
- size_t i, idx = 0;
-
- mbedtls_snprintf(str + idx, sizeof(str) - idx, "value of '%s' (%u bits) is:\n",
- text, (unsigned int) len * 8);
-
- debug_send_line(ssl, level, file, line, str);
-
- for (i = 0; i < len; i++) {
- if (i >= 4096) {
- break;
- }
-
- if (i % 16 == 0) {
- if (i > 0) {
- mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
- debug_send_line(ssl, level, file, line, str);
-
- idx = 0;
- }
- }
-
- idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x",
- (unsigned int) buf[i]);
- }
-
- if (len > 0) {
- for (/* i = i */; i % 16 != 0; i++) {
- idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " ");
- }
-
- mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
- debug_send_line(ssl, level, file, line, str);
- }
-}
-
-void mbedtls_debug_print_psa_ec(const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_pk_context *pk)
-{
- char str[DEBUG_BUF_SIZE];
- const uint8_t *coord_start;
- size_t coord_len;
-
- if (NULL == ssl ||
- NULL == ssl->conf ||
- NULL == ssl->conf->f_dbg ||
- level > debug_threshold) {
- return;
- }
-
- /* For the description of pk->pk_raw content please refer to the description
- * psa_export_public_key() function. */
- coord_len = (pk->pub_raw_len - 1)/2;
-
- /* X coordinate */
- coord_start = pk->pub_raw + 1;
- mbedtls_snprintf(str, sizeof(str), "%s(X)", text);
- mbedtls_debug_print_ec_coord(ssl, level, file, line, str, coord_start, coord_len);
-
- /* Y coordinate */
- coord_start = coord_start + coord_len;
- mbedtls_snprintf(str, sizeof(str), "%s(Y)", text);
- mbedtls_debug_print_ec_coord(ssl, level, file, line, str, coord_start, coord_len);
-}
-#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
-
#if defined(MBEDTLS_BIGNUM_C)
void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
@@ -313,6 +219,179 @@
#endif /* MBEDTLS_BIGNUM_C */
#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
+
+/* no-check-names will be removed in mbedtls#10229. */
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) || defined(MBEDTLS_PK_USE_PSA_RSA_DATA) //no-check-names
+static void mbedtls_debug_print_integer(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line, const char *text,
+ const unsigned char *buf, size_t bitlen)
+{
+ char str[DEBUG_BUF_SIZE];
+ size_t i, len_bytes = PSA_BITS_TO_BYTES(bitlen), idx = 0;
+
+ mbedtls_snprintf(str + idx, sizeof(str) - idx, "value of '%s' (%u bits) is:\n",
+ text, (unsigned int) bitlen);
+
+ debug_send_line(ssl, level, file, line, str);
+
+ for (i = 0; i < len_bytes; i++) {
+ if (i >= 4096) {
+ break;
+ }
+
+ if (i % 16 == 0) {
+ if (i > 0) {
+ mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
+ debug_send_line(ssl, level, file, line, str);
+
+ idx = 0;
+ }
+ }
+
+ idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x",
+ (unsigned int) buf[i]);
+ }
+
+ if (len_bytes > 0) {
+ mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
+ debug_send_line(ssl, level, file, line, str);
+ }
+}
+/* no-check-names will be removed in mbedtls#10229. */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY || MBEDTLS_PK_USE_PSA_RSA_DATA */ //no-check-names
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+static void mbedtls_debug_print_psa_ec(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line,
+ const char *text, const mbedtls_pk_context *pk)
+{
+ char str[DEBUG_BUF_SIZE];
+ const uint8_t *coord_start;
+ size_t coord_len;
+
+ if (NULL == ssl ||
+ NULL == ssl->conf ||
+ NULL == ssl->conf->f_dbg ||
+ level > debug_threshold) {
+ return;
+ }
+
+ /* For the description of pk->pk_raw content please refer to the description
+ * psa_export_public_key() function. */
+ coord_len = (pk->pub_raw_len - 1)/2;
+
+ /* X coordinate */
+ coord_start = pk->pub_raw + 1;
+ mbedtls_snprintf(str, sizeof(str), "%s(X)", text);
+ mbedtls_debug_print_integer(ssl, level, file, line, str, coord_start, coord_len * 8);
+
+ /* Y coordinate */
+ coord_start = coord_start + coord_len;
+ mbedtls_snprintf(str, sizeof(str), "%s(Y)", text);
+ mbedtls_debug_print_integer(ssl, level, file, line, str, coord_start, coord_len * 8);
+}
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
+
+/* no-check-names will be removed in mbedtls#10229. */
+#if defined(MBEDTLS_PK_USE_PSA_RSA_DATA) //no-check-names
+static size_t debug_count_valid_bits(unsigned char **buf, size_t len)
+{
+ size_t i, bits;
+
+ /* Ignore initial null bytes (if any). */
+ while ((len > 0) && (**buf == 0x00)) {
+ (*buf)++;
+ len--;
+ }
+
+ if (len == 0) {
+ return 0;
+ }
+
+ bits = len * 8;
+
+ /* Ignore initial null bits (if any). */
+ for (i = 7; i > 0; i--) {
+ if ((**buf & (0x1 << i)) != 0) {
+ break;
+ }
+ bits--;
+ }
+
+ return bits;
+}
+
+static void mbedtls_debug_print_psa_rsa(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line,
+ const char *text, const mbedtls_pk_context *pk)
+{
+ char str[DEBUG_BUF_SIZE];
+ /* no-check-names will be removed in mbedtls#10229. */
+ unsigned char key_der[MBEDTLS_PK_MAX_RSA_PUBKEY_RAW_LEN]; //no-check-names
+ unsigned char *start_cur;
+ unsigned char *end_cur;
+ size_t len, bits;
+ int ret;
+
+ if (NULL == ssl ||
+ NULL == ssl->conf ||
+ NULL == ssl->conf->f_dbg ||
+ level > debug_threshold) {
+ return;
+ }
+
+ if (pk->pub_raw_len > sizeof(key_der)) {
+ snprintf(str, sizeof(str),
+ "RSA public key too large: %" MBEDTLS_PRINTF_SIZET " > %" MBEDTLS_PRINTF_SIZET,
+ pk->pub_raw_len, sizeof(key_der));
+ debug_send_line(ssl, level, file, line, str);
+ return;
+ }
+
+ memcpy(key_der, pk->pub_raw, pk->pub_raw_len);
+ start_cur = key_der;
+ end_cur = key_der + pk->pub_raw_len;
+
+ /* This integer parsing solution should be replaced with mbedtls_asn1_get_integer().
+ * See #10238. */
+ ret = mbedtls_asn1_get_tag(&start_cur, end_cur, &len,
+ MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED);
+ if (ret != 0) {
+ return;
+ }
+
+ ret = mbedtls_asn1_get_tag(&start_cur, end_cur, &len, MBEDTLS_ASN1_INTEGER);
+ if (ret != 0) {
+ return;
+ }
+
+ bits = debug_count_valid_bits(&start_cur, len);
+ if (bits == 0) {
+ return;
+ }
+ len = PSA_BITS_TO_BYTES(bits);
+
+ mbedtls_snprintf(str, sizeof(str), "%s.N", text);
+ mbedtls_debug_print_integer(ssl, level, file, line, str, start_cur, bits);
+
+ start_cur += len;
+
+ ret = mbedtls_asn1_get_tag(&start_cur, end_cur, &len, MBEDTLS_ASN1_INTEGER);
+ if (ret != 0) {
+ return;
+ }
+
+ bits = debug_count_valid_bits(&start_cur, len);
+ if (bits == 0) {
+ return;
+ }
+
+ mbedtls_snprintf(str, sizeof(str), "%s.E", text);
+ mbedtls_debug_print_integer(ssl, level, file, line, str, start_cur, bits);
+}
+/* no-check-names will be removed in mbedtls#10229. */
+#endif /* MBEDTLS_PK_USE_PSA_RSA_DATA */ //no-check-names
+
static void debug_print_pk(const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
const char *text, const mbedtls_pk_context *pk)
@@ -342,16 +421,17 @@
mbedtls_debug_print_mpi(ssl, level, file, line, name, items[i].value);
} else
#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_LIGHT)
- if (items[i].type == MBEDTLS_PK_DEBUG_ECP) {
- mbedtls_debug_print_ecp(ssl, level, file, line, name, items[i].value);
+/* no-check-names will be removed in mbedtls#10229. */
+#if defined(MBEDTLS_PK_USE_PSA_RSA_DATA) //no-check-names
+ if (items[i].type == MBEDTLS_PK_DEBUG_PSA_RSA) { //no-check-names
+ mbedtls_debug_print_psa_rsa(ssl, level, file, line, name, items[i].value);
} else
-#endif /* MBEDTLS_ECP_LIGHT */
-#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+#endif /* MBEDTLS_PK_USE_PSA_RSA_DATA */ //no-check-names
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
if (items[i].type == MBEDTLS_PK_DEBUG_PSA_EC) {
mbedtls_debug_print_psa_ec(ssl, level, file, line, name, items[i].value);
} else
-#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
{ debug_send_line(ssl, level, file, line,
"should not happen\n"); }
}
@@ -412,54 +492,4 @@
}
#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \
- defined(MBEDTLS_ECDH_C)
-static void mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context *ssl,
- int level, const char *file,
- int line,
- const mbedtls_ecdh_context *ecdh,
- mbedtls_debug_ecdh_attr attr)
-{
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
- const mbedtls_ecdh_context *ctx = ecdh;
-#else
- const mbedtls_ecdh_context_mbed *ctx = &ecdh->ctx.mbed_ecdh;
-#endif
-
- switch (attr) {
- case MBEDTLS_DEBUG_ECDH_Q:
- mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Q",
- &ctx->Q);
- break;
- case MBEDTLS_DEBUG_ECDH_QP:
- mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Qp",
- &ctx->Qp);
- break;
- case MBEDTLS_DEBUG_ECDH_Z:
- mbedtls_debug_print_mpi(ssl, level, file, line, "ECDH: z",
- &ctx->z);
- break;
- default:
- break;
- }
-}
-
-void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const mbedtls_ecdh_context *ecdh,
- mbedtls_debug_ecdh_attr attr)
-{
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
- mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh, attr);
-#else
- switch (ecdh->var) {
- default:
- mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh,
- attr);
- }
-#endif
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED &&
- MBEDTLS_ECDH_C */
-
#endif /* MBEDTLS_DEBUG_C */
diff --git a/library/debug_internal.h b/library/debug_internal.h
index 4523b46..3ffcee1 100644
--- a/library/debug_internal.h
+++ b/library/debug_internal.h
@@ -93,28 +93,6 @@
const char *text, const mbedtls_mpi *X);
#endif
-#if defined(MBEDTLS_ECP_LIGHT)
-/**
- * \brief Print an ECP point to the debug output. This function is always
- * used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the
- * ssl context, file and line number parameters.
- *
- * \param ssl SSL context
- * \param level error level of the debug message
- * \param file file the error has occurred in
- * \param line line number the error has occurred in
- * \param text a name or label for the ECP point being output. Normally the
- * variable name
- * \param X the ECP point
- *
- * \attention This function is intended for INTERNAL usage within the
- * library only.
- */
-void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_ecp_point *X);
-#endif
-
#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
/**
* \brief Print a X.509 certificate structure to the debug output. This
@@ -136,37 +114,4 @@
const char *text, const mbedtls_x509_crt *crt);
#endif
-/* Note: the MBEDTLS_ECDH_C guard here is mandatory because this debug function
- only works for the built-in implementation. */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \
- defined(MBEDTLS_ECDH_C)
-typedef enum {
- MBEDTLS_DEBUG_ECDH_Q,
- MBEDTLS_DEBUG_ECDH_QP,
- MBEDTLS_DEBUG_ECDH_Z,
-} mbedtls_debug_ecdh_attr;
-
-/**
- * \brief Print a field of the ECDH structure in the SSL context to the debug
- * output. This function is always used through the
- * MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file
- * and line number parameters.
- *
- * \param ssl SSL context
- * \param level error level of the debug message
- * \param file file the error has occurred in
- * \param line line number the error has occurred in
- * \param ecdh the ECDH context
- * \param attr the identifier of the attribute being output
- *
- * \attention This function is intended for INTERNAL usage within the
- * library only.
- */
-void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const mbedtls_ecdh_context *ecdh,
- mbedtls_debug_ecdh_attr attr);
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED &&
- MBEDTLS_ECDH_C */
-
#endif /* MBEDTLS_DEBUG_INTERNAL_H */
diff --git a/library/pkcs7.c b/library/pkcs7.c
index ff0567c..3481cbd 100644
--- a/library/pkcs7.c
+++ b/library/pkcs7.c
@@ -10,6 +10,7 @@
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_crl.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include "mbedtls/error.h"
#if defined(MBEDTLS_FS_IO)
@@ -480,7 +481,7 @@
return ret;
}
- ret = mbedtls_oid_get_md_alg(&signed_data->digest_alg_identifiers, &md_alg);
+ ret = mbedtls_x509_oid_get_md_alg(&signed_data->digest_alg_identifiers, &md_alg);
if (ret != 0) {
return MBEDTLS_ERR_PKCS7_INVALID_ALG;
}
@@ -659,7 +660,7 @@
return MBEDTLS_ERR_PKCS7_CERT_DATE_INVALID;
}
- ret = mbedtls_oid_get_md_alg(&pkcs7->signed_data.digest_alg_identifiers, &md_alg);
+ ret = mbedtls_x509_oid_get_md_alg(&pkcs7->signed_data.digest_alg_identifiers, &md_alg);
if (ret != 0) {
return ret;
}
diff --git a/library/ssl_client.c b/library/ssl_client.c
index cb57a97..307da0f 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -141,7 +141,7 @@
* ProtocolName protocol_name_list<2..2^16-1>
* } ProtocolNameList;
*/
- for (const char **cur = ssl->conf->alpn_list; *cur != NULL; cur++) {
+ for (const char *const *cur = ssl->conf->alpn_list; *cur != NULL; cur++) {
/*
* mbedtls_ssl_conf_set_alpn_protocols() checked that the length of
* protocol names is less than 255.
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index dba8d74..5774bfc 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -4189,7 +4189,7 @@
ret = 0;
goto exit;
} else {
- MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message %u not or only partially bufffered",
+ MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message %u not or only partially buffered",
hs->in_msg_seq));
}
@@ -5957,7 +5957,7 @@
} else {
/*
* If we are past the point where we can send early data or we have
- * already reached the maximum early data size, return immediatly.
+ * already reached the maximum early data size, return immediately.
* Otherwise, progress the handshake as much as possible to not delay
* it too much. If we reach a point where we can still send early data,
* then we will send some.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f95f3c7..051fce3 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2534,10 +2534,11 @@
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#if defined(MBEDTLS_SSL_ALPN)
-int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos)
+int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf,
+ const char *const *protos)
{
size_t cur_len, tot_len;
- const char **p;
+ const char *const *p;
/*
* RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings
@@ -5111,7 +5112,7 @@
#if defined(MBEDTLS_SSL_ALPN)
{
uint8_t alpn_len;
- const char **cur;
+ const char *const *cur;
if ((size_t) (end - p) < 1) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
@@ -5385,7 +5386,7 @@
/* NOTICE: see above */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-static uint16_t ssl_tls12_preset_default_sig_algs[] = {
+static const uint16_t ssl_tls12_preset_default_sig_algs[] = {
#if defined(PSA_WANT_ALG_SHA_512)
#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED)
@@ -5449,7 +5450,7 @@
/* NOTICE: see above */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = {
+static const uint16_t ssl_tls12_preset_suiteb_sig_algs[] = {
#if defined(PSA_WANT_ALG_SHA_256)
#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED)
@@ -7016,7 +7017,7 @@
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
switch (ret) {
case 0: /*ok*/
- case MBEDTLS_ERR_OID_NOT_FOUND:
+ case MBEDTLS_ERR_X509_UNKNOWN_OID:
/* Ignore certificate with an unknown algorithm: maybe a
prior certificate was already trusted. */
break;
@@ -8547,7 +8548,7 @@
}
/* Use our order of preference */
- for (const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) {
+ for (const char *const *alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) {
size_t const alpn_len = strlen(*alpn);
p = protocol_name_list;
while (p < protocol_name_list_end) {
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index df7dfbf..b244921 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -869,7 +869,7 @@
const unsigned char *buf, size_t len)
{
size_t list_len, name_len;
- const char **p;
+ const char *const *p;
/* If we didn't send it, the server shouldn't send it */
if (ssl->conf->alpn_list == NULL) {
@@ -1758,10 +1758,6 @@
return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
}
-#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- const mbedtls_ecp_keypair *peer_key = mbedtls_pk_ec_ro(*peer_pk);
-#endif /* !defined(MBEDTLS_PK_USE_PSA_EC_DATA) */
-
uint16_t tls_id = 0;
psa_key_type_t key_type = PSA_KEY_TYPE_NONE;
mbedtls_ecp_group_id grp_id = mbedtls_pk_get_ec_group_id(peer_pk);
@@ -1773,7 +1769,7 @@
tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id(grp_id);
if (tls_id == 0) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("ECC group %u not suported",
+ MBEDTLS_SSL_DEBUG_MSG(1, ("ECC group %u not supported",
grp_id));
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
}
@@ -1786,23 +1782,9 @@
ssl->handshake->xxdh_psa_type = key_type;
/* Store peer's public key in psa format. */
-#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
memcpy(ssl->handshake->xxdh_psa_peerkey, peer_pk->pub_raw, peer_pk->pub_raw_len);
ssl->handshake->xxdh_psa_peerkey_len = peer_pk->pub_raw_len;
ret = 0;
-#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
- size_t olen = 0;
- ret = mbedtls_ecp_point_write_binary(&peer_key->grp, &peer_key->Q,
- MBEDTLS_ECP_PF_UNCOMPRESSED, &olen,
- ssl->handshake->xxdh_psa_peerkey,
- sizeof(ssl->handshake->xxdh_psa_peerkey));
-
- if (ret != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecp_point_write_binary"), ret);
- return ret;
- }
- ssl->handshake->xxdh_psa_peerkey_len = olen;
-#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
/* We don't need the peer's public key anymore. Free it,
* so that more RAM is available for upcoming expensive
@@ -2100,15 +2082,7 @@
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if (pk_alg == MBEDTLS_PK_RSASSA_PSS) {
- mbedtls_pk_rsassa_pss_options rsassa_pss_options;
- rsassa_pss_options.mgf1_hash_id = md_alg;
- rsassa_pss_options.expected_salt_len =
- mbedtls_md_get_size_from_type(md_alg);
- if (rsassa_pss_options.expected_salt_len == 0) {
- return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
- }
-
- ret = mbedtls_pk_verify_ext(pk_alg, &rsassa_pss_options,
+ ret = mbedtls_pk_verify_ext(pk_alg, NULL,
peer_pk,
md_alg, hash, hashlen,
p, sig_len);
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 2b2b49f..b2b5e33 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -2525,12 +2525,6 @@
psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
unsigned char buf[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)];
size_t key_len;
-#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- uint16_t tls_id = 0;
- psa_key_type_t key_type = PSA_KEY_TYPE_NONE;
- mbedtls_ecp_group_id grp_id;
- mbedtls_ecp_keypair *key;
-#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
pk = mbedtls_ssl_own_key(ssl);
@@ -2542,11 +2536,9 @@
switch (pk_type) {
case MBEDTLS_PK_OPAQUE:
-#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
case MBEDTLS_PK_ECKEY:
case MBEDTLS_PK_ECKEY_DH:
case MBEDTLS_PK_ECDSA:
-#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
if (!mbedtls_pk_can_do(pk, MBEDTLS_PK_ECKEY)) {
return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
}
@@ -2561,7 +2553,6 @@
ssl->handshake->xxdh_psa_type = psa_get_key_type(&key_attributes);
ssl->handshake->xxdh_psa_bits = psa_get_key_bits(&key_attributes);
-#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
if (pk_type != MBEDTLS_PK_OPAQUE) {
/* PK_ECKEY[_DH] and PK_ECDSA instead as parsed from the PK
* module and only have ECDSA capabilities. Since we need
@@ -2594,7 +2585,6 @@
ret = 0;
break;
}
-#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
/* Opaque key is created by the user (externally from Mbed TLS)
* so we assume it already has the right algorithm and flags
@@ -2604,53 +2594,6 @@
ret = 0;
break;
-#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- case MBEDTLS_PK_ECKEY:
- case MBEDTLS_PK_ECKEY_DH:
- case MBEDTLS_PK_ECDSA:
- key = mbedtls_pk_ec_rw(*pk);
- grp_id = mbedtls_pk_get_ec_group_id(pk);
- if (grp_id == MBEDTLS_ECP_DP_NONE) {
- return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
- }
- tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id(grp_id);
- if (tls_id == 0) {
- /* This elliptic curve is not supported */
- return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
- }
-
- /* If the above conversion to TLS ID was fine, then also this one will
- be, so there is no need to check the return value here */
- mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &key_type,
- &ssl->handshake->xxdh_psa_bits);
-
- ssl->handshake->xxdh_psa_type = key_type;
-
- key_attributes = psa_key_attributes_init();
- psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
- psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH);
- psa_set_key_type(&key_attributes,
- PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type));
- psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_psa_bits);
-
- ret = mbedtls_ecp_write_key_ext(key, &key_len, buf, sizeof(buf));
- if (ret != 0) {
- mbedtls_platform_zeroize(buf, sizeof(buf));
- break;
- }
-
- status = psa_import_key(&key_attributes, buf, key_len,
- &ssl->handshake->xxdh_psa_privkey);
- if (status != PSA_SUCCESS) {
- ret = PSA_TO_MBEDTLS_ERR(status);
- mbedtls_platform_zeroize(buf, sizeof(buf));
- break;
- }
-
- mbedtls_platform_zeroize(buf, sizeof(buf));
- ret = 0;
- break;
-#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
default:
ret = MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
}
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 9386801..b7b075c 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -158,7 +158,7 @@
/* Check that the server chosen protocol was in our list and save it */
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, protocol_name_list_end, protocol_name_len);
- for (const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) {
+ for (const char *const *alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++) {
if (protocol_name_len == strlen(*alpn) &&
memcmp(p, *alpn, protocol_name_len) == 0) {
ssl->alpn_chosen = *alpn;
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index deba2ae..44525dd 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -227,11 +227,6 @@
unsigned char verify_hash[PSA_HASH_MAX_SIZE];
size_t verify_hash_len;
- void const *options = NULL;
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_pk_rsassa_pss_options rsassa_pss_options;
-#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-
/*
* struct {
* SignatureScheme algorithm;
@@ -304,16 +299,8 @@
}
MBEDTLS_SSL_DEBUG_BUF(3, "verify hash", verify_hash, verify_hash_len);
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- if (sig_alg == MBEDTLS_PK_RSASSA_PSS) {
- rsassa_pss_options.mgf1_hash_id = md_alg;
- rsassa_pss_options.expected_salt_len = PSA_HASH_LENGTH(hash_alg);
- options = (const void *) &rsassa_pss_options;
- }
-#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-
- if ((ret = mbedtls_pk_verify_ext(sig_alg, options,
+ if ((ret = mbedtls_pk_verify_ext(sig_alg, NULL,
&ssl->session_negotiate->peer_cert->pk,
md_alg, verify_hash, verify_hash_len,
p, signature_len)) == 0) {
@@ -518,7 +505,7 @@
switch (ret) {
case 0: /*ok*/
break;
- case MBEDTLS_ERR_OID_NOT_FOUND:
+ case MBEDTLS_ERR_X509_UNKNOWN_OID:
/* Ignore certificate with an unknown algorithm: maybe a
prior certificate was already trusted. */
break;
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index dbc703a..865e02c 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -80,7 +80,8 @@
* the HkdfLabel structure on success.
*/
-static const char tls13_label_prefix[6] = "tls13 ";
+/* We need to tell the compiler that we meant to leave out the null character. */
+static const char tls13_label_prefix[6] MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING = "tls13 ";
#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(label_len, context_len) \
(2 /* expansion length */ \
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index 14f6e48..1509e9a 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -40,8 +40,9 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+/* We need to tell the compiler that we meant to leave out the null character. */
#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
- const unsigned char name [sizeof(string) - 1];
+ const unsigned char name [sizeof(string) - 1] MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING;
union mbedtls_ssl_tls13_labels_union {
MBEDTLS_SSL_TLS1_3_LABEL_LIST
diff --git a/library/x509.c b/library/x509.c
index 0571687..f315821 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -22,6 +22,7 @@
#include "mbedtls/asn1.h"
#include "mbedtls/error.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include <stdio.h>
#include <string.h>
@@ -208,7 +209,7 @@
p += md_oid.len;
/* Get md_alg from md_oid */
- if ((ret = mbedtls_oid_get_md_alg(&md_oid, md_alg)) != 0) {
+ if ((ret = mbedtls_x509_oid_get_md_alg(&md_oid, md_alg)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
}
@@ -282,7 +283,7 @@
return ret;
}
- if ((ret = mbedtls_oid_get_md_alg(&alg_id, md_alg)) != 0) {
+ if ((ret = mbedtls_x509_oid_get_md_alg(&alg_id, md_alg)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
}
@@ -314,7 +315,7 @@
/* Only MFG1 is recognised for now */
if (MBEDTLS_OID_CMP(MBEDTLS_OID_MGF1, &alg_id) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE,
- MBEDTLS_ERR_OID_NOT_FOUND);
+ MBEDTLS_ERR_X509_UNKNOWN_OID);
}
/* Parse HashAlgorithm */
@@ -715,38 +716,30 @@
* Get signature algorithm from alg OID and optional parameters
*/
int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
- mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
- void **sig_opts)
+ mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if (*sig_opts != NULL) {
- return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
- }
-
- if ((ret = mbedtls_oid_get_sig_alg(sig_oid, md_alg, pk_alg)) != 0) {
+ if ((ret = mbedtls_x509_oid_get_sig_alg(sig_oid, md_alg, pk_alg)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret);
}
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if (*pk_alg == MBEDTLS_PK_RSASSA_PSS) {
- mbedtls_pk_rsassa_pss_options *pss_opts;
-
- pss_opts = mbedtls_calloc(1, sizeof(mbedtls_pk_rsassa_pss_options));
- if (pss_opts == NULL) {
- return MBEDTLS_ERR_X509_ALLOC_FAILED;
- }
+ mbedtls_md_type_t mgf1_hash_id;
+ int expected_salt_len;
ret = mbedtls_x509_get_rsassa_pss_params(sig_params,
md_alg,
- &pss_opts->mgf1_hash_id,
- &pss_opts->expected_salt_len);
+ &mgf1_hash_id,
+ &expected_salt_len);
if (ret != 0) {
- mbedtls_free(pss_opts);
return ret;
}
-
- *sig_opts = (void *) pss_opts;
+ /* Ensure MGF1 hash alg is the same as the one used to hash the message. */
+ if (mgf1_hash_id != *md_alg) {
+ return MBEDTLS_ERR_X509_INVALID_ALG;
+ }
} else
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
{
@@ -857,7 +850,7 @@
ret = mbedtls_snprintf(p, n, ".%u", value);
}
if (ret < 2 || (size_t) ret >= n) {
- return MBEDTLS_ERR_OID_BUF_TOO_SMALL;
+ return PSA_ERROR_BUFFER_TOO_SMALL;
}
n -= (size_t) ret;
p += ret;
@@ -912,7 +905,7 @@
(name->val.tag != MBEDTLS_ASN1_PRINTABLE_STRING) &&
(name->val.tag != MBEDTLS_ASN1_IA5_STRING);
- if ((ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name)) == 0) {
+ if ((ret = mbedtls_x509_oid_get_attr_short_name(&name->oid, &short_name)) == 0) {
ret = mbedtls_snprintf(p, n, "%s=", short_name);
} else {
if ((ret = mbedtls_oid_get_numeric_string(p, n, &name->oid)) > 0) {
@@ -920,7 +913,7 @@
p += ret;
ret = mbedtls_snprintf(p, n, "=");
print_hexstring = 1;
- } else if (ret == MBEDTLS_ERR_OID_BUF_TOO_SMALL) {
+ } else if (ret == PSA_ERROR_BUFFER_TOO_SMALL) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
} else {
ret = mbedtls_snprintf(p, n, "\?\?=");
@@ -1045,15 +1038,14 @@
* Helper for writing signature algorithms
*/
int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
- mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
- const void *sig_opts)
+ mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
char *p = buf;
size_t n = size;
const char *desc = NULL;
- ret = mbedtls_oid_get_sig_alg_desc(sig_oid, &desc);
+ ret = mbedtls_x509_oid_get_sig_alg_desc(sig_oid, &desc);
if (ret != 0) {
ret = mbedtls_snprintf(p, n, "???");
} else {
@@ -1063,23 +1055,17 @@
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if (pk_alg == MBEDTLS_PK_RSASSA_PSS) {
- const mbedtls_pk_rsassa_pss_options *pss_opts;
-
- pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts;
-
const char *name = md_type_to_string(md_alg);
- const char *mgf_name = md_type_to_string(pss_opts->mgf1_hash_id);
-
- ret = mbedtls_snprintf(p, n, " (%s, MGF1-%s, 0x%02X)",
- name ? name : "???",
- mgf_name ? mgf_name : "???",
- (unsigned int) pss_opts->expected_salt_len);
+ if (name != NULL) {
+ ret = mbedtls_snprintf(p, n, " (%s)", name);
+ } else {
+ ret = mbedtls_snprintf(p, n, " (?)");
+ }
MBEDTLS_X509_SAFE_SNPRINTF;
}
#else
((void) pk_alg);
((void) md_alg);
- ((void) sig_opts);
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
return (int) (size - n);
diff --git a/library/x509_create.c b/library/x509_create.c
index 48ac080..17fc8fb 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -12,6 +12,7 @@
#include "mbedtls/asn1write.h"
#include "mbedtls/error.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include <string.h>
@@ -314,7 +315,7 @@
size_t num_bytes = oid_subidentifier_num_bytes(value);
if ((size_t) (bound - *p) < num_bytes) {
- return MBEDTLS_ERR_OID_BUF_TOO_SMALL;
+ return PSA_ERROR_BUFFER_TOO_SMALL;
}
(*p)[num_bytes - 1] = (unsigned char) (value & 0x7f);
value >>= 7;
@@ -467,8 +468,12 @@
unsigned char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
size_t data_len = 0;
- /* Clear existing chain if present */
- mbedtls_asn1_free_named_data_list(head);
+ /* Ensure the output parameter is not already populated.
+ * (If it were, overwriting it would likely cause a memory leak.)
+ */
+ if (*head != NULL) {
+ return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+ }
while (c <= end) {
if (in_attr_type && *c == '=') {
diff --git a/library/x509_crl.c b/library/x509_crl.c
index bc4fdbb..0b98ba4 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -389,8 +389,7 @@
crl->version++;
if ((ret = mbedtls_x509_get_sig_alg(&crl->sig_oid, &sig_params1,
- &crl->sig_md, &crl->sig_pk,
- &crl->sig_opts)) != 0) {
+ &crl->sig_md, &crl->sig_pk)) != 0) {
mbedtls_x509_crl_free(crl);
return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
}
@@ -646,8 +645,7 @@
ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix);
MBEDTLS_X509_SAFE_SNPRINTF;
- ret = mbedtls_x509_sig_alg_gets(p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md,
- crl->sig_opts);
+ ret = mbedtls_x509_sig_alg_gets(p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md);
MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf(p, n, "\n");
@@ -676,10 +674,6 @@
mbedtls_x509_crl_entry *entry_prv;
while (crl_cur != NULL) {
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_free(crl_cur->sig_opts);
-#endif
-
mbedtls_asn1_free_named_data_list_shallow(crl_cur->issuer.next);
entry_cur = crl_cur->entry.next;
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 5d26ebb..4ac5d9b 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -24,6 +24,7 @@
#include "mbedtls/x509_crt.h"
#include "mbedtls/error.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include "mbedtls/platform_util.h"
#include <string.h>
@@ -926,7 +927,7 @@
/*
* Detect supported extensions
*/
- ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type);
+ ret = mbedtls_x509_oid_get_x509_ext_type(&extn_oid, &ext_type);
if (ret != 0) {
/* Give the callback (if any) a chance to handle the extension */
@@ -1015,7 +1016,7 @@
}
break;
- case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES:
+ case MBEDTLS_X509_EXT_CERTIFICATE_POLICIES:
/* Parse certificate policies type */
if ((ret = x509_get_certificate_policies(p, end_ext_octet,
&crt->certificate_policies)) != 0) {
@@ -1163,8 +1164,7 @@
crt->version++;
if ((ret = mbedtls_x509_get_sig_alg(&crt->sig_oid, &sig_params1,
- &crt->sig_md, &crt->sig_pk,
- &crt->sig_opts)) != 0) {
+ &crt->sig_md, &crt->sig_pk)) != 0) {
mbedtls_x509_crt_free(crt);
return ret;
}
@@ -1693,7 +1693,7 @@
const char *sep = "";
while (cur != NULL) {
- if (mbedtls_oid_get_extended_key_usage(&cur->buf, &desc) != 0) {
+ if (mbedtls_x509_oid_get_extended_key_usage(&cur->buf, &desc) != 0) {
desc = "???";
}
@@ -1722,7 +1722,7 @@
const char *sep = "";
while (cur != NULL) {
- if (mbedtls_oid_get_certificate_policies(&cur->buf, &desc) != 0) {
+ if (mbedtls_x509_oid_get_certificate_policies(&cur->buf, &desc) != 0) {
desc = "???";
}
@@ -1800,8 +1800,7 @@
ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix);
MBEDTLS_X509_SAFE_SNPRINTF;
- ret = mbedtls_x509_sig_alg_gets(p, n, &crt->sig_oid, crt->sig_pk,
- crt->sig_md, crt->sig_opts);
+ ret = mbedtls_x509_sig_alg_gets(p, n, &crt->sig_oid, crt->sig_pk, crt->sig_md);
MBEDTLS_X509_SAFE_SNPRINTF;
/* Key size */
@@ -1868,7 +1867,7 @@
}
}
- if (crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES) {
+ if (crt->ext_types & MBEDTLS_X509_EXT_CERTIFICATE_POLICIES) {
ret = mbedtls_snprintf(p, n, "\n%scertificate policies : ", prefix);
MBEDTLS_X509_SAFE_SNPRINTF;
@@ -2061,7 +2060,7 @@
flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
}
- if (mbedtls_pk_verify_ext(crl_list->sig_pk, crl_list->sig_opts, &ca->pk,
+ if (mbedtls_pk_verify_ext(crl_list->sig_pk, NULL, &ca->pk,
crl_list->sig_md, hash, hash_length,
crl_list->sig.p, crl_list->sig.len) != 0) {
flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
@@ -2125,7 +2124,7 @@
return -1;
}
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA) {
return mbedtls_pk_verify_restartable(&parent->pk,
child->sig_md, hash, hash_len,
@@ -2135,7 +2134,7 @@
(void) rs_ctx;
#endif
- return mbedtls_pk_verify_ext(child->sig_pk, child->sig_opts, &parent->pk,
+ return mbedtls_pk_verify_ext(child->sig_pk, NULL, &parent->pk,
child->sig_md, hash, hash_len,
child->sig.p, child->sig.len);
}
@@ -2235,7 +2234,7 @@
mbedtls_x509_crt *parent, *fallback_parent;
int signature_is_good = 0, fallback_signature_is_good;
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
/* did we have something in progress? */
if (rs_ctx != NULL && rs_ctx->parent != NULL) {
/* restore saved state */
@@ -2269,12 +2268,12 @@
}
/* Signature */
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
check_signature:
#endif
ret = x509_crt_check_signature(child, parent, rs_ctx);
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
/* save state */
rs_ctx->parent = parent;
@@ -2359,7 +2358,7 @@
*parent_is_trusted = 1;
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
/* restore then clear saved state if we have some stored */
if (rs_ctx != NULL && rs_ctx->parent_is_trusted != -1) {
*parent_is_trusted = rs_ctx->parent_is_trusted;
@@ -2375,7 +2374,7 @@
*parent_is_trusted,
path_cnt, self_cnt, rs_ctx, now);
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
/* save state */
rs_ctx->parent_is_trusted = *parent_is_trusted;
@@ -2502,7 +2501,7 @@
}
#endif
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
/* resume if we had an operation in progress */
if (rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent) {
/* restore saved state */
@@ -2516,7 +2515,7 @@
goto find_parent;
}
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+#endif /* MBEDTLS_ECP_RESTARTABLE */
child = crt;
self_cnt = 0;
@@ -2562,7 +2561,7 @@
return 0;
}
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
find_parent:
#endif
@@ -2594,7 +2593,7 @@
ver_chain->len - 1, self_cnt, rs_ctx,
&now);
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
/* save state */
rs_ctx->in_progress = x509_crt_rs_find_parent;
@@ -3088,7 +3087,7 @@
ver_chain.trust_ca_cb_result = NULL;
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS) {
mbedtls_x509_crt_restart_free(rs_ctx);
}
@@ -3203,10 +3202,6 @@
while (cert_cur != NULL) {
mbedtls_pk_free(&cert_cur->pk);
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_free(cert_cur->sig_opts);
-#endif
-
mbedtls_asn1_free_named_data_list_shallow(cert_cur->issuer.next);
mbedtls_asn1_free_named_data_list_shallow(cert_cur->subject.next);
mbedtls_asn1_sequence_free(cert_cur->ext_key_usage.next);
@@ -3228,7 +3223,7 @@
}
}
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+#if defined(MBEDTLS_ECP_RESTARTABLE)
/*
* Initialize a restart context
*/
@@ -3259,7 +3254,7 @@
mbedtls_pk_restart_free(&ctx->pk);
mbedtls_x509_crt_restart_init(ctx);
}
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+#endif /* MBEDTLS_ECP_RESTARTABLE */
int mbedtls_x509_crt_get_ca_istrue(const mbedtls_x509_crt *crt)
{
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 8e5fdb6..32a3bb2 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -22,6 +22,7 @@
#include "mbedtls/x509_csr.h"
#include "mbedtls/error.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include "mbedtls/platform_util.h"
#include <string.h>
@@ -114,7 +115,7 @@
/*
* Detect supported extensions and skip unsupported extensions
*/
- ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type);
+ ret = mbedtls_x509_oid_get_x509_ext_type(&extn_oid, &ext_type);
if (ret != 0) {
/* Give the callback (if any) a chance to handle the extension */
@@ -407,8 +408,7 @@
}
if ((ret = mbedtls_x509_get_sig_alg(&csr->sig_oid, &sig_params,
- &csr->sig_md, &csr->sig_pk,
- &csr->sig_opts)) != 0) {
+ &csr->sig_md, &csr->sig_pk)) != 0) {
mbedtls_x509_csr_free(csr);
return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
}
@@ -547,8 +547,7 @@
ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix);
MBEDTLS_X509_SAFE_SNPRINTF;
- ret = mbedtls_x509_sig_alg_gets(p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
- csr->sig_opts);
+ ret = mbedtls_x509_sig_alg_gets(p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md);
MBEDTLS_X509_SAFE_SNPRINTF;
if ((ret = mbedtls_x509_key_size_helper(key_size_str, MBEDTLS_BEFORE_COLON,
@@ -621,10 +620,6 @@
mbedtls_pk_free(&csr->pk);
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_free(csr->sig_opts);
-#endif
-
mbedtls_asn1_free_named_data_list_shallow(csr->subject.next);
mbedtls_asn1_sequence_free(csr->subject_alt_names.next);
diff --git a/library/x509_internal.h b/library/x509_internal.h
index 36cbc65..9360471 100644
--- a/library/x509_internal.h
+++ b/library/x509_internal.h
@@ -35,8 +35,7 @@
#endif
int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig);
int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
- mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
- void **sig_opts);
+ mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
mbedtls_x509_time *t);
int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,
@@ -45,8 +44,7 @@
mbedtls_x509_buf *ext, int tag);
#if !defined(MBEDTLS_X509_REMOVE_INFO)
int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
- mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
- const void *sig_opts);
+ mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg);
#endif
int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name);
int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
diff --git a/library/x509_oid.c b/library/x509_oid.c
new file mode 100644
index 0000000..d69fd51
--- /dev/null
+++ b/library/x509_oid.c
@@ -0,0 +1,603 @@
+/**
+ * \file x509_oid.c
+ *
+ * \brief Object Identifier (OID) database
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "x509_internal.h"
+
+/* Each group of tables and functions has its own dependencies, but
+ * don't even bother to define helper macros if X.509 is completely
+ * disabled. */
+#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
+
+#include "mbedtls/oid.h"
+#include "x509_oid.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+/*
+ * Macro to automatically add the size of #define'd OIDs
+ */
+#define ADD_LEN(s) s, MBEDTLS_OID_SIZE(s)
+
+/*
+ * Macro to generate mbedtls_x509_oid_descriptor_t
+ */
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
+#define OID_DESCRIPTOR(s, name, description) { ADD_LEN(s), name, description }
+#define NULL_OID_DESCRIPTOR { NULL, 0, NULL, NULL }
+#else
+#define OID_DESCRIPTOR(s, name, description) { ADD_LEN(s) }
+#define NULL_OID_DESCRIPTOR { NULL, 0 }
+#endif
+
+/*
+ * Macro to generate an internal function for oid_XXX_from_asn1() (used by
+ * the other functions)
+ */
+#define FN_OID_TYPED_FROM_ASN1(TYPE_T, NAME, LIST) \
+ static const TYPE_T *oid_ ## NAME ## _from_asn1( \
+ const mbedtls_asn1_buf *oid) \
+ { \
+ const TYPE_T *p = (LIST); \
+ const mbedtls_x509_oid_descriptor_t *cur = \
+ (const mbedtls_x509_oid_descriptor_t *) p; \
+ if (p == NULL || oid == NULL) return NULL; \
+ while (cur->asn1 != NULL) { \
+ if (cur->asn1_len == oid->len && \
+ memcmp(cur->asn1, oid->p, oid->len) == 0) { \
+ return p; \
+ } \
+ p++; \
+ cur = (const mbedtls_x509_oid_descriptor_t *) p; \
+ } \
+ return NULL; \
+ }
+
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
+/*
+ * Macro to generate a function for retrieving a single attribute from the
+ * descriptor of an mbedtls_x509_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
+ int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1) \
+ { \
+ const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \
+ if (data == NULL) return MBEDTLS_ERR_X509_UNKNOWN_OID; \
+ *ATTR1 = data->descriptor.ATTR1; \
+ return 0; \
+ }
+#endif /* MBEDTLS_X509_REMOVE_INFO */
+
+/*
+ * Macro to generate a function for retrieving a single attribute from an
+ * mbedtls_x509_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
+ int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1) \
+ { \
+ const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \
+ if (data == NULL) return MBEDTLS_ERR_X509_UNKNOWN_OID; \
+ *ATTR1 = data->ATTR1; \
+ return 0; \
+ }
+
+/*
+ * Macro to generate a function for retrieving two attributes from an
+ * mbedtls_x509_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
+ ATTR2_TYPE, ATTR2) \
+ int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, \
+ ATTR2_TYPE * ATTR2) \
+ { \
+ const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \
+ if (data == NULL) return MBEDTLS_ERR_X509_UNKNOWN_OID; \
+ *(ATTR1) = data->ATTR1; \
+ *(ATTR2) = data->ATTR2; \
+ return 0; \
+ }
+
+/*
+ * Macro to generate a function for retrieving the OID based on a single
+ * attribute from a mbedtls_x509_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
+ int FN_NAME(ATTR1_TYPE ATTR1, const char **oid, size_t *olen) \
+ { \
+ const TYPE_T *cur = (LIST); \
+ while (cur->descriptor.asn1 != NULL) { \
+ if (cur->ATTR1 == (ATTR1)) { \
+ *oid = cur->descriptor.asn1; \
+ *olen = cur->descriptor.asn1_len; \
+ return 0; \
+ } \
+ cur++; \
+ } \
+ return MBEDTLS_ERR_X509_UNKNOWN_OID; \
+ }
+
+/*
+ * Macro to generate a function for retrieving the OID based on two
+ * attributes from a mbedtls_x509_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \
+ ATTR2_TYPE, ATTR2) \
+ int FN_NAME(ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid, \
+ size_t *olen) \
+ { \
+ const TYPE_T *cur = (LIST); \
+ while (cur->descriptor.asn1 != NULL) { \
+ if (cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2)) { \
+ *oid = cur->descriptor.asn1; \
+ *olen = cur->descriptor.asn1_len; \
+ return 0; \
+ } \
+ cur++; \
+ } \
+ return MBEDTLS_ERR_X509_UNKNOWN_OID; \
+ }
+
+/*
+ * For X520 attribute types
+ */
+#if defined(MBEDTLS_X509_USE_C)
+typedef struct {
+ mbedtls_x509_oid_descriptor_t descriptor;
+ const char *short_name;
+} oid_x520_attr_t;
+
+static const oid_x520_attr_t oid_x520_attr_type[] =
+{
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_CN, "id-at-commonName", "Common Name"),
+ "CN",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_COUNTRY, "id-at-countryName", "Country"),
+ "C",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_LOCALITY, "id-at-locality", "Locality"),
+ "L",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_STATE, "id-at-state", "State"),
+ "ST",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_ORGANIZATION, "id-at-organizationName",
+ "Organization"),
+ "O",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_ORG_UNIT, "id-at-organizationalUnitName", "Org Unit"),
+ "OU",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_PKCS9_EMAIL,
+ "emailAddress",
+ "E-mail address"),
+ "emailAddress",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_SERIAL_NUMBER,
+ "id-at-serialNumber",
+ "Serial number"),
+ "serialNumber",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_POSTAL_ADDRESS,
+ "id-at-postalAddress",
+ "Postal address"),
+ "postalAddress",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_POSTAL_CODE, "id-at-postalCode", "Postal code"),
+ "postalCode",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_SUR_NAME, "id-at-surName", "Surname"),
+ "SN",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_GIVEN_NAME, "id-at-givenName", "Given name"),
+ "GN",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_INITIALS, "id-at-initials", "Initials"),
+ "initials",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_GENERATION_QUALIFIER,
+ "id-at-generationQualifier",
+ "Generation qualifier"),
+ "generationQualifier",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_TITLE, "id-at-title", "Title"),
+ "title",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_DN_QUALIFIER,
+ "id-at-dnQualifier",
+ "Distinguished Name qualifier"),
+ "dnQualifier",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_PSEUDONYM, "id-at-pseudonym", "Pseudonym"),
+ "pseudonym",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_UID, "id-uid", "User Id"),
+ "uid",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DOMAIN_COMPONENT,
+ "id-domainComponent",
+ "Domain component"),
+ "DC",
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AT_UNIQUE_IDENTIFIER,
+ "id-at-uniqueIdentifier",
+ "Unique Identifier"),
+ "uniqueIdentifier",
+ },
+ {
+ NULL_OID_DESCRIPTOR,
+ NULL,
+ }
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type)
+FN_OID_GET_ATTR1(mbedtls_x509_oid_get_attr_short_name,
+ oid_x520_attr_t,
+ x520_attr,
+ const char *,
+ short_name)
+#endif /* MBEDTLS_X509_USE_C */
+
+/*
+ * For X509 extensions
+ */
+#if defined(MBEDTLS_X509_OID_HAVE_GET_X509_EXT_TYPE)
+typedef struct {
+ mbedtls_x509_oid_descriptor_t descriptor;
+ int ext_type;
+} oid_x509_ext_t;
+
+static const oid_x509_ext_t oid_x509_ext[] =
+{
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_BASIC_CONSTRAINTS,
+ "id-ce-basicConstraints",
+ "Basic Constraints"),
+ MBEDTLS_X509_EXT_BASIC_CONSTRAINTS,
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_KEY_USAGE, "id-ce-keyUsage", "Key Usage"),
+ MBEDTLS_X509_EXT_KEY_USAGE,
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_EXTENDED_KEY_USAGE,
+ "id-ce-extKeyUsage",
+ "Extended Key Usage"),
+ MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE,
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_ALT_NAME,
+ "id-ce-subjectAltName",
+ "Subject Alt Name"),
+ MBEDTLS_X509_EXT_SUBJECT_ALT_NAME,
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_NS_CERT_TYPE,
+ "id-netscape-certtype",
+ "Netscape Certificate Type"),
+ MBEDTLS_X509_EXT_NS_CERT_TYPE,
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_CERTIFICATE_POLICIES,
+ "id-ce-certificatePolicies",
+ "Certificate Policies"),
+ MBEDTLS_X509_EXT_CERTIFICATE_POLICIES,
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER,
+ "id-ce-subjectKeyIdentifier",
+ "Subject Key Identifier"),
+ MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER,
+ },
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER,
+ "id-ce-authorityKeyIdentifier",
+ "Authority Key Identifier"),
+ MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER,
+ },
+ {
+ NULL_OID_DESCRIPTOR,
+ 0,
+ },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext)
+FN_OID_GET_ATTR1(mbedtls_x509_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type)
+#endif /* MBEDTLS_X509_OID_HAVE_GET_X509_EXT_TYPE */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
+static const mbedtls_x509_oid_descriptor_t oid_ext_key_usage[] =
+{
+ OID_DESCRIPTOR(MBEDTLS_OID_SERVER_AUTH,
+ "id-kp-serverAuth",
+ "TLS Web Server Authentication"),
+ OID_DESCRIPTOR(MBEDTLS_OID_CLIENT_AUTH,
+ "id-kp-clientAuth",
+ "TLS Web Client Authentication"),
+ OID_DESCRIPTOR(MBEDTLS_OID_CODE_SIGNING, "id-kp-codeSigning", "Code Signing"),
+ OID_DESCRIPTOR(MBEDTLS_OID_EMAIL_PROTECTION, "id-kp-emailProtection", "E-mail Protection"),
+ OID_DESCRIPTOR(MBEDTLS_OID_TIME_STAMPING, "id-kp-timeStamping", "Time Stamping"),
+ OID_DESCRIPTOR(MBEDTLS_OID_OCSP_SIGNING, "id-kp-OCSPSigning", "OCSP Signing"),
+ OID_DESCRIPTOR(MBEDTLS_OID_WISUN_FAN,
+ "id-kp-wisun-fan-device",
+ "Wi-SUN Alliance Field Area Network (FAN)"),
+ NULL_OID_DESCRIPTOR,
+};
+
+FN_OID_TYPED_FROM_ASN1(mbedtls_x509_oid_descriptor_t, ext_key_usage, oid_ext_key_usage)
+FN_OID_GET_ATTR1(mbedtls_x509_oid_get_extended_key_usage,
+ mbedtls_x509_oid_descriptor_t,
+ ext_key_usage,
+ const char *,
+ description)
+
+static const mbedtls_x509_oid_descriptor_t oid_certificate_policies[] =
+{
+ OID_DESCRIPTOR(MBEDTLS_OID_ANY_POLICY, "anyPolicy", "Any Policy"),
+ NULL_OID_DESCRIPTOR,
+};
+
+FN_OID_TYPED_FROM_ASN1(mbedtls_x509_oid_descriptor_t, certificate_policies,
+ oid_certificate_policies)
+FN_OID_GET_ATTR1(mbedtls_x509_oid_get_certificate_policies,
+ mbedtls_x509_oid_descriptor_t,
+ certificate_policies,
+ const char *,
+ description)
+#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_INFO */
+
+/*
+ * For SignatureAlgorithmIdentifier
+ */
+#if defined(MBEDTLS_X509_USE_C) || \
+ defined(MBEDTLS_X509_CRT_WRITE_C) || defined(MBEDTLS_X509_CSR_WRITE_C)
+typedef struct {
+ mbedtls_x509_oid_descriptor_t descriptor;
+ mbedtls_md_type_t md_alg;
+ mbedtls_pk_type_t pk_alg;
+} oid_sig_alg_t;
+
+static const oid_sig_alg_t oid_sig_alg[] =
+{
+#if defined(MBEDTLS_RSA_C)
+#if defined(PSA_WANT_ALG_MD5)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5"),
+ MBEDTLS_MD_MD5, MBEDTLS_PK_RSA,
+ },
+#endif /* PSA_WANT_ALG_MD5 */
+#if defined(PSA_WANT_ALG_SHA_1)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA1, "sha-1WithRSAEncryption", "RSA with SHA1"),
+ MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_1 */
+#if defined(PSA_WANT_ALG_SHA_224)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA224, "sha224WithRSAEncryption",
+ "RSA with SHA-224"),
+ MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_224 */
+#if defined(PSA_WANT_ALG_SHA_256)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA256, "sha256WithRSAEncryption",
+ "RSA with SHA-256"),
+ MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_256 */
+#if defined(PSA_WANT_ALG_SHA_384)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA384, "sha384WithRSAEncryption",
+ "RSA with SHA-384"),
+ MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_384 */
+#if defined(PSA_WANT_ALG_SHA_512)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA512, "sha512WithRSAEncryption",
+ "RSA with SHA-512"),
+ MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_512 */
+#if defined(PSA_WANT_ALG_SHA_1)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_RSA_SHA_OBS, "sha-1WithRSAEncryption", "RSA with SHA1"),
+ MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_1 */
+#endif /* MBEDTLS_RSA_C */
+#if defined(PSA_HAVE_ALG_SOME_ECDSA)
+#if defined(PSA_WANT_ALG_SHA_1)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA1, "ecdsa-with-SHA1", "ECDSA with SHA1"),
+ MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_1 */
+#if defined(PSA_WANT_ALG_SHA_224)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA224, "ecdsa-with-SHA224", "ECDSA with SHA224"),
+ MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA_256)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA256, "ecdsa-with-SHA256", "ECDSA with SHA256"),
+ MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_256 */
+#if defined(PSA_WANT_ALG_SHA_384)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384"),
+ MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_384 */
+#if defined(PSA_WANT_ALG_SHA_512)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512"),
+ MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA,
+ },
+#endif /* PSA_WANT_ALG_SHA_512 */
+#endif /* PSA_HAVE_ALG_SOME_ECDSA */
+#if defined(MBEDTLS_RSA_C)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_RSASSA_PSS, "RSASSA-PSS", "RSASSA-PSS"),
+ MBEDTLS_MD_NONE, MBEDTLS_PK_RSASSA_PSS,
+ },
+#endif /* MBEDTLS_RSA_C */
+ {
+ NULL_OID_DESCRIPTOR,
+ MBEDTLS_MD_NONE, MBEDTLS_PK_NONE,
+ },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg)
+
+#if defined(MBEDTLS_X509_USE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
+FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_x509_oid_get_sig_alg_desc,
+ oid_sig_alg_t,
+ sig_alg,
+ const char *,
+ description)
+#endif /* MBEDTLS_X509_USE_C && !MBEDTLS_X509_REMOVE_INFO */
+
+#if defined(MBEDTLS_X509_USE_C)
+FN_OID_GET_ATTR2(mbedtls_x509_oid_get_sig_alg,
+ oid_sig_alg_t,
+ sig_alg,
+ mbedtls_md_type_t,
+ md_alg,
+ mbedtls_pk_type_t,
+ pk_alg)
+#endif /* MBEDTLS_X509_USE_C */
+#if defined(MBEDTLS_X509_CRT_WRITE_C) || defined(MBEDTLS_X509_CSR_WRITE_C)
+FN_OID_GET_OID_BY_ATTR2(mbedtls_x509_oid_get_oid_by_sig_alg,
+ oid_sig_alg_t,
+ oid_sig_alg,
+ mbedtls_pk_type_t,
+ pk_alg,
+ mbedtls_md_type_t,
+ md_alg)
+#endif /* MBEDTLS_X509_CRT_WRITE_C || MBEDTLS_X509_CSR_WRITE_C */
+
+#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CRT_WRITE_C || MBEDTLS_X509_CSR_WRITE_C */
+
+#if defined(MBEDTLS_X509_OID_HAVE_GET_MD_ALG)
+/*
+ * For digestAlgorithm
+ */
+/* The table of digest OIDs is duplicated in TF-PSA-Crypto (which uses it to
+ * look up the OID for a hash algorithm in RSA PKCS#1v1.5 signature and
+ * verification). */
+typedef struct {
+ mbedtls_x509_oid_descriptor_t descriptor;
+ mbedtls_md_type_t md_alg;
+} oid_md_alg_t;
+
+static const oid_md_alg_t oid_md_alg[] =
+{
+#if defined(PSA_WANT_ALG_MD5)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5"),
+ MBEDTLS_MD_MD5,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA_1)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA1, "id-sha1", "SHA-1"),
+ MBEDTLS_MD_SHA1,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA_224)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA224, "id-sha224", "SHA-224"),
+ MBEDTLS_MD_SHA224,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA_256)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA256, "id-sha256", "SHA-256"),
+ MBEDTLS_MD_SHA256,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA_384)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA384, "id-sha384", "SHA-384"),
+ MBEDTLS_MD_SHA384,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA_512)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA512, "id-sha512", "SHA-512"),
+ MBEDTLS_MD_SHA512,
+ },
+#endif
+#if defined(PSA_WANT_ALG_RIPEMD160)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160"),
+ MBEDTLS_MD_RIPEMD160,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA3_224)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_224, "id-sha3-224", "SHA-3-224"),
+ MBEDTLS_MD_SHA3_224,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA3_256)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_256, "id-sha3-256", "SHA-3-256"),
+ MBEDTLS_MD_SHA3_256,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA3_384)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_384, "id-sha3-384", "SHA-3-384"),
+ MBEDTLS_MD_SHA3_384,
+ },
+#endif
+#if defined(PSA_WANT_ALG_SHA3_512)
+ {
+ OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_512, "id-sha3-512", "SHA-3-512"),
+ MBEDTLS_MD_SHA3_512,
+ },
+#endif
+ {
+ NULL_OID_DESCRIPTOR,
+ MBEDTLS_MD_NONE,
+ },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
+FN_OID_GET_ATTR1(mbedtls_x509_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
+
+#endif /* MBEDTLS_X509_OID_HAVE_GET_MD_ALG */
+
+#endif /* some X.509 is enabled */
diff --git a/library/x509_oid.h b/library/x509_oid.h
new file mode 100644
index 0000000..c2fe8dc
--- /dev/null
+++ b/library/x509_oid.h
@@ -0,0 +1,150 @@
+/**
+ * \file x509_oid.h
+ *
+ * \brief Object Identifier (OID) database
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_X509_OID_H
+#define MBEDTLS_X509_OID_H
+#include "mbedtls/private_access.h"
+
+#include "mbedtls/asn1.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/x509.h"
+
+#include <stddef.h>
+
+#include "mbedtls/md.h"
+
+/*
+ * Maximum number of OID components allowed
+ */
+#define MBEDTLS_OID_MAX_COMPONENTS 128
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Base OID descriptor structure
+ */
+typedef struct {
+ const char *MBEDTLS_PRIVATE(asn1); /*!< OID ASN.1 representation */
+ size_t MBEDTLS_PRIVATE(asn1_len); /*!< length of asn1 */
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
+ const char *MBEDTLS_PRIVATE(name); /*!< official name (e.g. from RFC) */
+ const char *MBEDTLS_PRIVATE(description); /*!< human friendly description */
+#endif
+} mbedtls_x509_oid_descriptor_t;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) || defined(MBEDTLS_X509_CSR_PARSE_C)
+#define MBEDTLS_X509_OID_HAVE_GET_X509_EXT_TYPE
+/**
+ * \brief Translate an X.509 extension OID into local values
+ *
+ * \param oid OID to use
+ * \param ext_type place to store the extension type
+ *
+ * \return 0 if successful, or MBEDTLS_ERR_X509_UNKNOWN_OID
+ */
+int mbedtls_x509_oid_get_x509_ext_type(const mbedtls_asn1_buf *oid, int *ext_type);
+#endif /* MBEDTLS_X509_OID_HAVE_GET_X509_EXT_TYPE */
+
+#if defined(MBEDTLS_X509_USE_C)
+/**
+ * \brief Translate an X.509 attribute type OID into the short name
+ * (e.g. the OID for an X520 Common Name into "CN")
+ *
+ * \param oid OID to use
+ * \param short_name place to store the string pointer
+ *
+ * \return 0 if successful, or MBEDTLS_ERR_X509_UNKNOWN_OID
+ */
+int mbedtls_x509_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name);
+#endif /* MBEDTLS_X509_USE_C */
+
+#if defined(MBEDTLS_X509_USE_C)
+/**
+ * \brief Translate SignatureAlgorithm OID into md_type and pk_type
+ *
+ * \param oid OID to use
+ * \param md_alg place to store message digest algorithm
+ * \param pk_alg place to store public key algorithm
+ *
+ * \return 0 if successful, or MBEDTLS_ERR_X509_UNKNOWN_OID
+ */
+int mbedtls_x509_oid_get_sig_alg(const mbedtls_asn1_buf *oid,
+ mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
+
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
+/**
+ * \brief Translate SignatureAlgorithm OID into description
+ *
+ * \param oid OID to use
+ * \param desc place to store string pointer
+ *
+ * \return 0 if successful, or MBEDTLS_ERR_X509_UNKNOWN_OID
+ */
+int mbedtls_x509_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc);
+#endif /* !MBEDTLS_X509_REMOVE_INFO */
+#endif /* MBEDTLS_X509_USE_C */
+
+#if defined(MBEDTLS_X509_CRT_WRITE_C) || defined(MBEDTLS_X509_CSR_WRITE_C)
+/**
+ * \brief Translate md_type and pk_type into SignatureAlgorithm OID
+ *
+ * \param md_alg message digest algorithm
+ * \param pk_alg public key algorithm
+ * \param oid place to store ASN.1 OID string pointer
+ * \param olen length of the OID
+ *
+ * \return 0 if successful, or MBEDTLS_ERR_X509_UNKNOWN_OID
+ */
+int mbedtls_x509_oid_get_oid_by_sig_alg(mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+ const char **oid, size_t *olen);
+#endif /* MBEDTLS_X509_CRT_WRITE_C || MBEDTLS_X509_CSR_WRITE_C */
+
+#if (defined(MBEDTLS_X509_USE_C) && defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)) || \
+ defined(MBEDTLS_PKCS7_C)
+#define MBEDTLS_X509_OID_HAVE_GET_MD_ALG
+/**
+ * \brief Translate hash algorithm OID into md_type
+ *
+ * \param oid OID to use
+ * \param md_alg place to store message digest algorithm
+ *
+ * \return 0 if successful, or MBEDTLS_ERR_X509_UNKNOWN_OID
+ */
+int mbedtls_x509_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg);
+#endif /* MBEDTLS_X509_OID_HAVE_GET_MD_ALG */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
+/**
+ * \brief Translate Extended Key Usage OID into description
+ *
+ * \param oid OID to use
+ * \param desc place to store string pointer
+ *
+ * \return 0 if successful, or MBEDTLS_ERR_X509_UNKNOWN_OID
+ */
+int mbedtls_x509_oid_get_extended_key_usage(const mbedtls_asn1_buf *oid, const char **desc);
+
+/**
+ * \brief Translate certificate policies OID into description
+ *
+ * \param oid OID to use
+ * \param desc place to store string pointer
+ *
+ * \return 0 if successful, or MBEDTLS_ERR_X509_UNKNOWN_OID
+ */
+int mbedtls_x509_oid_get_certificate_policies(const mbedtls_asn1_buf *oid, const char **desc);
+#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_INFO */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* x509_oid.h */
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 7d20748..09c2328 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -19,6 +19,7 @@
#include "mbedtls/asn1write.h"
#include "mbedtls/error.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include "mbedtls/platform.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/md.h"
@@ -81,12 +82,14 @@
int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx,
const char *subject_name)
{
+ mbedtls_asn1_free_named_data_list(&ctx->subject);
return mbedtls_x509_string_to_names(&ctx->subject, subject_name);
}
int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx,
const char *issuer_name)
{
+ mbedtls_asn1_free_named_data_list(&ctx->issuer);
return mbedtls_x509_string_to_names(&ctx->issuer, issuer_name);
}
@@ -413,8 +416,8 @@
return MBEDTLS_ERR_X509_INVALID_ALG;
}
- if ((ret = mbedtls_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg,
- &sig_oid, &sig_oid_len)) != 0) {
+ if ((ret = mbedtls_x509_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg,
+ &sig_oid, &sig_oid_len)) != 0) {
return ret;
}
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index e65ddb0..88adf79 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -18,6 +18,7 @@
#include "mbedtls/asn1write.h"
#include "mbedtls/error.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include "mbedtls/platform_util.h"
#include "psa/crypto.h"
@@ -63,6 +64,7 @@
int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx,
const char *subject_name)
{
+ mbedtls_asn1_free_named_data_list(&ctx->subject);
return mbedtls_x509_string_to_names(&ctx->subject, subject_name);
}
@@ -228,8 +230,8 @@
return MBEDTLS_ERR_X509_INVALID_ALG;
}
- if ((ret = mbedtls_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg,
- &sig_oid, &sig_oid_len)) != 0) {
+ if ((ret = mbedtls_x509_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg,
+ &sig_oid, &sig_oid_len)) != 0) {
return ret;
}
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index f1ed511..4d329f2 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -7,7 +7,7 @@
#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
-#include "mbedtls/build_info.h"
+#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform.h"
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index 92d9660..1598986 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -7,7 +7,7 @@
#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
-#include "mbedtls/build_info.h"
+#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform.h"
/* md.h is included this early since MD_CAN_XXX macros are defined there. */
diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c
index 8ae612b..d9e3bf1 100644
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@@ -7,7 +7,7 @@
#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
-#include "mbedtls/build_info.h"
+#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform.h"
/* md.h is included this early since MD_CAN_XXX macros are defined there. */
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index a5e06fb..94333ae 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -7,7 +7,7 @@
#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
-#include "mbedtls/build_info.h"
+#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform.h"
/* md.h is included this early since MD_CAN_XXX macros are defined there. */
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index 2bb140f..19f92af 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -7,7 +7,7 @@
#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
-#include "mbedtls/build_info.h"
+#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform.h"
/* md.h is included this early since MD_CAN_XXX macros are defined there. */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index bb67c40..d5e7fdf 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -2172,7 +2172,7 @@
#if defined(MBEDTLS_ECP_RESTARTABLE)
if (opt.ec_max_ops != DFL_EC_MAX_OPS) {
- mbedtls_ecp_set_max_ops(opt.ec_max_ops);
+ psa_interruptible_set_max_ops(opt.ec_max_ops);
}
#endif
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 3c9fb7e..42fa8d6 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1140,7 +1140,6 @@
typedef enum {
ASYNC_OP_SIGN,
- ASYNC_OP_DECRYPT,
} ssl_async_operation_type_t;
typedef struct {
@@ -1160,7 +1159,6 @@
static const char *const ssl_async_operation_names[] =
{
"sign",
- "decrypt",
};
static int ssl_async_start(mbedtls_ssl_context *ssl,
@@ -1261,11 +1259,6 @@
}
switch (ctx->operation_type) {
- case ASYNC_OP_DECRYPT:
- ret = mbedtls_pk_decrypt(key_slot->pk,
- ctx->input, ctx->input_len,
- output, output_len, output_size);
- break;
case ASYNC_OP_SIGN:
ret = mbedtls_pk_sign(key_slot->pk,
ctx->md_alg,
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 089f8a6..9497084 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -2,20 +2,16 @@
${mbedtls_target}
)
-set(executables_libs
+set(executables
metatest
query_compile_time_config
query_included_headers
selftest
udp_proxy
-)
-add_dependencies(${programs_target} ${executables_libs})
-add_dependencies(${ssl_opt_target} udp_proxy)
-
-set(executables_mbedcrypto
zeroize
)
-add_dependencies(${programs_target} ${executables_mbedcrypto})
+add_dependencies(${programs_target} ${executables})
+add_dependencies(${ssl_opt_target} udp_proxy)
add_dependencies(${ssl_opt_target} query_compile_time_config)
if(TEST_CPP)
@@ -74,7 +70,7 @@
link_to_source(query_config.c)
endif()
-foreach(exe IN LISTS executables_libs executables_mbedcrypto)
+foreach(exe IN LISTS executables)
set(source ${exe}.c)
set(extra_sources "")
if(NOT EXISTS ${source} AND
@@ -102,16 +98,9 @@
# Request C11, required for memory poisoning
set_target_properties(${exe} PROPERTIES C_STANDARD 11)
-
- # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
- list(FIND executables_libs ${exe} exe_index)
- if (${exe_index} GREATER -1)
- target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT})
- else()
- target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
- endif()
+ target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT})
endforeach()
-install(TARGETS ${executables_libs} ${executables_mbedcrypto}
+install(TARGETS ${executables}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/test/cmake_package/CMakeLists.txt b/programs/test/cmake_package/CMakeLists.txt
index 85270bc..287a0c3 100644
--- a/programs/test/cmake_package/CMakeLists.txt
+++ b/programs/test/cmake_package/CMakeLists.txt
@@ -35,4 +35,4 @@
add_executable(cmake_package cmake_package.c)
target_link_libraries(cmake_package
- MbedTLS::tfpsacrypto MbedTLS::mbedtls MbedTLS::mbedx509)
+ MbedTLS::mbedtls MbedTLS::mbedx509 MbedTLS::tfpsacrypto)
diff --git a/programs/test/cmake_package_install/CMakeLists.txt b/programs/test/cmake_package_install/CMakeLists.txt
index f10109e..0d7dbe4 100644
--- a/programs/test/cmake_package_install/CMakeLists.txt
+++ b/programs/test/cmake_package_install/CMakeLists.txt
@@ -38,4 +38,4 @@
add_executable(cmake_package_install cmake_package_install.c)
target_link_libraries(cmake_package_install
- MbedTLS::tfpsacrypto MbedTLS::mbedtls MbedTLS::mbedx509)
+ MbedTLS::mbedtls MbedTLS::mbedx509 MbedTLS::tfpsacrypto)
diff --git a/programs/test/cmake_subproject/CMakeLists.txt b/programs/test/cmake_subproject/CMakeLists.txt
index 7acdcc3..5bd0c87 100644
--- a/programs/test/cmake_subproject/CMakeLists.txt
+++ b/programs/test/cmake_subproject/CMakeLists.txt
@@ -14,9 +14,9 @@
# Link against all the Mbed TLS libraries. Verifies that the targets have been
# created using the specified prefix
set(libs
- subproject_test_tfpsacrypto
- subproject_test_mbedx509
subproject_test_mbedtls
+ subproject_test_mbedx509
+ subproject_test_tfpsacrypto
)
add_executable(cmake_subproject cmake_subproject.c)
diff --git a/programs/test/dlopen.c b/programs/test/dlopen.c
index ec4ee7e..bb7fba8 100644
--- a/programs/test/dlopen.c
+++ b/programs/test/dlopen.c
@@ -50,8 +50,15 @@
#if defined(MBEDTLS_SSL_TLS_C)
void *tls_so = dlopen(TLS_SO_FILENAME, RTLD_NOW);
CHECK_DLERROR("dlopen", TLS_SO_FILENAME);
+#pragma GCC diagnostic push
+ /* dlsym() returns an object pointer which is meant to be used as a
+ * function pointer. This has undefined behavior in standard C, so
+ * "gcc -std=c99 -pedantic" complains about it, but it is perfectly
+ * fine on platforms that have dlsym(). */
+#pragma GCC diagnostic ignored "-Wpedantic"
const int *(*ssl_list_ciphersuites)(void) =
dlsym(tls_so, "mbedtls_ssl_list_ciphersuites");
+#pragma GCC diagnostic pop
CHECK_DLERROR("dlsym", "mbedtls_ssl_list_ciphersuites");
const int *ciphersuites = ssl_list_ciphersuites();
for (n = 0; ciphersuites[n] != 0; n++) {/* nothing to do, we're just counting */
@@ -85,9 +92,15 @@
CHECK_DLERROR("dlopen", TFPSACRYPTO_SO_FILENAME);
crypto_so_filename = TFPSACRYPTO_SO_FILENAME;
}
-
+#pragma GCC diagnostic push
+ /* dlsym() returns an object pointer which is meant to be used as a
+ * function pointer. This has undefined behavior in standard C, so
+ * "gcc -std=c99 -pedantic" complains about it, but it is perfectly
+ * fine on platforms that have dlsym(). */
+#pragma GCC diagnostic ignored "-Wpedantic"
const int *(*md_list)(void) =
dlsym(crypto_so, "mbedtls_md_list");
+#pragma GCC diagnostic pop
CHECK_DLERROR("dlsym", "mbedtls_md_list");
const int *mds = md_list();
for (n = 0; mds[n] != 0; n++) {/* nothing to do, we're just counting */
diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh
index 7b4f520..ecf0149 100755
--- a/programs/test/generate_cpp_dummy_build.sh
+++ b/programs/test/generate_cpp_dummy_build.sh
@@ -73,8 +73,12 @@
cat <<'EOF'
+#include <iostream>
+
int main()
{
+ std::cout << "CPP dummy build\n";
+
mbedtls_platform_context *ctx = NULL;
mbedtls_platform_setup(ctx);
mbedtls_printf("CPP Build test passed\n");
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index 4794cef..8516f3a 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -211,11 +211,18 @@
* back.
*/
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_ENTROPY_C)
-#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_PLATFORM_GET_ENTROPY_ALT)
+static void dummy_entropy(unsigned char *output, size_t output_size)
+{
+ srand(1);
+ for (size_t i = 0; i < output_size; i++) {
+ output[i] = rand();
+ }
+}
+
static void create_entropy_seed_file(void)
{
int result;
- size_t output_len = 0;
unsigned char seed_value[MBEDTLS_ENTROPY_BLOCK_SIZE];
/* Attempt to read the entropy seed file. If this fails - attempt to write
@@ -226,25 +233,14 @@
return;
}
- result = mbedtls_platform_entropy_poll(NULL,
- seed_value,
- MBEDTLS_ENTROPY_BLOCK_SIZE,
- &output_len);
- if (0 != result) {
- return;
- }
-
- if (MBEDTLS_ENTROPY_BLOCK_SIZE != output_len) {
- return;
- }
-
+ dummy_entropy(seed_value, MBEDTLS_ENTROPY_BLOCK_SIZE);
mbedtls_platform_std_nv_seed_write(seed_value, MBEDTLS_ENTROPY_BLOCK_SIZE);
}
#endif
static int mbedtls_entropy_self_test_wrapper(int verbose)
{
-#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_PLATFORM_GET_ENTROPY_ALT)
create_entropy_seed_file();
#endif
return mbedtls_entropy_self_test(verbose);
@@ -294,7 +290,10 @@
#if defined(MBEDTLS_SHA512_C)
{ "sha512", mbedtls_sha512_self_test },
#endif
-#if defined(MBEDTLS_SHA3_C)
+#if defined(PSA_WANT_ALG_SHA3_224) || \
+ defined(PSA_WANT_ALG_SHA3_256) || \
+ defined(PSA_WANT_ALG_SHA3_384) || \
+ defined(PSA_WANT_ALG_SHA3_512)
{ "sha3", mbedtls_sha3_self_test },
#endif
#if defined(MBEDTLS_DES_C)
diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt
index c1b6b75..fb3ba18 100644
--- a/programs/util/CMakeLists.txt
+++ b/programs/util/CMakeLists.txt
@@ -1,6 +1,6 @@
set(libs
- ${tfpsacrypto_target}
${mbedx509_target}
+ ${tfpsacrypto_target}
)
set(executables
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index f09e938..e59772f 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -150,7 +150,6 @@
mbedtls_ctr_drbg_context ctr_drbg;
const char *pers = "csr example app";
mbedtls_x509_san_list *cur, *prev;
- mbedtls_asn1_named_data *ext_san_dirname = NULL;
#if defined(MBEDTLS_X509_CRT_PARSE_C)
uint8_t ip[4] = { 0 };
#endif
@@ -274,7 +273,15 @@
cur->node.san.unstructured_name.len = sizeof(ip);
} else if (strcmp(q, "DN") == 0) {
cur->node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME;
- if ((ret = mbedtls_x509_string_to_names(&ext_san_dirname,
+ /* Work around an API mismatch between string_to_names() and
+ * mbedtls_x509_subject_alternative_name, which holds an
+ * actual mbedtls_x509_name while a pointer to one would be
+ * more convenient here. (Note mbedtls_x509_name and
+ * mbedtls_asn1_named_data are synonymous, again
+ * string_to_names() uses one while
+ * cur->node.san.directory_name is nominally the other.) */
+ mbedtls_asn1_named_data *tmp_san_dirname = NULL;
+ if ((ret = mbedtls_x509_string_to_names(&tmp_san_dirname,
subtype_value)) != 0) {
mbedtls_strerror(ret, buf, sizeof(buf));
mbedtls_printf(
@@ -283,7 +290,9 @@
(unsigned int) -ret, buf);
goto exit;
}
- cur->node.san.directory_name = *ext_san_dirname;
+ cur->node.san.directory_name = *tmp_san_dirname;
+ mbedtls_free(tmp_san_dirname);
+ tmp_san_dirname = NULL;
} else {
mbedtls_free(cur);
goto usage;
@@ -490,7 +499,6 @@
}
mbedtls_x509write_csr_free(&req);
- mbedtls_asn1_free_named_data_list(&ext_san_dirname);
mbedtls_pk_free(&key);
mbedtls_ctr_drbg_free(&ctr_drbg);
mbedtls_entropy_free(&entropy);
@@ -500,12 +508,21 @@
cur = opt.san_list;
while (cur != NULL) {
- prev = cur;
- cur = cur->next;
- mbedtls_free(prev);
+ mbedtls_x509_san_list *next = cur->next;
+ /* Note: mbedtls_x509_free_subject_alt_name() is not what we want here.
+ * It's the right thing for entries that were parsed from a certificate,
+ * where pointers are to the raw certificate, but here all the
+ * pointers were allocated while parsing from a user-provided string. */
+ if (cur->node.type == MBEDTLS_X509_SAN_DIRECTORY_NAME) {
+ mbedtls_x509_name *dn = &cur->node.san.directory_name;
+ mbedtls_free(dn->oid.p);
+ mbedtls_free(dn->val.p);
+ mbedtls_asn1_free_named_data_list(&dn->next);
+ }
+ mbedtls_free(cur);
+ cur = next;
}
-
mbedtls_exit(exit_code);
}
#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index 9776dc1..3cabff4 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -310,7 +310,6 @@
mbedtls_ctr_drbg_context ctr_drbg;
const char *pers = "crt example app";
mbedtls_x509_san_list *cur, *prev;
- mbedtls_asn1_named_data *ext_san_dirname = NULL;
uint8_t ip[4] = { 0 };
/*
* Set to sane values
@@ -593,7 +592,15 @@
cur->node.san.unstructured_name.len = sizeof(ip);
} else if (strcmp(q, "DN") == 0) {
cur->node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME;
- if ((ret = mbedtls_x509_string_to_names(&ext_san_dirname,
+ /* Work around an API mismatch between string_to_names() and
+ * mbedtls_x509_subject_alternative_name, which holds an
+ * actual mbedtls_x509_name while a pointer to one would be
+ * more convenient here. (Note mbedtls_x509_name and
+ * mbedtls_asn1_named_data are synonymous, again
+ * string_to_names() uses one while
+ * cur->node.san.directory_name is nominally the other.) */
+ mbedtls_asn1_named_data *tmp_san_dirname = NULL;
+ if ((ret = mbedtls_x509_string_to_names(&tmp_san_dirname,
subtype_value)) != 0) {
mbedtls_strerror(ret, buf, sizeof(buf));
mbedtls_printf(
@@ -602,7 +609,9 @@
(unsigned int) -ret, buf);
goto exit;
}
- cur->node.san.directory_name = *ext_san_dirname;
+ cur->node.san.directory_name = *tmp_san_dirname;
+ mbedtls_free(tmp_san_dirname);
+ tmp_san_dirname = NULL;
} else {
mbedtls_free(cur);
goto usage;
@@ -991,10 +1000,26 @@
exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
+ cur = opt.san_list;
+ while (cur != NULL) {
+ mbedtls_x509_san_list *next = cur->next;
+ /* Note: mbedtls_x509_free_subject_alt_name() is not what we want here.
+ * It's the right thing for entries that were parsed from a certificate,
+ * where pointers are to the raw certificate, but here all the
+ * pointers were allocated while parsing from a user-provided string. */
+ if (cur->node.type == MBEDTLS_X509_SAN_DIRECTORY_NAME) {
+ mbedtls_x509_name *dn = &cur->node.san.directory_name;
+ mbedtls_free(dn->oid.p);
+ mbedtls_free(dn->val.p);
+ mbedtls_asn1_free_named_data_list(&dn->next);
+ }
+ mbedtls_free(cur);
+ cur = next;
+ }
+
#if defined(MBEDTLS_X509_CSR_PARSE_C)
mbedtls_x509_csr_free(&csr);
#endif /* MBEDTLS_X509_CSR_PARSE_C */
- mbedtls_asn1_free_named_data_list(&ext_san_dirname);
mbedtls_x509_crt_free(&issuer_crt);
mbedtls_x509write_crt_free(&crt);
mbedtls_pk_free(&loaded_subject_key);
diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh
index 415608a..86ed74e 100755
--- a/scripts/bump_version.sh
+++ b/scripts/bump_version.sh
@@ -124,8 +124,8 @@
mv tmp include/mbedtls/build_info.h
[ $VERBOSE ] && echo "Bumping version in tests/suites/test_suite_version.data"
-sed -e "s/version:\".\{1,\}/version:\"$VERSION\"/g" < tf-psa-crypto/tests/suites/test_suite_version.data > tmp
-mv tmp tf-psa-crypto/tests/suites/test_suite_version.data
+sed -e "s/version:\".\{1,\}/version:\"$VERSION\"/g" < tests/suites/test_suite_version.data > tmp
+mv tmp tests/suites/test_suite_version.data
[ $VERBOSE ] && echo "Bumping PROJECT_NAME in doxygen/mbedtls.doxyfile and doxygen/input/doc_mainpage.h"
for i in doxygen/mbedtls.doxyfile doxygen/input/doc_mainpage.h;
diff --git a/scripts/config.py b/scripts/config.py
index 3fc3614..e5182a6 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -88,7 +88,6 @@
'MBEDTLS_MEMORY_DEBUG', # depends on MEMORY_BUFFER_ALLOC_C
'MBEDTLS_NO_64BIT_MULTIPLICATION', # influences anything that uses bignum
'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', # removes a feature
- 'MBEDTLS_NO_PLATFORM_ENTROPY', # removes a feature
'MBEDTLS_NO_UDBL_DIVISION', # influences anything that uses bignum
'MBEDTLS_PSA_P256M_DRIVER_ENABLED', # influences SECP256R1 KeyGen/ECDH/ECDSA
'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature
@@ -123,6 +122,7 @@
an implementation of the relevant functions and an xxx_alt.h header.
"""
if name in (
+ 'MBEDTLS_PLATFORM_GET_ENTROPY_ALT',
'MBEDTLS_PLATFORM_GMTIME_R_ALT',
'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT',
'MBEDTLS_PLATFORM_MS_TIME_ALT',
@@ -181,7 +181,7 @@
"""Config adapter for "baremetal"."""
if not is_boolean_setting(name, value):
return active
- if name == 'MBEDTLS_NO_PLATFORM_ENTROPY':
+ if name == 'MBEDTLS_PLATFORM_GET_ENTROPY_ALT':
# No OS-provided entropy source
return True
return include_in_full(name) and keep_in_baremetal(name)
diff --git a/scripts/footprint.sh b/scripts/footprint.sh
index 614a493..e45a926 100755
--- a/scripts/footprint.sh
+++ b/scripts/footprint.sh
@@ -64,7 +64,7 @@
scripts/config.py unset MBEDTLS_NET_C || true
scripts/config.py unset MBEDTLS_TIMING_C || true
scripts/config.py unset MBEDTLS_FS_IO || true
- scripts/config.py --force set MBEDTLS_NO_PLATFORM_ENTROPY || true
+ scripts/config.py --force set MBEDTLS_PLATFORM_GET_ENTROPY_ALT || true
} >/dev/null 2>&1
make clean >/dev/null
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index aae1fc8..6912679 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -36,9 +36,9 @@
my $error_format_file = $data_dir.'/error.fmt';
my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM
- CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES
+ CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG
ENTROPY ERROR GCM HKDF HMAC_DRBG LMS MD5
- NET OID PBKDF2 PLATFORM POLY1305 RIPEMD160
+ NET PBKDF2 PLATFORM POLY1305 RIPEMD160
SHA1 SHA256 SHA512 SHA3 THREADING );
my @high_level_modules = qw( CIPHER ECP MD
PEM PK PKCS12 PKCS5
@@ -96,8 +96,8 @@
}
}
-my $ll_old_define = "";
-my $hl_old_define = "";
+my @ll_old_define = ("", "", "");
+my @hl_old_define = ("", "", "");
my $ll_code_check = "";
my $hl_code_check = "";
@@ -129,6 +129,14 @@
$define_name = "SSL_TLS" if ($define_name eq "SSL");
$define_name = "PEM_PARSE,PEM_WRITE" if ($define_name eq "PEM");
$define_name = "PKCS7" if ($define_name eq "PKCS7");
+ $define_name = "ALG_SHA3_224,ALG_SHA3_256,ALG_SHA3_384,ALG_SHA3_512"
+ if ($define_name eq "SHA3");
+
+ my $define_prefix = "MBEDTLS_";
+ $define_prefix = "PSA_WANT_" if ($module_name eq "SHA3");
+
+ my $define_suffix = "_C";
+ $define_suffix = "" if ($module_name eq "SHA3");
my $include_name = $module_name;
$include_name =~ tr/A-Z/a-z/;
@@ -154,26 +162,30 @@
if ($found_ll)
{
$code_check = \$ll_code_check;
- $old_define = \$ll_old_define;
+ $old_define = \@ll_old_define;
$white_space = ' ';
}
else
{
$code_check = \$hl_code_check;
- $old_define = \$hl_old_define;
+ $old_define = \@hl_old_define;
$white_space = ' ';
}
- if ($define_name ne ${$old_define})
+ my $old_define_name = \${$old_define}[0];
+ my $old_define_prefix = \${$old_define}[1];
+ my $old_define_suffix = \${$old_define}[2];
+
+ if ($define_name ne ${$old_define_name})
{
- if (${$old_define} ne "")
+ if (${$old_define_name} ne "")
{
${$code_check} .= "#endif /* ";
$first = 0;
- foreach my $dep (split(/,/, ${$old_define}))
+ foreach my $dep (split(/,/, ${$old_define_name}))
{
- ${$code_check} .= " || " if ($first++);
- ${$code_check} .= "MBEDTLS_${dep}_C";
+ ${$code_check} .= " || \n " if ($first++);
+ ${$code_check} .= "${$old_define_prefix}${dep}${$old_define_suffix}";
}
${$code_check} .= " */\n\n";
}
@@ -183,49 +195,51 @@
$first = 0;
foreach my $dep (split(/,/, ${define_name}))
{
- ${$code_check} .= " || " if ($first);
- $headers .= " || " if ($first++);
+ ${$code_check} .= " || \\\n " if ($first);
+ $headers .= " || \\\n " if ($first++);
- ${$code_check} .= "defined(MBEDTLS_${dep}_C)";
- $headers .= "defined(MBEDTLS_${dep}_C)" if
- ($include_name ne "");
+ ${$code_check} .= "defined(${define_prefix}${dep}${define_suffix})";
+ $headers .= "defined(${define_prefix}${dep}${define_suffix})"
+ if ($include_name ne "");
}
${$code_check} .= "\n";
$headers .= "\n#include \"mbedtls/${include_name}.h\"\n".
"#endif\n\n" if ($include_name ne "");
- ${$old_define} = $define_name;
+ ${$old_define_name} = $define_name;
+ ${$old_define_prefix} = $define_prefix;
+ ${$old_define_suffix} = $define_suffix;
}
${$code_check} .= "${white_space}case -($error_name):\n".
"${white_space} return( \"$module_name - $description\" );\n"
};
-if ($ll_old_define ne "")
+if ($ll_old_define[0] ne "")
{
$ll_code_check .= "#endif /* ";
my $first = 0;
- foreach my $dep (split(/,/, $ll_old_define))
+ foreach my $dep (split(/,/, $ll_old_define[0]))
{
- $ll_code_check .= " || " if ($first++);
- $ll_code_check .= "MBEDTLS_${dep}_C";
+ $ll_code_check .= " || \n " if ($first++);
+ $ll_code_check .= "${ll_old_define[1]}${dep}${ll_old_define[2]}";
}
$ll_code_check .= " */\n";
}
-if ($hl_old_define ne "")
+if ($hl_old_define[0] ne "")
{
$hl_code_check .= "#endif /* ";
my $first = 0;
- foreach my $dep (split(/,/, $hl_old_define))
+ foreach my $dep (split(/,/, $hl_old_define[0]))
{
- $hl_code_check .= " || " if ($first++);
- $hl_code_check .= "MBEDTLS_${dep}_C";
+ $hl_code_check .= " || \n " if ($first++);
+ $hl_code_check .= "${hl_old_define[1]}${dep}${hl_old_define[2]}";
}
$hl_code_check .= " */\n";
}
$error_format =~ s/HEADER_INCLUDED\n/$headers/g;
-$error_format =~ s/LOW_LEVEL_CODE_CHECKS\n/$ll_code_check/g;
-$error_format =~ s/HIGH_LEVEL_CODE_CHECKS\n/$hl_code_check/g;
+$error_format =~ s/ *LOW_LEVEL_CODE_CHECKS\n/$ll_code_check/g;
+$error_format =~ s/ *HIGH_LEVEL_CODE_CHECKS\n/$hl_code_check/g;
open(ERROR_FILE, ">$error_file") or die "Opening destination file '$error_file': $!";
print ERROR_FILE $error_format;
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index 8152189..ef684b7 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -50,7 +50,7 @@
my $test_drivers_source_dir = 'framework/tests/src/drivers';
my @thirdparty_header_dirs = qw(
- tf-psa-crypto/drivers/everest/include/everest
+ tf-psa-crypto/drivers/everest/include/tf-psa-crypto/private/everest
);
my @thirdparty_source_dirs = qw(
tf-psa-crypto/drivers/everest/library
@@ -66,9 +66,9 @@
tf-psa-crypto/include
tf-psa-crypto/drivers/builtin/include
tf-psa-crypto/drivers/everest/include/
- tf-psa-crypto/drivers/everest/include/everest
- tf-psa-crypto/drivers/everest/include/everest/vs2013
- tf-psa-crypto/drivers/everest/include/everest/kremlib
+ tf-psa-crypto/drivers/everest/include/tf-psa-crypto/private/everest
+ tf-psa-crypto/drivers/everest/include/tf-psa-crypto/private/everest/vs2013
+ tf-psa-crypto/drivers/everest/include/tf-psa-crypto/private/everest/kremlib
tests/include
tf-psa-crypto/tests/include
framework/tests/include
diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index 95bfdb6..5bfdeda 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -187,15 +187,6 @@
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
- * Structure with endpoint's certificates for SSL communication tests.
- */
-typedef struct mbedtls_test_ssl_endpoint_certificate {
- mbedtls_x509_crt *ca_cert;
- mbedtls_x509_crt *cert;
- mbedtls_pk_context *pkey;
-} mbedtls_test_ssl_endpoint_certificate;
-
-/*
* Endpoint structure for SSL communication tests.
*/
typedef struct mbedtls_test_ssl_endpoint {
@@ -203,7 +194,22 @@
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_test_mock_socket socket;
- mbedtls_test_ssl_endpoint_certificate cert;
+ uintptr_t user_data_cookie; /* A unique value associated with this endpoint */
+
+ /* Objects only used by DTLS.
+ * They should be guarded by MBEDTLS_SSL_PROTO_DTLS, but
+ * currently aren't because some code accesses them without guards. */
+ mbedtls_test_message_socket_context dtls_context;
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_timing_delay_context timer;
+#endif
+
+ /* Objects owned by the endpoint */
+ int *ciphersuites;
+ mbedtls_test_ssl_message_queue queue_input;
+ mbedtls_x509_crt *ca_chain;
+ mbedtls_x509_crt *cert;
+ mbedtls_pk_context *pkey;
} mbedtls_test_ssl_endpoint;
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
@@ -432,8 +438,7 @@
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
- * Initializes \p ep_cert structure and assigns it to endpoint
- * represented by \p ep.
+ * Load default CA certificates and endpoint keys into \p ep.
*
* \retval 0 on success, otherwise error code.
*/
@@ -442,34 +447,85 @@
int opaque_alg, int opaque_alg2,
int opaque_usage);
-/*
- * Initializes \p ep structure. It is important to call
- * `mbedtls_test_ssl_endpoint_free()` after calling this function
- * even if it fails.
+/** Initialize the configuration in an SSL endpoint structure.
*
- * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or
- * MBEDTLS_SSL_IS_CLIENT.
- * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and
- * MBEDTLS_PK_ECDSA are supported.
- * \p dtls_context - in case of DTLS - this is the context handling metadata.
- * \p input_queue - used only in case of DTLS.
- * \p output_queue - used only in case of DTLS.
+ * \note You must call `mbedtls_test_ssl_endpoint_free()` after
+ * calling this function, even if it fails. This is necessary to
+ * free data that may have been stored in the endpoint structure.
+ *
+ * \param[out] ep The endpoint structure to configure.
+ * \param endpoint_type #MBEDTLS_SSL_IS_SERVER or #MBEDTLS_SSL_IS_CLIENT.
+ * \param[in] options The options to use for configuring the endpoint
+ * structure.
+ *
+ * \retval 0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_endpoint_init_conf(
+ mbedtls_test_ssl_endpoint *ep, int endpoint_type,
+ const mbedtls_test_handshake_test_options *options);
+
+/** Initialize the session context in an endpoint structure.
+ *
+ * \note The endpoint structure must have been set up with
+ * mbedtls_test_ssl_endpoint_init_conf() with the same \p options.
+ * Between calling mbedtls_test_ssl_endpoint_init_conf() and
+ * mbedtls_test_ssl_endpoint_init_ssl(), you may configure `ep->ssl`
+ * further if you know what you're doing.
+ *
+ * \note You must call `mbedtls_test_ssl_endpoint_free()` after
+ * calling this function, even if it fails. This is necessary to
+ * free data that may have been stored in the endpoint structure.
+ *
+ * \param[out] ep The endpoint structure to set up.
+ * \param[in] options The options used for configuring the endpoint
+ * structure.
+ *
+ * \retval 0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_endpoint_init_ssl(
+ mbedtls_test_ssl_endpoint *ep,
+ const mbedtls_test_handshake_test_options *options);
+
+/** Initialize the configuration and a context in an SSL endpoint structure.
+ *
+ * This function is equivalent to calling
+ * mbedtls_test_ssl_endpoint_init_conf() followed by
+ * mbedtls_test_ssl_endpoint_init_ssl().
+ *
+ * \note You must call `mbedtls_test_ssl_endpoint_free()` after
+ * calling this function, even if it fails. This is necessary to
+ * free data that may have been stored in the endpoint structure.
+ *
+ * \param[out] ep The endpoint structure to configure.
+ * \param endpoint_type #MBEDTLS_SSL_IS_SERVER or #MBEDTLS_SSL_IS_CLIENT.
+ * \param[in] options The options to use for configuring the endpoint
+ * structure.
*
* \retval 0 on success, otherwise error code.
*/
int mbedtls_test_ssl_endpoint_init(
mbedtls_test_ssl_endpoint *ep, int endpoint_type,
- mbedtls_test_handshake_test_options *options,
- mbedtls_test_message_socket_context *dtls_context,
- mbedtls_test_ssl_message_queue *input_queue,
- mbedtls_test_ssl_message_queue *output_queue);
+ const mbedtls_test_handshake_test_options *options);
/*
* Deinitializes endpoint represented by \p ep.
*/
-void mbedtls_test_ssl_endpoint_free(
- mbedtls_test_ssl_endpoint *ep,
- mbedtls_test_message_socket_context *context);
+void mbedtls_test_ssl_endpoint_free(mbedtls_test_ssl_endpoint *ep);
+
+/* Join a DTLS client with a DTLS server.
+ *
+ * You must call this function after setting up the endpoint objects
+ * and before starting a DTLS handshake.
+ *
+ * \param client The client. It must have been set up with
+ * mbedtls_test_ssl_endpoint_init().
+ * \param server The server. It must have been set up with
+ * mbedtls_test_ssl_endpoint_init().
+ *
+ * \retval 0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_dtls_join_endpoints(mbedtls_test_ssl_endpoint *client,
+ mbedtls_test_ssl_endpoint *server);
/*
* This function moves ssl handshake from \p ssl to prescribed \p state.
@@ -610,8 +666,51 @@
#endif /* defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+/** Perform an SSL handshake and exchange data over the connection.
+ *
+ * This function also handles cases where the handshake is expected to fail.
+ *
+ * If the handshake succeeds as expected, this function validates that
+ * connection parameters are as expected, exchanges data over the
+ * connection, and exercises some optional protocol features if they
+ * are enabled. See the code to see what features are validated and exercised.
+ *
+ * The handshake is expected to fail in the following cases:
+ * - If `options->expected_handshake_result != 0`.
+ * - If `options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN`.
+ *
+ * \param[in] options Options for the connection.
+ * \param client The client endpoint. It must have been set up with
+ * mbedtls_test_ssl_endpoint_init() with \p options
+ * and #MBEDTLS_SSL_IS_CLIENT.
+ * \param server The server endpoint. It must have been set up with
+ * mbedtls_test_ssl_endpoint_init() with \p options
+ * and #MBEDTLS_SSL_IS_CLIENT.
+ *
+ * \return 1 on success, 0 on failure. On failure, this function
+ * calls mbedtls_test_fail(), indicating the failure
+ * reason and location. The causes of failure are:
+ * - Inconsistent options or bad endpoint state.
+ * - Operational problem during the handshake.
+ * - The handshake was expected to pass, but failed.
+ * - The handshake was expected to fail, but passed or
+ * failed with a different result.
+ * - The handshake passed as expected, but some connection
+ * parameter (e.g. protocol version, cipher suite, ...)
+ * is not as expected.
+ * - The handshake passed as expected, but something
+ * went wrong when attempting to exchange data.
+ * - The handshake passed as expected, but something
+ * went wrong when exercising other features
+ * (e.g. renegotiation, serialization, ...).
+ */
+int mbedtls_test_ssl_perform_connection(
+ const mbedtls_test_handshake_test_options *options,
+ mbedtls_test_ssl_endpoint *client,
+ mbedtls_test_ssl_endpoint *server);
+
void mbedtls_test_ssl_perform_handshake(
- mbedtls_test_handshake_test_options *options);
+ const mbedtls_test_handshake_test_options *options);
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_TEST_HOOKS)
diff --git a/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt_decrypt.c b/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt_decrypt.c
index ca090cc..71173d2 100644
--- a/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt_decrypt.c
+++ b/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt_decrypt.c
@@ -4,6 +4,21 @@
*/
#include "psa/crypto.h"
+/*
+ * Temporary hack: psasim’s Makefile only does:
+ * -Itests/psa-client-server/psasim/include
+ * -I$(MBEDTLS_ROOT_PATH)/include
+ * -I$(MBEDTLS_ROOT_PATH)/tf-psa-crypto/include
+ * -I$(MBEDTLS_ROOT_PATH)/tf-psa-crypto/drivers/builtin/include
+ * None of those cover tf-psa-crypto/core, so we rely on the
+ * “-I$(MBEDTLS_ROOT_PATH)/include” entry plus a parent-relative
+ * include "../tf-psa-crypto/core/common.h" in order to pull in common.h here,
+ * which in turn gets MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING (to silence the
+ * new GCC-15 unterminated-string-initialization warning).
+ * See GitHub issue #10223 for the proper long-term fix.
+ * https://github.com/Mbed-TLS/mbedtls/issues/10223
+ */
+#include "../tf-psa-crypto/core/common.h"
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
@@ -25,7 +40,9 @@
uint8_t encrypt[BUFFER_SIZE] = { 0 };
uint8_t decrypt[BUFFER_SIZE] = { 0 };
const uint8_t plaintext[] = "Hello World!";
- const uint8_t key_bytes[32] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+ /* We need to tell the compiler that we meant to leave out the null character. */
+ const uint8_t key_bytes[32] MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING =
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
uint8_t nonce[PSA_AEAD_NONCE_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CCM)];
size_t nonce_length = sizeof(nonce);
size_t ciphertext_length;
diff --git a/tests/psa-client-server/psasim/src/aut_psa_cipher_encrypt_decrypt.c b/tests/psa-client-server/psasim/src/aut_psa_cipher_encrypt_decrypt.c
index a923feb..25c0b8a 100644
--- a/tests/psa-client-server/psasim/src/aut_psa_cipher_encrypt_decrypt.c
+++ b/tests/psa-client-server/psasim/src/aut_psa_cipher_encrypt_decrypt.c
@@ -4,6 +4,7 @@
*/
#include "psa/crypto.h"
+#include "../tf-psa-crypto/core/common.h"
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
@@ -25,7 +26,9 @@
uint8_t original[BUFFER_SIZE] = { 0 };
uint8_t encrypt[BUFFER_SIZE] = { 0 };
uint8_t decrypt[BUFFER_SIZE] = { 0 };
- const uint8_t key_bytes[32] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+ /* We need to tell the compiler that we meant to leave out the null character. */
+ const uint8_t key_bytes[32] MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING =
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
size_t encrypted_length;
size_t decrypted_length;
diff --git a/tests/psa-client-server/psasim/test/start_server.sh b/tests/psa-client-server/psasim/test/start_server.sh
index ef11439..1249930 100755
--- a/tests/psa-client-server/psasim/test/start_server.sh
+++ b/tests/psa-client-server/psasim/test/start_server.sh
@@ -8,7 +8,14 @@
# The server creates some local files when it starts up so we can wait for this
# event as signal that the server is ready so that we can start client(s).
function wait_for_server_startup() {
+ SECONDS=0
+ TIMEOUT=10
+
while [ $(find . -name "psa_notify_*" | wc -l) -eq 0 ]; do
+ if [ "$SECONDS" -ge "$TIMEOUT" ]; then
+ echo "Timeout: psa_server not started within $TIMEOUT seconds."
+ return 1
+ fi
sleep 0.1
done
}
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index c7c9ed5..429a04f 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -121,7 +121,6 @@
# Obsolete configuration options, to be replaced by
# PSA entropy drivers.
# https://github.com/Mbed-TLS/mbedtls/issues/8150
- 'Config: MBEDTLS_NO_PLATFORM_ENTROPY',
'Config: MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES',
# Untested aspect of the platform interface.
# https://github.com/Mbed-TLS/mbedtls/issues/9589
diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh
index 3108aa7..e533cdf 100644
--- a/tests/scripts/components-build-system.sh
+++ b/tests/scripts/components-build-system.sh
@@ -65,7 +65,9 @@
mkdir "$OUT_OF_SOURCE_DIR"
cd "$OUT_OF_SOURCE_DIR"
# Note: Explicitly generate files as these are turned off in releases
- cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON -D TEST_CPP=1 "$MBEDTLS_ROOT_DIR"
+ # Note: Use Clang compiler also for C++ (C uses it by default)
+ CXX=clang++ cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON \
+ -D TEST_CPP=1 "$MBEDTLS_ROOT_DIR"
make
msg "test: cmake 'out-of-source' build"
diff --git a/tests/scripts/components-compiler.sh b/tests/scripts/components-compiler.sh
index 74543b1..9e74572 100644
--- a/tests/scripts/components-compiler.sh
+++ b/tests/scripts/components-compiler.sh
@@ -73,6 +73,33 @@
type "$GCC_LATEST" >/dev/null 2>/dev/null
}
+# Prepare for a non-regression for https://github.com/Mbed-TLS/mbedtls/issues/9814 :
+# test with GCC 15.
+# Eventually, $GCC_LATEST will be GCC 15 or above, and we can remove this
+# separate component.
+# For the time being, we don't make $GCC_LATEST be GCC 15 on the CI
+# platform, because that would break branches where #9814 isn't fixed yet.
+support_test_gcc15_drivers_opt () {
+ if type gcc-15 >/dev/null 2>/dev/null; then
+ GCC_15=gcc-15
+ elif [ -x /usr/local/gcc-15/bin/gcc-15 ]; then
+ GCC_15=/usr/local/gcc-15/bin/gcc-15
+ else
+ return 1
+ fi
+}
+component_test_gcc15_drivers_opt () {
+ msg "build: GCC 15: full + test drivers dispatching to builtins"
+ scripts/config.py full
+ loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_CONFIG_ADJUST_TEST_ACCELERATORS"
+ loc_cflags="${loc_cflags} -I../framework/tests/include -O2"
+
+ make CC=$GCC_15 CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+
+ msg "test: GCC 15: full + test drivers dispatching to builtins"
+ make test
+}
+
component_test_gcc_earliest_opt () {
scripts/config.py full
test_build_opt 'full config' "$GCC_EARLIEST" -O2
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index bf537a9..9de7597 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -1557,7 +1557,6 @@
scripts/config.py unset MBEDTLS_SHA256_C
scripts/config.py unset MBEDTLS_SHA384_C
scripts/config.py unset MBEDTLS_SHA512_C
- scripts/config.py unset MBEDTLS_SHA3_C
# Build
# -----
@@ -1597,7 +1596,6 @@
scripts/config.py unset MBEDTLS_SHA384_C
scripts/config.py unset MBEDTLS_SHA512_C
scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
- scripts/config.py unset MBEDTLS_SHA3_C
fi
}
diff --git a/tests/scripts/components-configuration-platform.sh b/tests/scripts/components-configuration-platform.sh
index bebd860..ade207a 100644
--- a/tests/scripts/components-configuration-platform.sh
+++ b/tests/scripts/components-configuration-platform.sh
@@ -20,13 +20,27 @@
make
}
+component_test_platform_get_entropy_alt()
+{
+ msg "build: default config + MBEDTLS_PLATFORM_GET_ENTROPY_ALT"
+ # Use hardware polling as the only source for entropy
+ scripts/config.py set MBEDTLS_PLATFORM_GET_ENTROPY_ALT
+ scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+
+ make
+
+ # Run all the tests
+ msg "test: default config + MBEDTLS_PLATFORM_GET_ENTROPY_ALT"
+ make test
+}
+
component_build_no_sockets () {
# Note, C99 compliance can also be tested with the sockets support disabled,
# as that requires a POSIX platform (which isn't the same as C99).
msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc.
- scripts/config.py set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
+ scripts/config.py set MBEDTLS_PLATFORM_GET_ENTROPY_ALT # prevent syscall() on GNU/Linux
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -std=c99 -pedantic' lib
}
@@ -106,6 +120,3 @@
msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
make test
}
-
-
-
diff --git a/tests/scripts/components-configuration.sh b/tests/scripts/components-configuration.sh
index 2dfa6d2..5fd9ede 100644
--- a/tests/scripts/components-configuration.sh
+++ b/tests/scripts/components-configuration.sh
@@ -132,7 +132,8 @@
component_test_full_cmake_clang () {
msg "build: cmake, full config, clang" # ~ 50s
scripts/config.py full
- CC=clang CXX=clang cmake -D CMAKE_BUILD_TYPE:String=Release -D ENABLE_TESTING=On -D TEST_CPP=1 .
+ CC=clang CXX=clang++ cmake -D CMAKE_BUILD_TYPE:String=Release \
+ -D ENABLE_TESTING=On -D TEST_CPP=1 .
make
msg "test: main suites (full config, clang)" # ~ 5s
@@ -280,6 +281,10 @@
scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C
scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+ # Use the test alternative implementation of mbedtls_platform_get_entropy()
+ # which is provided in "framework/tests/src/fake_external_rng_for_test.c"
+ # since the default one is excluded in this scenario.
+ scripts/config.py set MBEDTLS_PLATFORM_GET_ENTROPY_ALT
# Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
# to re-enable platform integration features otherwise disabled in C99 builds
make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index 5e025ba..0cb5537 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -281,75 +281,73 @@
'PSA_WANT_ECC_MONTGOMERY_448': ['MBEDTLS_ECP_DP_CURVE448_ENABLED'],
'PSA_WANT_ECC_SECP_R1_192': ['MBEDTLS_ECP_DP_SECP192R1_ENABLED'],
'PSA_WANT_ECC_SECP_R1_224': ['MBEDTLS_ECP_DP_SECP224R1_ENABLED'],
- 'PSA_WANT_ECC_SECP_R1_256': ['MBEDTLS_ECJPAKE_C',
+ 'PSA_WANT_ECC_SECP_R1_256': ['PSA_WANT_ALG_JPAKE',
'MBEDTLS_ECP_DP_SECP256R1_ENABLED'],
'PSA_WANT_ECC_SECP_R1_384': ['MBEDTLS_ECP_DP_SECP384R1_ENABLED'],
'PSA_WANT_ECC_SECP_R1_521': ['MBEDTLS_ECP_DP_SECP521R1_ENABLED'],
'PSA_WANT_ECC_SECP_K1_192': ['MBEDTLS_ECP_DP_SECP192K1_ENABLED'],
'PSA_WANT_ECC_SECP_K1_256': ['MBEDTLS_ECP_DP_SECP256K1_ENABLED'],
- 'MBEDTLS_ECDSA_C': ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
- 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
- 'PSA_WANT_ALG_ECDSA',
- 'PSA_WANT_ALG_DETERMINISTIC_ECDSA'],
- 'MBEDTLS_ECP_C': ['MBEDTLS_ECDSA_C',
- 'MBEDTLS_ECDH_C', 'PSA_WANT_ALG_ECDH',
- 'MBEDTLS_ECJPAKE_C',
- 'MBEDTLS_ECP_RESTARTABLE',
- 'MBEDTLS_PK_PARSE_EC_EXTENDED',
- 'MBEDTLS_PK_PARSE_EC_COMPRESSED',
- 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
- 'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED',
- 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
- 'MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED',
- 'MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED',
- 'PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY',
- 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC',
- 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT',
- 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT',
- 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE',
- 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE'],
- 'MBEDTLS_ECJPAKE_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
- 'PSA_WANT_ALG_JPAKE'],
- 'MBEDTLS_PKCS1_V21': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT',
- 'PSA_WANT_ALG_RSA_OAEP',
- 'PSA_WANT_ALG_RSA_PSS'],
- 'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
- 'PSA_WANT_ALG_RSA_PKCS1V15_CRYPT',
- 'PSA_WANT_ALG_RSA_PKCS1V15_SIGN'],
- 'MBEDTLS_RSA_C': ['MBEDTLS_PKCS1_V15',
- 'MBEDTLS_PKCS1_V21',
- 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
- 'PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY',
- 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC',
- 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT',
- 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT',
- 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE'],
+ 'PSA_WANT_ALG_ECDSA': ['PSA_WANT_ALG_DETERMINISTIC_ECDSA',
+ 'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+ 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
+ 'MBEDTLS_ECDSA_C'],
+ 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC': [
+ 'PSA_WANT_ALG_ECDSA',
+ 'PSA_WANT_ALG_ECDH', 'MBEDTLS_ECDH_C',
+ 'PSA_WANT_ALG_JPAKE',
+ 'PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY',
+ 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT',
+ 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT',
+ 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE',
+ 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE',
+ 'MBEDTLS_ECP_RESTARTABLE',
+ 'MBEDTLS_PK_PARSE_EC_EXTENDED',
+ 'MBEDTLS_PK_PARSE_EC_COMPRESSED',
+ 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
+ 'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED',
+ 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+ 'MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED',
+ 'MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED',
+ 'MBEDTLS_ECP_C'],
+ 'PSA_WANT_ALG_JPAKE': ['MBEDTLS_ECJPAKE_C',
+ 'MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+ 'PSA_WANT_ALG_RSA_OAEP': ['PSA_WANT_ALG_RSA_PSS',
+ 'MBEDTLS_X509_RSASSA_PSS_SUPPORT',
+ 'MBEDTLS_PKCS1_V21'],
+ 'PSA_WANT_ALG_RSA_PKCS1V15_CRYPT': ['PSA_WANT_ALG_RSA_PKCS1V15_SIGN',
+ 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+ 'MBEDTLS_PKCS1_V15'],
+ 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC': [
+ 'PSA_WANT_ALG_RSA_PKCS1V15_CRYPT',
+ 'PSA_WANT_ALG_RSA_OAEP',
+ 'PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY',
+ 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT',
+ 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT',
+ 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE',
+ 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
+ 'MBEDTLS_RSA_C'],
- 'MBEDTLS_MD5_C' : ['PSA_WANT_ALG_MD5'],
- 'MBEDTLS_RIPEMD160_C' : ['PSA_WANT_ALG_RIPEMD160'],
- 'MBEDTLS_SHA1_C' : ['PSA_WANT_ALG_SHA_1'],
- 'MBEDTLS_SHA224_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
- 'MBEDTLS_ENTROPY_FORCE_SHA256',
- 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT',
- 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY',
- 'PSA_WANT_ALG_SHA_224'],
- 'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
- 'MBEDTLS_ENTROPY_FORCE_SHA256',
- 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT',
- 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY',
- 'MBEDTLS_LMS_C',
- 'MBEDTLS_LMS_PRIVATE',
- 'PSA_WANT_ALG_SHA_256',
- 'PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS'],
- 'MBEDTLS_SHA384_C' : ['PSA_WANT_ALG_SHA_384'],
- 'MBEDTLS_SHA512_C': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT',
- 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY',
- 'PSA_WANT_ALG_SHA_512'],
- 'MBEDTLS_SHA3_C' : ['PSA_WANT_ALG_SHA3_224',
- 'PSA_WANT_ALG_SHA3_256',
- 'PSA_WANT_ALG_SHA3_384',
- 'PSA_WANT_ALG_SHA3_512'],
+ 'PSA_WANT_ALG_MD5': ['MBEDTLS_MD5_C'],
+ 'PSA_WANT_ALG_RIPEMD160': ['MBEDTLS_RIPEMD160_C'],
+ 'PSA_WANT_ALG_SHA_1': ['MBEDTLS_SHA1_C'],
+ 'PSA_WANT_ALG_SHA_224': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
+ 'MBEDTLS_ENTROPY_FORCE_SHA256',
+ 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT',
+ 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY',
+ 'MBEDTLS_SHA224_C'],
+ 'PSA_WANT_ALG_SHA_256': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
+ 'MBEDTLS_ENTROPY_FORCE_SHA256',
+ 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT',
+ 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY',
+ 'MBEDTLS_LMS_C',
+ 'MBEDTLS_LMS_PRIVATE',
+ 'MBEDTLS_SHA256_C',
+ 'PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS'],
+ 'PSA_WANT_ALG_SHA_384': ['MBEDTLS_SHA384_C'],
+ 'PSA_WANT_ALG_SHA_512': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT',
+ 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY',
+ 'MBEDTLS_SHA512_C'],
'PSA_WANT_ALG_ECB_NO_PADDING' : ['MBEDTLS_NIST_KW_C'],
}
@@ -357,14 +355,12 @@
# These are not necessarily dependencies, but just minimal required changes
# if a given define is the only one enabled from an exclusive group.
EXCLUSIVE_GROUPS = {
- 'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C',
- '-MBEDTLS_SSL_TLS_C'],
- 'PSA_WANT_ECC_MONTGOMERY_448': ['-MBEDTLS_ECDSA_C',
- '-MBEDTLS_ECDSA_DETERMINISTIC',
- '-MBEDTLS_ECJPAKE_C',],
- 'PSA_WANT_ECC_MONTGOMERY_255': ['-MBEDTLS_ECDSA_C',
- '-MBEDTLS_ECDSA_DETERMINISTIC',
- '-MBEDTLS_ECJPAKE_C'],
+ 'PSA_WANT_ALG_SHA_512': ['-MBEDTLS_SSL_COOKIE_C',
+ '-MBEDTLS_SSL_TLS_C'],
+ 'PSA_WANT_ECC_MONTGOMERY_448': ['-PSA_WANT_ALG_ECDSA',
+ '-PSA_WANT_ALG_JPAKE',],
+ 'PSA_WANT_ECC_MONTGOMERY_255': ['-PSA_WANT_ALG_ECDSA',
+ '-PSA_WANT_ALG_JPAKE'],
'PSA_WANT_KEY_TYPE_ARIA': ['-PSA_WANT_ALG_CMAC',
'-PSA_WANT_ALG_CCM',
'-PSA_WANT_ALG_GCM',
@@ -507,10 +503,12 @@
for expr in psa_info.generate_expressions([key_type]))
if symbol in self.all_config_symbols}
- # Find hash modules by name.
- hash_symbols = self.config_symbols_matching(r'MBEDTLS_(MD|RIPEMD|SHA)[0-9]+_C\Z')
+ # Find hash modules by category.
+ hash_symbols = {symbol
+ for alg, symbol in algs.items()
+ if alg.can_do(crypto_knowledge.AlgorithmCategory.HASH)}
- # Find elliptic curve enabling macros
+ # Find elliptic curve enabling macros by name.
# MBEDTLS_ECP_DP_SECP224K1_ENABLED added to disable it for all curves
curve_symbols = self.config_symbols_matching(r'PSA_WANT_ECC_\w+\Z|'
r'MBEDTLS_ECP_DP_SECP224K1_ENABLED')
@@ -544,26 +542,24 @@
build_and_test),
# Elliptic curves. Run the test suites.
- 'curves': ExclusiveDomain(curve_symbols, build_and_test,
- exclude=r'MBEDTLS_ECP_DP_SECP224K1_ENABLED'),
+ 'curves': ExclusiveDomain(curve_symbols, build_and_test),
- # Hash algorithms. Excluding exclusive domains of MD, RIPEMD, SHA1,
+ # Hash algorithms. Excluding exclusive domains of MD, RIPEMD, SHA1, SHA3*,
# SHA224 and SHA384 because MBEDTLS_ENTROPY_C is extensively used
# across various modules, but it depends on either SHA256 or SHA512.
# As a consequence an "exclusive" test of anything other than SHA256
# or SHA512 with MBEDTLS_ENTROPY_C enabled is not possible.
'hashes': DualDomain(hash_symbols, build_and_test,
- exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)' \
- '|MBEDTLS_SHA224_' \
- '|MBEDTLS_SHA384_' \
- '|MBEDTLS_SHA3_'),
+ exclude=r'PSA_WANT_ALG_(?!SHA_(256|512))'),
+
# Key exchange types.
'kex': ExclusiveDomain(key_exchange_symbols, build_and_test),
- 'pkalgs': ComplementaryDomain(['MBEDTLS_ECDSA_C',
- 'MBEDTLS_ECP_C',
- 'MBEDTLS_PKCS1_V21',
- 'MBEDTLS_PKCS1_V15',
- 'MBEDTLS_RSA_C',
+
+ 'pkalgs': ComplementaryDomain(['PSA_WANT_ALG_ECDSA',
+ 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC',
+ 'PSA_WANT_ALG_RSA_OAEP',
+ 'PSA_WANT_ALG_RSA_PKCS1V15_CRYPT',
+ 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC',
'MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
build_and_test),
}
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index 1eed8ab..e6c082e 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -71,7 +71,7 @@
opts->server_max_version = MBEDTLS_SSL_VERSION_UNKNOWN;
opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3;
opts->pk_alg = MBEDTLS_PK_RSA;
- opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE;
+ opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE;
opts->cli_msg_len = 100;
opts->srv_msg_len = 100;
@@ -572,36 +572,147 @@
return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len;
}
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \
+ defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \
+ defined(MBEDTLS_SSL_SRV_C)
+static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl,
+ const unsigned char *name, size_t name_len)
+{
+ (void) p_info;
+ (void) ssl;
+ (void) name;
+ (void) name_len;
+
+ return 0;
+}
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED &&
+ MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED &&
+ MBEDTLS_SSL_SRV_C */
+
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+static int set_ciphersuite(mbedtls_test_ssl_endpoint *ep,
+ const char *cipher)
+{
+ if (cipher == NULL || cipher[0] == 0) {
+ return 1;
+ }
+
+ int ok = 0;
+
+ TEST_CALLOC(ep->ciphersuites, 2);
+ ep->ciphersuites[0] = mbedtls_ssl_get_ciphersuite_id(cipher);
+ ep->ciphersuites[1] = 0;
+
+ const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+ mbedtls_ssl_ciphersuite_from_id(ep->ciphersuites[0]);
+
+ TEST_ASSERT(ciphersuite_info != NULL);
+ TEST_ASSERT(ciphersuite_info->min_tls_version <= ep->conf.max_tls_version);
+ TEST_ASSERT(ciphersuite_info->max_tls_version >= ep->conf.min_tls_version);
+
+ if (ep->conf.max_tls_version > ciphersuite_info->max_tls_version) {
+ ep->conf.max_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->max_tls_version;
+ }
+ if (ep->conf.min_tls_version < ciphersuite_info->min_tls_version) {
+ ep->conf.min_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->min_tls_version;
+ }
+
+ mbedtls_ssl_conf_ciphersuites(&ep->conf, ep->ciphersuites);
+ ok = 1;
+
+exit:
+ return ok;
+}
+
/*
* Deinitializes certificates from endpoint represented by \p ep.
*/
static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep)
{
- mbedtls_test_ssl_endpoint_certificate *cert = &(ep->cert);
- if (cert != NULL) {
- if (cert->ca_cert != NULL) {
- mbedtls_x509_crt_free(cert->ca_cert);
- mbedtls_free(cert->ca_cert);
- cert->ca_cert = NULL;
- }
- if (cert->cert != NULL) {
- mbedtls_x509_crt_free(cert->cert);
- mbedtls_free(cert->cert);
- cert->cert = NULL;
- }
- if (cert->pkey != NULL) {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) {
- psa_destroy_key(cert->pkey->priv_id);
- }
-#endif
- mbedtls_pk_free(cert->pkey);
- mbedtls_free(cert->pkey);
- cert->pkey = NULL;
- }
+ if (ep->ca_chain != NULL) {
+ mbedtls_x509_crt_free(ep->ca_chain);
+ mbedtls_free(ep->ca_chain);
+ ep->ca_chain = NULL;
}
+ if (ep->cert != NULL) {
+ mbedtls_x509_crt_free(ep->cert);
+ mbedtls_free(ep->cert);
+ ep->cert = NULL;
+ }
+ if (ep->pkey != NULL) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if (mbedtls_pk_get_type(ep->pkey) == MBEDTLS_PK_OPAQUE) {
+ psa_destroy_key(ep->pkey->priv_id);
+ }
+#endif
+ mbedtls_pk_free(ep->pkey);
+ mbedtls_free(ep->pkey);
+ ep->pkey = NULL;
+ }
+}
+
+static int load_endpoint_rsa(mbedtls_test_ssl_endpoint *ep)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) {
+ ret = mbedtls_x509_crt_parse(
+ ep->cert,
+ (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der,
+ mbedtls_test_srv_crt_rsa_sha256_der_len);
+ TEST_EQUAL(ret, 0);
+ ret = mbedtls_pk_parse_key(
+ ep->pkey,
+ (const unsigned char *) mbedtls_test_srv_key_rsa_der,
+ mbedtls_test_srv_key_rsa_der_len, NULL, 0);
+ TEST_EQUAL(ret, 0);
+ } else {
+ ret = mbedtls_x509_crt_parse(
+ ep->cert,
+ (const unsigned char *) mbedtls_test_cli_crt_rsa_der,
+ mbedtls_test_cli_crt_rsa_der_len);
+ TEST_EQUAL(ret, 0);
+ ret = mbedtls_pk_parse_key(
+ ep->pkey,
+ (const unsigned char *) mbedtls_test_cli_key_rsa_der,
+ mbedtls_test_cli_key_rsa_der_len, NULL, 0);
+ TEST_EQUAL(ret, 0);
+ }
+
+exit:
+ return ret;
+}
+
+static int load_endpoint_ecc(mbedtls_test_ssl_endpoint *ep)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) {
+ ret = mbedtls_x509_crt_parse(
+ ep->cert,
+ (const unsigned char *) mbedtls_test_srv_crt_ec_der,
+ mbedtls_test_srv_crt_ec_der_len);
+ TEST_EQUAL(ret, 0);
+ ret = mbedtls_pk_parse_key(
+ ep->pkey,
+ (const unsigned char *) mbedtls_test_srv_key_ec_der,
+ mbedtls_test_srv_key_ec_der_len, NULL, 0);
+ TEST_EQUAL(ret, 0);
+ } else {
+ ret = mbedtls_x509_crt_parse(
+ ep->cert,
+ (const unsigned char *) mbedtls_test_cli_crt_ec_der,
+ mbedtls_test_cli_crt_ec_len);
+ TEST_EQUAL(ret, 0);
+ ret = mbedtls_pk_parse_key(
+ ep->pkey,
+ (const unsigned char *) mbedtls_test_cli_key_ec_der,
+ mbedtls_test_cli_key_ec_der_len, NULL, 0);
+ TEST_EQUAL(ret, 0);
+ }
+
+exit:
+ return ret;
}
int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
@@ -612,7 +723,6 @@
int i = 0;
int ret = -1;
int ok = 0;
- mbedtls_test_ssl_endpoint_certificate *cert = NULL;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT;
#endif
@@ -621,86 +731,37 @@
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
- cert = &(ep->cert);
- TEST_CALLOC(cert->ca_cert, 1);
- TEST_CALLOC(cert->cert, 1);
- TEST_CALLOC(cert->pkey, 1);
+ TEST_CALLOC(ep->ca_chain, 1);
+ TEST_CALLOC(ep->cert, 1);
+ TEST_CALLOC(ep->pkey, 1);
- mbedtls_x509_crt_init(cert->ca_cert);
- mbedtls_x509_crt_init(cert->cert);
- mbedtls_pk_init(cert->pkey);
+ mbedtls_x509_crt_init(ep->ca_chain);
+ mbedtls_x509_crt_init(ep->cert);
+ mbedtls_pk_init(ep->pkey);
/* Load the trusted CA */
for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) {
ret = mbedtls_x509_crt_parse_der(
- cert->ca_cert,
+ ep->ca_chain,
(const unsigned char *) mbedtls_test_cas_der[i],
mbedtls_test_cas_der_len[i]);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
}
/* Load own certificate and private key */
- if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) {
- if (pk_alg == MBEDTLS_PK_RSA) {
- ret = mbedtls_x509_crt_parse(
- cert->cert,
- (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der,
- mbedtls_test_srv_crt_rsa_sha256_der_len);
- TEST_ASSERT(ret == 0);
-
- ret = mbedtls_pk_parse_key(
- cert->pkey,
- (const unsigned char *) mbedtls_test_srv_key_rsa_der,
- mbedtls_test_srv_key_rsa_der_len, NULL, 0);
- TEST_ASSERT(ret == 0);
- } else {
- ret = mbedtls_x509_crt_parse(
- cert->cert,
- (const unsigned char *) mbedtls_test_srv_crt_ec_der,
- mbedtls_test_srv_crt_ec_der_len);
- TEST_ASSERT(ret == 0);
-
- ret = mbedtls_pk_parse_key(
- cert->pkey,
- (const unsigned char *) mbedtls_test_srv_key_ec_der,
- mbedtls_test_srv_key_ec_der_len, NULL, 0);
- TEST_ASSERT(ret == 0);
- }
+ if (pk_alg == MBEDTLS_PK_RSA) {
+ TEST_EQUAL(load_endpoint_rsa(ep), 0);
} else {
- if (pk_alg == MBEDTLS_PK_RSA) {
- ret = mbedtls_x509_crt_parse(
- cert->cert,
- (const unsigned char *) mbedtls_test_cli_crt_rsa_der,
- mbedtls_test_cli_crt_rsa_der_len);
- TEST_ASSERT(ret == 0);
-
- ret = mbedtls_pk_parse_key(
- cert->pkey,
- (const unsigned char *) mbedtls_test_cli_key_rsa_der,
- mbedtls_test_cli_key_rsa_der_len, NULL, 0);
- TEST_ASSERT(ret == 0);
- } else {
- ret = mbedtls_x509_crt_parse(
- cert->cert,
- (const unsigned char *) mbedtls_test_cli_crt_ec_der,
- mbedtls_test_cli_crt_ec_len);
- TEST_ASSERT(ret == 0);
-
- ret = mbedtls_pk_parse_key(
- cert->pkey,
- (const unsigned char *) mbedtls_test_cli_key_ec_der,
- mbedtls_test_cli_key_ec_der_len, NULL, 0);
- TEST_ASSERT(ret == 0);
- }
+ TEST_EQUAL(load_endpoint_ecc(ep), 0);
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if (opaque_alg != 0) {
psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
/* Use a fake key usage to get a successful initial guess for the PSA attributes. */
- TEST_EQUAL(mbedtls_pk_get_psa_attributes(cert->pkey, PSA_KEY_USAGE_SIGN_HASH,
+ TEST_EQUAL(mbedtls_pk_get_psa_attributes(ep->pkey, PSA_KEY_USAGE_SIGN_HASH,
&key_attr), 0);
/* Then manually usage, alg and alg2 as requested by the test. */
psa_set_key_usage_flags(&key_attr, opaque_usage);
@@ -708,10 +769,10 @@
if (opaque_alg2 != PSA_ALG_NONE) {
psa_set_key_enrollment_algorithm(&key_attr, opaque_alg2);
}
- TEST_EQUAL(mbedtls_pk_import_into_psa(cert->pkey, &key_attr, &key_slot), 0);
- mbedtls_pk_free(cert->pkey);
- mbedtls_pk_init(cert->pkey);
- TEST_EQUAL(mbedtls_pk_setup_opaque(cert->pkey, key_slot), 0);
+ TEST_EQUAL(mbedtls_pk_import_into_psa(ep->pkey, &key_attr, &key_slot), 0);
+ mbedtls_pk_free(ep->pkey);
+ mbedtls_pk_init(ep->pkey);
+ TEST_EQUAL(mbedtls_pk_setup_opaque(ep->pkey, key_slot), 0);
}
#else
(void) opaque_alg;
@@ -719,20 +780,11 @@
(void) opaque_usage;
#endif
- mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL);
+ mbedtls_ssl_conf_ca_chain(&(ep->conf), ep->ca_chain, NULL);
- ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert,
- cert->pkey);
- TEST_ASSERT(ret == 0);
- TEST_ASSERT(ep->conf.key_cert != NULL);
-
- ret = mbedtls_ssl_conf_own_cert(&(ep->conf), NULL, NULL);
- TEST_ASSERT(ret == 0);
- TEST_ASSERT(ep->conf.key_cert == NULL);
-
- ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert,
- cert->pkey);
- TEST_ASSERT(ret == 0);
+ ret = mbedtls_ssl_conf_own_cert(&(ep->conf), ep->cert,
+ ep->pkey);
+ TEST_EQUAL(ret, 0);
ok = 1;
@@ -748,21 +800,14 @@
return ret;
}
-int mbedtls_test_ssl_endpoint_init(
+int mbedtls_test_ssl_endpoint_init_conf(
mbedtls_test_ssl_endpoint *ep, int endpoint_type,
- mbedtls_test_handshake_test_options *options,
- mbedtls_test_message_socket_context *dtls_context,
- mbedtls_test_ssl_message_queue *input_queue,
- mbedtls_test_ssl_message_queue *output_queue)
+ const mbedtls_test_handshake_test_options *options)
{
int ret = -1;
- uintptr_t user_data_n;
-
- if (dtls_context != NULL &&
- (input_queue == NULL || output_queue == NULL)) {
- return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
-
- }
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
+ const char *psk_identity = "foo";
+#endif
if (ep == NULL) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
@@ -774,6 +819,7 @@
mbedtls_ssl_init(&(ep->ssl));
mbedtls_ssl_config_init(&(ep->conf));
+ mbedtls_test_message_socket_init(&ep->dtls_context);
TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL);
TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0);
@@ -781,38 +827,19 @@
TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), 0);
(void) mbedtls_test_rnd_std_rand(NULL,
- (void *) &user_data_n,
- sizeof(user_data_n));
- mbedtls_ssl_conf_set_user_data_n(&ep->conf, user_data_n);
- mbedtls_ssl_set_user_data_n(&ep->ssl, user_data_n);
+ (void *) &ep->user_data_cookie,
+ sizeof(ep->user_data_cookie));
+ mbedtls_ssl_conf_set_user_data_n(&ep->conf, ep->user_data_cookie);
+ mbedtls_ssl_set_user_data_n(&ep->ssl, ep->user_data_cookie);
- if (dtls_context != NULL) {
- TEST_ASSERT(mbedtls_test_message_socket_setup(input_queue, output_queue,
- 100, &(ep->socket),
- dtls_context) == 0);
- } else {
- mbedtls_test_mock_socket_init(&(ep->socket));
- }
-
- /* Non-blocking callbacks without timeout */
- if (dtls_context != NULL) {
- mbedtls_ssl_set_bio(&(ep->ssl), dtls_context,
- mbedtls_test_mock_tcp_send_msg,
- mbedtls_test_mock_tcp_recv_msg,
- NULL);
- } else {
- mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket),
- mbedtls_test_mock_tcp_send_nb,
- mbedtls_test_mock_tcp_recv_nb,
- NULL);
- }
+ mbedtls_test_mock_socket_init(&(ep->socket));
ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type,
- (dtls_context != NULL) ?
+ options->dtls ?
MBEDTLS_SSL_TRANSPORT_DATAGRAM :
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) {
if (options->client_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) {
@@ -836,11 +863,19 @@
}
}
+ if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) {
+ TEST_ASSERT(set_ciphersuite(ep, options->cipher));
+ }
+
if (options->group_list != NULL) {
mbedtls_ssl_conf_groups(&(ep->conf), options->group_list);
}
- mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED);
+ if (MBEDTLS_SSL_IS_SERVER == endpoint_type) {
+ mbedtls_ssl_conf_authmode(&(ep->conf), options->srv_auth_mode);
+ } else {
+ mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED);
+ }
#if defined(MBEDTLS_SSL_EARLY_DATA)
mbedtls_ssl_conf_early_data(&(ep->conf), options->early_data);
@@ -851,6 +886,7 @@
options->max_early_data_size);
}
#endif
+
#if defined(MBEDTLS_SSL_ALPN)
/* check that alpn_list contains at least one valid entry */
if (options->alpn_list[0] != NULL) {
@@ -859,6 +895,15 @@
#endif
#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ if (options->renegotiate) {
+ mbedtls_ssl_conf_renegotiation(&ep->conf,
+ MBEDTLS_SSL_RENEGOTIATION_ENABLED);
+ mbedtls_ssl_conf_legacy_renegotiation(&ep->conf,
+ options->legacy_renegotiation);
+ }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
#if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SRV_C)
if (endpoint_type == MBEDTLS_SSL_IS_SERVER && options->cache != NULL) {
mbedtls_ssl_conf_session_cache(&(ep->conf), options->cache,
@@ -867,16 +912,16 @@
}
#endif
- ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf));
- TEST_ASSERT(ret == 0);
-
- if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) {
- ret = mbedtls_ssl_set_hostname(&(ep->ssl), "localhost");
- TEST_EQUAL(ret, 0);
- }
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+ TEST_EQUAL(mbedtls_ssl_conf_max_frag_len(&ep->conf,
+ (unsigned char) options->mfl),
+ 0);
+#else
+ TEST_EQUAL(MBEDTLS_SSL_MAX_FRAG_LEN_NONE, options->mfl);
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C)
- if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) {
+ if (endpoint_type == MBEDTLS_SSL_IS_SERVER && options->dtls) {
mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL);
}
#endif
@@ -902,11 +947,71 @@
options->opaque_alg,
options->opaque_alg2,
options->opaque_usage);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
- TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), user_data_n);
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
+ if (options->psk_str != NULL && options->psk_str->len > 0) {
+ TEST_EQUAL(mbedtls_ssl_conf_psk(
+ &ep->conf, options->psk_str->x,
+ options->psk_str->len,
+ (const unsigned char *) psk_identity,
+ strlen(psk_identity)), 0);
+#if defined(MBEDTLS_SSL_SRV_C)
+ if (MBEDTLS_SSL_IS_SERVER == endpoint_type) {
+ mbedtls_ssl_conf_psk_cb(&ep->conf, psk_dummy_callback, NULL);
+ }
+#endif
+ }
+#endif
+
+ TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf),
+ ep->user_data_cookie);
mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep);
- TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), user_data_n);
+
+ return 0;
+
+exit:
+ if (ret == 0) {
+ /* Exiting due to a test assertion that isn't ret == 0 */
+ ret = -1;
+ }
+ return ret;
+}
+
+int mbedtls_test_ssl_endpoint_init_ssl(
+ mbedtls_test_ssl_endpoint *ep,
+ const mbedtls_test_handshake_test_options *options)
+{
+ int endpoint_type = mbedtls_ssl_conf_get_endpoint(&ep->conf);
+ int ret = -1;
+
+ ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf));
+ TEST_EQUAL(ret, 0);
+
+ if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) {
+ ret = mbedtls_ssl_set_hostname(&(ep->ssl), "localhost");
+ TEST_EQUAL(ret, 0);
+ }
+
+ /* Non-blocking callbacks without timeout */
+ if (options->dtls) {
+ mbedtls_ssl_set_bio(&(ep->ssl), &ep->dtls_context,
+ mbedtls_test_mock_tcp_send_msg,
+ mbedtls_test_mock_tcp_recv_msg,
+ NULL);
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_ssl_set_timer_cb(&ep->ssl, &ep->timer,
+ mbedtls_timing_set_delay,
+ mbedtls_timing_get_delay);
+#endif
+ } else {
+ mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket),
+ mbedtls_test_mock_tcp_send_nb,
+ mbedtls_test_mock_tcp_recv_nb,
+ NULL);
+ }
+
+ TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), ep->user_data_cookie);
mbedtls_ssl_set_user_data_p(&ep->ssl, ep);
return 0;
@@ -919,22 +1024,56 @@
return ret;
}
-void mbedtls_test_ssl_endpoint_free(
- mbedtls_test_ssl_endpoint *ep,
- mbedtls_test_message_socket_context *context)
+int mbedtls_test_ssl_endpoint_init(
+ mbedtls_test_ssl_endpoint *ep, int endpoint_type,
+ const mbedtls_test_handshake_test_options *options)
{
- test_ssl_endpoint_certificate_free(ep);
+ int ret = mbedtls_test_ssl_endpoint_init_conf(ep, endpoint_type, options);
+ if (ret != 0) {
+ return ret;
+ }
+ ret = mbedtls_test_ssl_endpoint_init_ssl(ep, options);
+ return ret;
+}
+void mbedtls_test_ssl_endpoint_free(
+ mbedtls_test_ssl_endpoint *ep)
+{
mbedtls_ssl_free(&(ep->ssl));
mbedtls_ssl_config_free(&(ep->conf));
- if (context != NULL) {
- mbedtls_test_message_socket_close(context);
+ mbedtls_free(ep->ciphersuites);
+ ep->ciphersuites = NULL;
+ test_ssl_endpoint_certificate_free(ep);
+
+ if (ep->dtls_context.socket != NULL) {
+ mbedtls_test_message_socket_close(&ep->dtls_context);
} else {
mbedtls_test_mock_socket_close(&(ep->socket));
}
}
+int mbedtls_test_ssl_dtls_join_endpoints(mbedtls_test_ssl_endpoint *client,
+ mbedtls_test_ssl_endpoint *server)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ ret = mbedtls_test_message_socket_setup(&client->queue_input,
+ &server->queue_input,
+ 100, &(client->socket),
+ &client->dtls_context);
+ TEST_EQUAL(ret, 0);
+
+ ret = mbedtls_test_message_socket_setup(&server->queue_input,
+ &client->queue_input,
+ 100, &(server->socket),
+ &server->dtls_context);
+ TEST_EQUAL(ret, 0);
+
+exit:
+ return ret;
+}
+
int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
mbedtls_ssl_context *second_ssl,
int state)
@@ -985,7 +1124,7 @@
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
* a valid no-op for TLS connections. */
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
- TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0);
+ TEST_EQUAL(mbedtls_ssl_write(ssl, NULL, 0), 0);
}
ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written);
@@ -1032,7 +1171,7 @@
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
* a valid no-op for TLS connections. */
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
- TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0);
+ TEST_EQUAL(mbedtls_ssl_read(ssl, NULL, 0), 0);
}
ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read);
@@ -1042,7 +1181,7 @@
}
if (expected_fragments == 0) {
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
} else if (expected_fragments == 1) {
TEST_ASSERT(ret == buf_len ||
ret == MBEDTLS_ERR_SSL_WANT_READ ||
@@ -1061,52 +1200,6 @@
return -1;
}
-#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
-static void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher,
- int *forced_ciphersuite)
-{
- const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
- forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher);
- forced_ciphersuite[1] = 0;
-
- ciphersuite_info =
- mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]);
-
- TEST_ASSERT(ciphersuite_info != NULL);
- TEST_ASSERT(ciphersuite_info->min_tls_version <= conf->max_tls_version);
- TEST_ASSERT(ciphersuite_info->max_tls_version >= conf->min_tls_version);
-
- if (conf->max_tls_version > ciphersuite_info->max_tls_version) {
- conf->max_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->max_tls_version;
- }
- if (conf->min_tls_version < ciphersuite_info->min_tls_version) {
- conf->min_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->min_tls_version;
- }
-
- mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite);
-
-exit:
- return;
-}
-#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
-
-#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \
- defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \
- defined(MBEDTLS_SSL_SRV_C)
-static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl,
- const unsigned char *name, size_t name_len)
-{
- (void) p_info;
- (void) ssl;
- (void) name;
- (void) name_len;
-
- return 0;
-}
-#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED &&
- MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED &&
- MBEDTLS_SSL_SRV_C */
-
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
defined(PSA_WANT_ALG_CBC_NO_PADDING) && defined(PSA_WANT_KEY_TYPE_AES)
int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
@@ -1929,10 +2022,10 @@
if (expected_fragments_1 == 0) {
/* This error is expected when the message is too large and
* cannot be fragmented */
- TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(ret, MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
msg_len_1 = 0;
} else {
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
}
}
@@ -1944,10 +2037,10 @@
if (expected_fragments_2 == 0) {
/* This error is expected when the message is too large and
* cannot be fragmented */
- TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(ret, MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
msg_len_2 = 0;
} else {
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
}
}
@@ -1957,7 +2050,7 @@
msg_len_2, &read_1,
&fragments_2,
expected_fragments_2);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
}
/* ssl_2 reading */
@@ -1966,15 +2059,15 @@
msg_len_1, &read_2,
&fragments_1,
expected_fragments_1);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
}
}
ret = -1;
- TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1));
- TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2));
- TEST_ASSERT(fragments_1 == expected_fragments_1);
- TEST_ASSERT(fragments_2 == expected_fragments_2);
+ TEST_EQUAL(0, memcmp(msg_buf_1, in_buf_2, msg_len_1));
+ TEST_EQUAL(0, memcmp(msg_buf_2, in_buf_1, msg_len_2));
+ TEST_EQUAL(fragments_1, expected_fragments_1);
+ TEST_EQUAL(fragments_2, expected_fragments_2);
}
ret = 0;
@@ -2010,15 +2103,23 @@
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static int check_ssl_version(
mbedtls_ssl_protocol_version expected_negotiated_version,
- const mbedtls_ssl_context *ssl)
+ const mbedtls_ssl_context *client,
+ const mbedtls_ssl_context *server)
{
- const char *version_string = mbedtls_ssl_get_version(ssl);
+ /* First check that both sides have chosen the same version.
+ * If so, we can make more sanity checks just on one side.
+ * If not, something is deeply wrong. */
+ TEST_EQUAL(client->tls_version, server->tls_version);
+
+ /* Make further checks on the client to validate that the
+ * reported data about the version is correct. */
+ const char *version_string = mbedtls_ssl_get_version(client);
mbedtls_ssl_protocol_version version_number =
- mbedtls_ssl_get_version_number(ssl);
+ mbedtls_ssl_get_version_number(client);
- TEST_EQUAL(ssl->tls_version, expected_negotiated_version);
+ TEST_EQUAL(client->tls_version, expected_negotiated_version);
- if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+ if (client->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
TEST_EQUAL(version_string[0], 'D');
++version_string;
}
@@ -2026,12 +2127,12 @@
switch (expected_negotiated_version) {
case MBEDTLS_SSL_VERSION_TLS1_2:
TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_2);
- TEST_ASSERT(strcmp(version_string, "TLSv1.2") == 0);
+ TEST_EQUAL(strcmp(version_string, "TLSv1.2"), 0);
break;
case MBEDTLS_SSL_VERSION_TLS1_3:
TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_3);
- TEST_ASSERT(strcmp(version_string, "TLSv1.3") == 0);
+ TEST_EQUAL(strcmp(version_string, "TLSv1.3"), 0);
break;
default:
@@ -2066,13 +2167,11 @@
options->server_max_version = proto;
options->client_max_version = proto;
- ret = mbedtls_test_ssl_endpoint_init(client_ep, MBEDTLS_SSL_IS_CLIENT, options,
- NULL, NULL, NULL);
+ ret = mbedtls_test_ssl_endpoint_init(client_ep, MBEDTLS_SSL_IS_CLIENT, options);
if (ret != 0) {
return ret;
}
- ret = mbedtls_test_ssl_endpoint_init(server_ep, MBEDTLS_SSL_IS_SERVER, options,
- NULL, NULL, NULL);
+ ret = mbedtls_test_ssl_endpoint_init(server_ep, MBEDTLS_SSL_IS_SERVER, options);
if (ret != 0) {
return ret;
}
@@ -2104,35 +2203,275 @@
#endif /* defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
-void mbedtls_test_ssl_perform_handshake(
- mbedtls_test_handshake_test_options *options)
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+static int test_renegotiation(const mbedtls_test_handshake_test_options *options,
+ mbedtls_test_ssl_endpoint *client,
+ mbedtls_test_ssl_endpoint *server)
{
- /* forced_ciphersuite needs to last until the end of the handshake */
- int forced_ciphersuite[2];
- enum { BUFFSIZE = 17000 };
- mbedtls_test_ssl_endpoint client, server;
-#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
- const char *psk_identity = "foo";
+ int ok = 0;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ (void) options; // only used in some configurations
+
+ /* Start test with renegotiation */
+ TEST_EQUAL(server->ssl.renego_status,
+ MBEDTLS_SSL_INITIAL_HANDSHAKE);
+ TEST_EQUAL(client->ssl.renego_status,
+ MBEDTLS_SSL_INITIAL_HANDSHAKE);
+
+ /* After calling this function for the server, it only sends a handshake
+ * request. All renegotiation should happen during data exchanging */
+ TEST_EQUAL(mbedtls_ssl_renegotiate(&(server->ssl)), 0);
+ TEST_EQUAL(server->ssl.renego_status,
+ MBEDTLS_SSL_RENEGOTIATION_PENDING);
+ TEST_EQUAL(client->ssl.renego_status,
+ MBEDTLS_SSL_INITIAL_HANDSHAKE);
+
+ TEST_EQUAL(exchange_data(&(client->ssl), &(server->ssl)), 0);
+ TEST_EQUAL(server->ssl.renego_status,
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+ TEST_EQUAL(client->ssl.renego_status,
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+
+ /* After calling mbedtls_ssl_renegotiate for the client,
+ * all renegotiation should happen inside this function.
+ * However in this test, we cannot perform simultaneous communication
+ * between client and server so this function will return waiting error
+ * on the socket. All rest of renegotiation should happen
+ * during data exchanging */
+ ret = mbedtls_ssl_renegotiate(&(client->ssl));
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ if (options->resize_buffers != 0) {
+ /* Ensure that the buffer sizes are appropriate before resizes */
+ TEST_EQUAL(client->ssl.out_buf_len, MBEDTLS_SSL_OUT_BUFFER_LEN);
+ TEST_EQUAL(client->ssl.in_buf_len, MBEDTLS_SSL_IN_BUFFER_LEN);
+ }
#endif
-#if defined(MBEDTLS_TIMING_C)
- mbedtls_timing_delay_context timer_client, timer_server;
-#endif
+ TEST_ASSERT(ret == 0 ||
+ ret == MBEDTLS_ERR_SSL_WANT_READ ||
+ ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ TEST_EQUAL(server->ssl.renego_status,
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+ TEST_EQUAL(client->ssl.renego_status,
+ MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS);
+
+ TEST_EQUAL(exchange_data(&(client->ssl), &(server->ssl)), 0);
+ TEST_EQUAL(server->ssl.renego_status,
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+ TEST_EQUAL(client->ssl.renego_status,
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ /* Validate buffer sizes after renegotiation */
+ if (options->resize_buffers != 0) {
+ TEST_EQUAL(client->ssl.out_buf_len,
+ mbedtls_ssl_get_output_buflen(&client->ssl));
+ TEST_EQUAL(client->ssl.in_buf_len,
+ mbedtls_ssl_get_input_buflen(&client->ssl));
+ TEST_EQUAL(server->ssl.out_buf_len,
+ mbedtls_ssl_get_output_buflen(&server->ssl));
+ TEST_EQUAL(server->ssl.in_buf_len,
+ mbedtls_ssl_get_input_buflen(&server->ssl));
+ }
+#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
+
+ ok = 1;
+
+exit:
+ return ok;
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+static int test_serialization(const mbedtls_test_handshake_test_options *options,
+ mbedtls_test_ssl_endpoint *client,
+ mbedtls_test_ssl_endpoint *server)
+{
+ int ok = 0;
unsigned char *context_buf = NULL;
size_t context_buf_len;
+
+ TEST_EQUAL(options->dtls, 1);
+
+ TEST_EQUAL(mbedtls_ssl_context_save(&(server->ssl), NULL,
+ 0, &context_buf_len),
+ MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+
+ context_buf = mbedtls_calloc(1, context_buf_len);
+ TEST_ASSERT(context_buf != NULL);
+
+ TEST_EQUAL(mbedtls_ssl_context_save(&(server->ssl), context_buf,
+ context_buf_len,
+ &context_buf_len),
+ 0);
+
+ mbedtls_ssl_free(&(server->ssl));
+ mbedtls_ssl_init(&(server->ssl));
+
+ TEST_EQUAL(mbedtls_ssl_setup(&(server->ssl), &(server->conf)), 0);
+
+ mbedtls_ssl_set_bio(&(server->ssl), &server->dtls_context,
+ mbedtls_test_mock_tcp_send_msg,
+ mbedtls_test_mock_tcp_recv_msg,
+ NULL);
+
+ mbedtls_ssl_set_user_data_p(&server->ssl, server);
+
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_ssl_set_timer_cb(&server->ssl, &server->timer,
+ mbedtls_timing_set_delay,
+ mbedtls_timing_get_delay);
#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
- int ret = -1;
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ if (options->resize_buffers != 0) {
+ /* Ensure that the buffer sizes are appropriate before resizes */
+ TEST_EQUAL(server->ssl.out_buf_len, MBEDTLS_SSL_OUT_BUFFER_LEN);
+ TEST_EQUAL(server->ssl.in_buf_len, MBEDTLS_SSL_IN_BUFFER_LEN);
+ }
#endif
+ TEST_EQUAL(mbedtls_ssl_context_load(&(server->ssl), context_buf,
+ context_buf_len), 0);
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ /* Validate buffer sizes after context deserialization */
+ if (options->resize_buffers != 0) {
+ TEST_EQUAL(server->ssl.out_buf_len,
+ mbedtls_ssl_get_output_buflen(&server->ssl));
+ TEST_EQUAL(server->ssl.in_buf_len,
+ mbedtls_ssl_get_input_buflen(&server->ssl));
+ }
+#endif
+ /* Retest writing/reading */
+ if (options->cli_msg_len != 0 || options->srv_msg_len != 0) {
+ TEST_EQUAL(mbedtls_test_ssl_exchange_data(
+ &(client->ssl), options->cli_msg_len,
+ options->expected_cli_fragments,
+ &(server->ssl), options->srv_msg_len,
+ options->expected_srv_fragments),
+ 0);
+ }
+
+ ok = 1;
+
+exit:
+ mbedtls_free(context_buf);
+ return ok;
+}
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+int mbedtls_test_ssl_perform_connection(
+ const mbedtls_test_handshake_test_options *options,
+ mbedtls_test_ssl_endpoint *client,
+ mbedtls_test_ssl_endpoint *server)
+{
+ enum { BUFFSIZE = 17000 };
int expected_handshake_result = options->expected_handshake_result;
+ int ok = 0;
+
+ TEST_EQUAL(mbedtls_test_mock_socket_connect(&(client->socket),
+ &(server->socket),
+ BUFFSIZE), 0);
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ if (options->resize_buffers != 0) {
+ /* Ensure that the buffer sizes are appropriate before resizes */
+ TEST_EQUAL(client->ssl.out_buf_len, MBEDTLS_SSL_OUT_BUFFER_LEN);
+ TEST_EQUAL(client->ssl.in_buf_len, MBEDTLS_SSL_IN_BUFFER_LEN);
+ TEST_EQUAL(server->ssl.out_buf_len, MBEDTLS_SSL_OUT_BUFFER_LEN);
+ TEST_EQUAL(server->ssl.in_buf_len, MBEDTLS_SSL_IN_BUFFER_LEN);
+ }
+#endif
+
+ if (options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN) {
+ expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION;
+ }
+
+ TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(client->ssl),
+ &(server->ssl),
+ MBEDTLS_SSL_HANDSHAKE_OVER),
+ expected_handshake_result);
+
+ if (expected_handshake_result != 0) {
+ /* Connection will have failed by this point, skip to cleanup */
+ ok = 1;
+ goto exit;
+ }
+
+ TEST_EQUAL(mbedtls_ssl_is_handshake_over(&client->ssl), 1);
+
+ /* Make sure server state is moved to HANDSHAKE_OVER also. */
+ TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server->ssl),
+ &(client->ssl),
+ MBEDTLS_SSL_HANDSHAKE_OVER),
+ 0);
+
+ TEST_EQUAL(mbedtls_ssl_is_handshake_over(&server->ssl), 1);
+
+ /* Check that both sides have negotiated the expected version. */
+ TEST_ASSERT(check_ssl_version(options->expected_negotiated_version,
+ &client->ssl,
+ &server->ssl));
+
+ if (options->expected_ciphersuite != 0) {
+ TEST_EQUAL(server->ssl.session->ciphersuite,
+ options->expected_ciphersuite);
+ }
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ if (options->resize_buffers != 0) {
+ /* A server, when using DTLS, might delay a buffer resize to happen
+ * after it receives a message, so we force it. */
+ TEST_EQUAL(exchange_data(&(client->ssl), &(server->ssl)), 0);
+
+ TEST_EQUAL(client->ssl.out_buf_len,
+ mbedtls_ssl_get_output_buflen(&client->ssl));
+ TEST_EQUAL(client->ssl.in_buf_len,
+ mbedtls_ssl_get_input_buflen(&client->ssl));
+ TEST_EQUAL(server->ssl.out_buf_len,
+ mbedtls_ssl_get_output_buflen(&server->ssl));
+ TEST_EQUAL(server->ssl.in_buf_len,
+ mbedtls_ssl_get_input_buflen(&server->ssl));
+ }
+#endif
+
+ if (options->cli_msg_len != 0 || options->srv_msg_len != 0) {
+ /* Start data exchanging test */
+ TEST_EQUAL(mbedtls_test_ssl_exchange_data(
+ &(client->ssl), options->cli_msg_len,
+ options->expected_cli_fragments,
+ &(server->ssl), options->srv_msg_len,
+ options->expected_srv_fragments),
+ 0);
+ }
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+ if (options->serialize == 1) {
+ TEST_ASSERT(test_serialization(options, client, server));
+ }
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ if (options->renegotiate) {
+ TEST_ASSERT(test_renegotiation(options, client, server));
+ }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+ ok = 1;
+
+exit:
+ return ok;
+}
+
+void mbedtls_test_ssl_perform_handshake(
+ const mbedtls_test_handshake_test_options *options)
+{
+ mbedtls_test_ssl_endpoint client_struct;
+ memset(&client_struct, 0, sizeof(client_struct));
+ mbedtls_test_ssl_endpoint *const client = &client_struct;
+ mbedtls_test_ssl_endpoint server_struct;
+ memset(&server_struct, 0, sizeof(server_struct));
+ mbedtls_test_ssl_endpoint *const server = &server_struct;
MD_OR_USE_PSA_INIT();
- mbedtls_platform_zeroize(&client, sizeof(client));
- mbedtls_platform_zeroize(&server, sizeof(server));
- mbedtls_test_ssl_message_queue server_queue, client_queue;
- mbedtls_test_message_socket_context server_context, client_context;
- mbedtls_test_message_socket_init(&server_context);
- mbedtls_test_message_socket_init(&client_context);
#if defined(MBEDTLS_DEBUG_C)
if (options->cli_log_fun || options->srv_log_fun) {
@@ -2141,322 +2480,34 @@
#endif
/* Client side */
- if (options->dtls != 0) {
- TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
- MBEDTLS_SSL_IS_CLIENT,
- options, &client_context,
- &client_queue,
- &server_queue) == 0);
-#if defined(MBEDTLS_TIMING_C)
- mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client,
- mbedtls_timing_set_delay,
- mbedtls_timing_get_delay);
-#endif
- } else {
- TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
- MBEDTLS_SSL_IS_CLIENT,
- options, NULL, NULL,
- NULL) == 0);
- }
-
- if (strlen(options->cipher) > 0) {
- set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite);
- }
+ TEST_EQUAL(mbedtls_test_ssl_endpoint_init(client,
+ MBEDTLS_SSL_IS_CLIENT,
+ options), 0);
/* Server side */
- if (options->dtls != 0) {
- TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
- MBEDTLS_SSL_IS_SERVER,
- options, &server_context,
- &server_queue,
- &client_queue) == 0);
-#if defined(MBEDTLS_TIMING_C)
- mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server,
- mbedtls_timing_set_delay,
- mbedtls_timing_get_delay);
-#endif
- } else {
- TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
- MBEDTLS_SSL_IS_SERVER,
- options, NULL, NULL,
- NULL) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_endpoint_init(server,
+ MBEDTLS_SSL_IS_SERVER,
+ options), 0);
+
+ if (options->dtls) {
+ TEST_EQUAL(mbedtls_test_ssl_dtls_join_endpoints(client, server), 0);
}
- mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode);
+ TEST_ASSERT(mbedtls_test_ssl_perform_connection(options, client, server));
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf),
- (unsigned char) options->mfl)
- == 0);
- TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf),
- (unsigned char) options->mfl)
- == 0);
-#else
- TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl);
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
- if (options->psk_str != NULL && options->psk_str->len > 0) {
- TEST_ASSERT(mbedtls_ssl_conf_psk(
- &client.conf, options->psk_str->x,
- options->psk_str->len,
- (const unsigned char *) psk_identity,
- strlen(psk_identity)) == 0);
-
- TEST_ASSERT(mbedtls_ssl_conf_psk(
- &server.conf, options->psk_str->x,
- options->psk_str->len,
- (const unsigned char *) psk_identity,
- strlen(psk_identity)) == 0);
-#if defined(MBEDTLS_SSL_SRV_C)
- mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL);
-#endif
- }
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
- if (options->renegotiate) {
- mbedtls_ssl_conf_renegotiation(&(server.conf),
- MBEDTLS_SSL_RENEGOTIATION_ENABLED);
- mbedtls_ssl_conf_renegotiation(&(client.conf),
- MBEDTLS_SSL_RENEGOTIATION_ENABLED);
-
- mbedtls_ssl_conf_legacy_renegotiation(&(server.conf),
- options->legacy_renegotiation);
- mbedtls_ssl_conf_legacy_renegotiation(&(client.conf),
- options->legacy_renegotiation);
- }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
- TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket),
- &(server.socket),
- BUFFSIZE) == 0);
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
- if (options->resize_buffers != 0) {
- /* Ensure that the buffer sizes are appropriate before resizes */
- TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
- TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
- TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
- TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
- }
-#endif
-
- if (options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN) {
- expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION;
- }
-
- TEST_ASSERT(mbedtls_test_move_handshake_to_state(&(client.ssl),
- &(server.ssl),
- MBEDTLS_SSL_HANDSHAKE_OVER)
- == expected_handshake_result);
-
- if (expected_handshake_result != 0) {
- /* Connection will have failed by this point, skip to cleanup */
- goto exit;
- }
-
- TEST_ASSERT(mbedtls_ssl_is_handshake_over(&client.ssl) == 1);
-
- /* Make sure server state is moved to HANDSHAKE_OVER also. */
- TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl),
- &(client.ssl),
- MBEDTLS_SSL_HANDSHAKE_OVER),
- 0);
-
- TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1);
- /* Check that both sides have negotiated the expected version. */
- mbedtls_test_set_step(0);
- if (!check_ssl_version(options->expected_negotiated_version,
- &client.ssl)) {
- goto exit;
- }
-
- mbedtls_test_set_step(1);
- if (!check_ssl_version(options->expected_negotiated_version,
- &server.ssl)) {
- goto exit;
- }
-
- if (options->expected_ciphersuite != 0) {
- TEST_EQUAL(server.ssl.session->ciphersuite,
- options->expected_ciphersuite);
- }
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
- if (options->resize_buffers != 0) {
- /* A server, when using DTLS, might delay a buffer resize to happen
- * after it receives a message, so we force it. */
- TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
-
- TEST_ASSERT(client.ssl.out_buf_len ==
- mbedtls_ssl_get_output_buflen(&client.ssl));
- TEST_ASSERT(client.ssl.in_buf_len ==
- mbedtls_ssl_get_input_buflen(&client.ssl));
- TEST_ASSERT(server.ssl.out_buf_len ==
- mbedtls_ssl_get_output_buflen(&server.ssl));
- TEST_ASSERT(server.ssl.in_buf_len ==
- mbedtls_ssl_get_input_buflen(&server.ssl));
- }
-#endif
-
- if (options->cli_msg_len != 0 || options->srv_msg_len != 0) {
- /* Start data exchanging test */
- TEST_ASSERT(mbedtls_test_ssl_exchange_data(
- &(client.ssl), options->cli_msg_len,
- options->expected_cli_fragments,
- &(server.ssl), options->srv_msg_len,
- options->expected_srv_fragments)
- == 0);
- }
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
- if (options->serialize == 1) {
- TEST_ASSERT(options->dtls == 1);
-
- TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL,
- 0, &context_buf_len)
- == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
-
- context_buf = mbedtls_calloc(1, context_buf_len);
- TEST_ASSERT(context_buf != NULL);
-
- TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf,
- context_buf_len,
- &context_buf_len)
- == 0);
-
- mbedtls_ssl_free(&(server.ssl));
- mbedtls_ssl_init(&(server.ssl));
-
- TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0);
-
- mbedtls_ssl_set_bio(&(server.ssl), &server_context,
- mbedtls_test_mock_tcp_send_msg,
- mbedtls_test_mock_tcp_recv_msg,
- NULL);
-
- mbedtls_ssl_set_user_data_p(&server.ssl, &server);
-
-#if defined(MBEDTLS_TIMING_C)
- mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server,
- mbedtls_timing_set_delay,
- mbedtls_timing_get_delay);
-#endif
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
- if (options->resize_buffers != 0) {
- /* Ensure that the buffer sizes are appropriate before resizes */
- TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
- TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
- }
-#endif
- TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf,
- context_buf_len) == 0);
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
- /* Validate buffer sizes after context deserialization */
- if (options->resize_buffers != 0) {
- TEST_ASSERT(server.ssl.out_buf_len ==
- mbedtls_ssl_get_output_buflen(&server.ssl));
- TEST_ASSERT(server.ssl.in_buf_len ==
- mbedtls_ssl_get_input_buflen(&server.ssl));
- }
-#endif
- /* Retest writing/reading */
- if (options->cli_msg_len != 0 || options->srv_msg_len != 0) {
- TEST_ASSERT(mbedtls_test_ssl_exchange_data(
- &(client.ssl), options->cli_msg_len,
- options->expected_cli_fragments,
- &(server.ssl), options->srv_msg_len,
- options->expected_srv_fragments)
- == 0);
- }
- }
-#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
- if (options->renegotiate) {
- /* Start test with renegotiation */
- TEST_ASSERT(server.ssl.renego_status ==
- MBEDTLS_SSL_INITIAL_HANDSHAKE);
- TEST_ASSERT(client.ssl.renego_status ==
- MBEDTLS_SSL_INITIAL_HANDSHAKE);
-
- /* After calling this function for the server, it only sends a handshake
- * request. All renegotiation should happen during data exchanging */
- TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0);
- TEST_ASSERT(server.ssl.renego_status ==
- MBEDTLS_SSL_RENEGOTIATION_PENDING);
- TEST_ASSERT(client.ssl.renego_status ==
- MBEDTLS_SSL_INITIAL_HANDSHAKE);
-
- TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
- TEST_ASSERT(server.ssl.renego_status ==
- MBEDTLS_SSL_RENEGOTIATION_DONE);
- TEST_ASSERT(client.ssl.renego_status ==
- MBEDTLS_SSL_RENEGOTIATION_DONE);
-
- /* After calling mbedtls_ssl_renegotiate for the client,
- * all renegotiation should happen inside this function.
- * However in this test, we cannot perform simultaneous communication
- * between client and server so this function will return waiting error
- * on the socket. All rest of renegotiation should happen
- * during data exchanging */
- ret = mbedtls_ssl_renegotiate(&(client.ssl));
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
- if (options->resize_buffers != 0) {
- /* Ensure that the buffer sizes are appropriate before resizes */
- TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
- TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
- }
-#endif
- TEST_ASSERT(ret == 0 ||
- ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE);
- TEST_ASSERT(server.ssl.renego_status ==
- MBEDTLS_SSL_RENEGOTIATION_DONE);
- TEST_ASSERT(client.ssl.renego_status ==
- MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS);
-
- TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
- TEST_ASSERT(server.ssl.renego_status ==
- MBEDTLS_SSL_RENEGOTIATION_DONE);
- TEST_ASSERT(client.ssl.renego_status ==
- MBEDTLS_SSL_RENEGOTIATION_DONE);
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
- /* Validate buffer sizes after renegotiation */
- if (options->resize_buffers != 0) {
- TEST_ASSERT(client.ssl.out_buf_len ==
- mbedtls_ssl_get_output_buflen(&client.ssl));
- TEST_ASSERT(client.ssl.in_buf_len ==
- mbedtls_ssl_get_input_buflen(&client.ssl));
- TEST_ASSERT(server.ssl.out_buf_len ==
- mbedtls_ssl_get_output_buflen(&server.ssl));
- TEST_ASSERT(server.ssl.in_buf_len ==
- mbedtls_ssl_get_input_buflen(&server.ssl));
- }
-#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
- }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
- TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&client.conf) == &client);
- TEST_ASSERT(mbedtls_ssl_get_user_data_p(&client.ssl) == &client);
- TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&server.conf) == &server);
- TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server);
+ TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&client->conf) == client);
+ TEST_ASSERT(mbedtls_ssl_get_user_data_p(&client->ssl) == client);
+ TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&server->conf) == server);
+ TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server->ssl) == server);
exit:
- mbedtls_test_ssl_endpoint_free(&client,
- options->dtls != 0 ? &client_context : NULL);
- mbedtls_test_ssl_endpoint_free(&server,
- options->dtls != 0 ? &server_context : NULL);
+ mbedtls_test_ssl_endpoint_free(client);
+ mbedtls_test_ssl_endpoint_free(server);
#if defined(MBEDTLS_DEBUG_C)
if (options->cli_log_fun || options->srv_log_fun) {
mbedtls_debug_set_threshold(0);
}
#endif
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
- if (context_buf != NULL) {
- mbedtls_free(context_buf);
- }
-#endif
MD_OR_USE_PSA_DONE();
}
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
@@ -2620,11 +2671,11 @@
mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- client_options, NULL, NULL, NULL);
+ client_options);
TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- server_options, NULL, NULL, NULL);
+ server_options);
TEST_EQUAL(ret, 0);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
@@ -2652,8 +2703,8 @@
ok = 1;
exit:
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
if (ret == 0 && !ok) {
/* Exiting due to a test assertion that isn't ret == 0 */
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index cd1cae0..5b2425b 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -9412,10 +9412,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1" \
0 \
- -C "x509_verify_cert.*4b00" \
- -C "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -C "mbedtls_pk_sign.*4b00"
+ -C "x509_verify_cert.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_sign.*\(4b00\|-248\)"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
@@ -9425,10 +9425,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=0" \
0 \
- -C "x509_verify_cert.*4b00" \
- -C "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -C "mbedtls_pk_sign.*4b00"
+ -C "x509_verify_cert.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_sign.*\(4b00\|-248\)"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
@@ -9438,10 +9438,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=65535" \
0 \
- -C "x509_verify_cert.*4b00" \
- -C "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -C "mbedtls_pk_sign.*4b00"
+ -C "x509_verify_cert.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_sign.*\(4b00\|-248\)"
# The following test cases for restartable ECDH come in two variants:
# * The "(USE_PSA)" variant expects the current behavior, which is the behavior
@@ -9466,10 +9466,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=1000" \
0 \
- -c "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -c "mbedtls_ecdh_make_public.*4b00" \
- -c "mbedtls_pk_sign.*4b00"
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -c "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_sign.*\(4b00\|-248\)"
# With USE_PSA enabled we expect only partial restartable behaviour:
# everything except ECDH (where TLS calls PSA directly).
@@ -9481,10 +9481,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=1000" \
0 \
- -c "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -c "mbedtls_pk_sign.*4b00"
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_sign.*\(4b00\|-248\)"
# This works the same with & without USE_PSA as we never get to ECDH:
# we abort as soon as we determined the cert is bad.
@@ -9498,10 +9498,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=1000" \
1 \
- -c "x509_verify_cert.*4b00" \
- -C "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -C "mbedtls_pk_sign.*4b00" \
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_sign.*\(4b00\|-248\)" \
-c "! The certificate is not correctly signed by the trusted CA" \
-c "! mbedtls_ssl_handshake returned" \
-c "X509 - Certificate verification failed"
@@ -9518,10 +9518,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=1000 auth_mode=optional" \
0 \
- -c "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -c "mbedtls_ecdh_make_public.*4b00" \
- -c "mbedtls_pk_sign.*4b00" \
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -c "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_sign.*\(4b00\|-248\)" \
-c "! The certificate is not correctly signed by the trusted CA" \
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
@@ -9538,10 +9538,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=1000 auth_mode=optional" \
0 \
- -c "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -c "mbedtls_pk_sign.*4b00" \
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_sign.*\(4b00\|-248\)" \
-c "! The certificate is not correctly signed by the trusted CA" \
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
@@ -9558,10 +9558,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=1000 auth_mode=none" \
0 \
- -C "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -c "mbedtls_ecdh_make_public.*4b00" \
- -c "mbedtls_pk_sign.*4b00" \
+ -C "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -c "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_sign.*\(4b00\|-248\)" \
-C "! The certificate is not correctly signed by the trusted CA" \
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
@@ -9578,10 +9578,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=1000 auth_mode=none" \
0 \
- -C "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -c "mbedtls_pk_sign.*4b00" \
+ -C "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_sign.*\(4b00\|-248\)" \
-C "! The certificate is not correctly signed by the trusted CA" \
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
@@ -9596,10 +9596,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
dtls=1 debug_level=1 ec_max_ops=1000" \
0 \
- -c "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -c "mbedtls_ecdh_make_public.*4b00" \
- -c "mbedtls_pk_sign.*4b00"
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -c "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_sign.*\(4b00\|-248\)"
# With USE_PSA enabled we expect only partial restartable behaviour:
# everything except ECDH (where TLS calls PSA directly).
@@ -9611,10 +9611,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
dtls=1 debug_level=1 ec_max_ops=1000" \
0 \
- -c "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -c "mbedtls_pk_sign.*4b00"
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_sign.*\(4b00\|-248\)"
# With USE_PSA disabled we expect full restartable behaviour.
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
@@ -9625,10 +9625,10 @@
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
debug_level=1 ec_max_ops=1000" \
0 \
- -c "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -c "mbedtls_ecdh_make_public.*4b00" \
- -C "mbedtls_pk_sign.*4b00"
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -c "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_sign.*\(4b00\|-248\)"
# With USE_PSA enabled we expect only partial restartable behaviour:
@@ -9640,10 +9640,10 @@
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
debug_level=1 ec_max_ops=1000" \
0 \
- -c "x509_verify_cert.*4b00" \
- -c "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -C "mbedtls_pk_sign.*4b00"
+ -c "x509_verify_cert.*\(4b00\|-248\)" \
+ -c "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_sign.*\(4b00\|-248\)"
# Restartable is only for ECDHE-ECDSA, with another ciphersuite we expect no
# restartable behaviour at all (not even client auth).
@@ -9657,10 +9657,10 @@
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
debug_level=1 ec_max_ops=1000" \
0 \
- -C "x509_verify_cert.*4b00" \
- -C "mbedtls_pk_verify.*4b00" \
- -C "mbedtls_ecdh_make_public.*4b00" \
- -C "mbedtls_pk_sign.*4b00"
+ -C "x509_verify_cert.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_verify.*\(4b00\|-248\)" \
+ -C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
+ -C "mbedtls_pk_sign.*\(4b00\|-248\)"
# Tests of asynchronous private key support in SSL
@@ -11693,7 +11693,7 @@
0 \
-c "Buffering HS message" \
-c "found fragmented DTLS handshake message"\
- -c "Next handshake message 1 not or only partially bufffered" \
+ -c "Next handshake message 1 not or only partially buffered" \
-c "Next handshake message has been buffered - load"\
-S "Buffering HS message" \
-S "Next handshake message has been buffered - load"\
diff --git a/tests/suites/test_suite_pkcs7.function b/tests/suites/test_suite_pkcs7.function
index e5dc4bd..0c4a00b 100644
--- a/tests/suites/test_suite_pkcs7.function
+++ b/tests/suites/test_suite_pkcs7.function
@@ -33,9 +33,17 @@
void pkcs7_asn1_fail(data_t *pkcs7_buf)
{
int res;
+
+ /* PKCS7 uses X509 which itself relies on PK under the hood and the latter
+ * can use PSA to store keys and perform operations so psa_crypto_init()
+ * must be called before. */
+ USE_PSA_INIT();
+
res = pkcs7_parse_buffer(pkcs7_buf->x, pkcs7_buf->len);
TEST_ASSERT(res != MBEDTLS_PKCS7_SIGNED_DATA);
+exit:
+ USE_PSA_DONE();
}
/* END_CASE */
@@ -46,6 +54,11 @@
size_t buflen;
int res;
+ /* PKCS7 uses X509 which itself relies on PK under the hood and the latter
+ * can use PSA to store keys and perform operations so psa_crypto_init()
+ * must be called before. */
+ USE_PSA_INIT();
+
res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen);
TEST_EQUAL(res, 0);
@@ -54,6 +67,7 @@
exit:
mbedtls_free(pkcs7_buf);
+ USE_PSA_DONE();
}
/* END_CASE */
@@ -77,7 +91,7 @@
mbedtls_pkcs7 pkcs7;
mbedtls_x509_crt **crts = NULL;
- MD_OR_USE_PSA_INIT();
+ USE_PSA_INIT();
mbedtls_pkcs7_init(&pkcs7);
@@ -166,6 +180,6 @@
mbedtls_free(crts);
mbedtls_free(data);
mbedtls_free(pkcs7_buf);
- MD_OR_USE_PSA_DONE();
+ USE_PSA_DONE();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 4567dbd..c47b216 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -435,50 +435,41 @@
memset(input, 0, sizeof(input));
/* Make sure calling put and get on NULL buffer results in error. */
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, input, sizeof(input))
- == -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, output, sizeof(output))
- == -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input))
- == -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(NULL, input, sizeof(input)), -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_get(NULL, output, sizeof(output)), -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input)), -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, 0) == -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, NULL, 0) == -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(NULL, NULL, 0), -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_get(NULL, NULL, 0), -1);
/* Make sure calling put and get on a buffer that hasn't been set up results
* in error. */
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input))
- == -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output))
- == -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input))
- == -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)), -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output)), -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)), -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, NULL, 0), -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_get(&buf, NULL, 0), -1);
/* Make sure calling put and get on NULL input only results in
* error if the length is not zero, and that a NULL output is valid for data
* dropping.
*/
- TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, sizeof(input)) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_setup(&buf, sizeof(input)), 0);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input))
- == -1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, sizeof(output))
- == 0);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == 0);
- TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)), -1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_get(&buf, NULL, sizeof(output)), 0);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, NULL, 0), 0);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_get(&buf, NULL, 0), 0);
/* Make sure calling put several times in the row is safe */
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input))
- == sizeof(input));
- TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, 2) == 2);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 2) == 1);
- TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 2) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)), sizeof(input));
+ TEST_EQUAL(mbedtls_test_ssl_buffer_get(&buf, output, 2), 2);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, input, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, input, 2), 1);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_put(&buf, input, 2), 0);
exit:
@@ -519,7 +510,7 @@
mbedtls_test_ssl_buffer_init(&buf);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, size) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_buffer_setup(&buf, size), 0);
/* Check the sanity of input parameters and initialise local variables. That
* is, ensure that the amount of data is not negative and that we are not
@@ -578,17 +569,16 @@
written = read = 0;
for (j = 0; j < ROUNDS; j++) {
- TEST_ASSERT(put_ret[j] == mbedtls_test_ssl_buffer_put(&buf,
- input + written, put[j]));
+ TEST_EQUAL(put_ret[j], mbedtls_test_ssl_buffer_put(&buf,
+ input + written, put[j]));
written += put_ret[j];
- TEST_ASSERT(get_ret[j] == mbedtls_test_ssl_buffer_get(&buf,
- output + read, get[j]));
+ TEST_EQUAL(get_ret[j], mbedtls_test_ssl_buffer_get(&buf,
+ output + read, get[j]));
read += get_ret[j];
TEST_ASSERT(read <= written);
if (get_ret[j] > 0) {
- TEST_ASSERT(memcmp(output + read - get_ret[j],
- input + read - get_ret[j], get_ret[j])
- == 0);
+ TEST_EQUAL(memcmp(output + read - get_ret[j],
+ input + read - get_ret[j], get_ret[j]), 0);
}
}
@@ -673,8 +663,8 @@
}
/* Make sure that sending a message takes a few iterations. */
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- BUFLEN));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ BUFLEN));
/* Send the message to the server */
send_ret = recv_ret = 1;
@@ -690,9 +680,9 @@
if (send_ret == BUFLEN) {
int blocking_ret = send(&client, message, 1);
if (blocking) {
- TEST_ASSERT(blocking_ret == 0);
+ TEST_EQUAL(blocking_ret, 0);
} else {
- TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ TEST_EQUAL(blocking_ret, MBEDTLS_ERR_SSL_WANT_WRITE);
}
}
@@ -704,9 +694,9 @@
TEST_ASSERT(recv_ret <= BUFLEN);
read += recv_ret;
} else if (blocking) {
- TEST_ASSERT(recv_ret == 0);
+ TEST_EQUAL(recv_ret, 0);
} else {
- TEST_ASSERT(recv_ret == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(recv_ret, MBEDTLS_ERR_SSL_WANT_READ);
recv_ret = 0;
}
@@ -714,13 +704,13 @@
if (recv_ret == BUFLEN) {
int blocking_ret = recv(&server, received, 1);
if (blocking) {
- TEST_ASSERT(blocking_ret == 0);
+ TEST_EQUAL(blocking_ret, 0);
} else {
- TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(blocking_ret, MBEDTLS_ERR_SSL_WANT_READ);
}
}
}
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
exit:
mbedtls_test_mock_socket_close(&client);
@@ -774,8 +764,8 @@
}
/* Make sure that sending a message takes a few iterations. */
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- BUFLEN));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ BUFLEN));
/* Send the message from both sides, interleaving. */
progress = 1;
@@ -803,9 +793,9 @@
if (send_ret[i] == BUFLEN) {
int blocking_ret = send(socket, message[i], 1);
if (blocking) {
- TEST_ASSERT(blocking_ret == 0);
+ TEST_EQUAL(blocking_ret, 0);
} else {
- TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ TEST_EQUAL(blocking_ret, MBEDTLS_ERR_SSL_WANT_WRITE);
}
}
}
@@ -823,9 +813,9 @@
TEST_ASSERT(recv_ret[i] <= BUFLEN);
read[i] += recv_ret[i];
} else if (blocking) {
- TEST_ASSERT(recv_ret[i] == 0);
+ TEST_EQUAL(recv_ret[i], 0);
} else {
- TEST_ASSERT(recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(recv_ret[i], MBEDTLS_ERR_SSL_WANT_READ);
recv_ret[i] = 0;
}
@@ -834,9 +824,9 @@
if (recv_ret[i] == BUFLEN) {
int blocking_ret = recv(socket, received[i], 1);
if (blocking) {
- TEST_ASSERT(blocking_ret == 0);
+ TEST_EQUAL(blocking_ret, 0);
} else {
- TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(blocking_ret, MBEDTLS_ERR_SSL_WANT_READ);
}
}
}
@@ -848,7 +838,7 @@
}
for (i = 0; i < ROUNDS; i++) {
- TEST_ASSERT(memcmp(message[i], received[i], MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message[i], received[i], MSGLEN), 0);
}
exit:
@@ -865,14 +855,14 @@
USE_PSA_INIT();
/* Trying to push/pull to an empty queue */
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(NULL, 1)
- == MBEDTLS_TEST_ERROR_ARG_NULL);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(NULL, 1)
- == MBEDTLS_TEST_ERROR_ARG_NULL);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(NULL, 1),
+ MBEDTLS_TEST_ERROR_ARG_NULL);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(NULL, 1),
+ MBEDTLS_TEST_ERROR_ARG_NULL);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0);
- TEST_ASSERT(queue.capacity == 3);
- TEST_ASSERT(queue.num == 0);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_setup(&queue, 3), 0);
+ TEST_EQUAL(queue.capacity, 3);
+ TEST_EQUAL(queue.num, 0);
exit:
mbedtls_test_ssl_message_queue_free(&queue);
@@ -886,22 +876,22 @@
mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT;
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_setup(&queue, 3), 0);
/* Sanity test - 3 pushes and 3 pops with sufficient space */
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
- TEST_ASSERT(queue.capacity == 3);
- TEST_ASSERT(queue.num == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
- TEST_ASSERT(queue.capacity == 3);
- TEST_ASSERT(queue.num == 2);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2);
- TEST_ASSERT(queue.capacity == 3);
- TEST_ASSERT(queue.num == 3);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 1), 1);
+ TEST_EQUAL(queue.capacity, 3);
+ TEST_EQUAL(queue.num, 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 1), 1);
+ TEST_EQUAL(queue.capacity, 3);
+ TEST_EQUAL(queue.num, 2);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 2), 2);
+ TEST_EQUAL(queue.capacity, 3);
+ TEST_EQUAL(queue.num, 3);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 2), 2);
exit:
mbedtls_test_ssl_message_queue_free(&queue);
@@ -915,21 +905,21 @@
mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT;
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_setup(&queue, 3), 0);
/* 4 pushes (last one with an error), 4 pops (last one with an error) */
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 3)
- == MBEDTLS_ERR_SSL_WANT_WRITE);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 2), 2);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 3),
+ MBEDTLS_ERR_SSL_WANT_WRITE);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 2), 2);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1)
- == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 1),
+ MBEDTLS_ERR_SSL_WANT_READ);
exit:
mbedtls_test_ssl_message_queue_free(&queue);
@@ -943,29 +933,29 @@
mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT;
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_setup(&queue, 3), 0);
/* Interleaved test - [2 pushes, 1 pop] twice, and then two pops
* (to wrap around the buffer) */
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 1), 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 1), 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 3) == 3);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 2), 2);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 3), 3);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 1), 1);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 2), 2);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 5) == 5);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 8) == 8);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 5), 5);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, 8), 8);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 3) == 3);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 3), 3);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 5) == 5);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 5), 5);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 8) == 8);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, 8), 8);
exit:
mbedtls_test_ssl_message_queue_free(&queue);
@@ -981,13 +971,13 @@
size_t buffer_len = 5;
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 1) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_setup(&queue, 1), 0);
/* Popping without a sufficient buffer */
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, message_len)
- == (int) message_len);
- TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, buffer_len)
- == (int) buffer_len);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&queue, message_len),
+ (int) message_len);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_pop_info(&queue, buffer_len),
+ (int) buffer_len);
exit:
mbedtls_test_ssl_message_queue_free(&queue);
USE_PSA_DONE();
@@ -1007,40 +997,40 @@
USE_PSA_INIT();
/* Send with a NULL context */
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(NULL, message, MSGLEN)
- == MBEDTLS_TEST_ERROR_CONTEXT_ERROR);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(NULL, message, MSGLEN),
+ MBEDTLS_TEST_ERROR_CONTEXT_ERROR);
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(NULL, message, MSGLEN)
- == MBEDTLS_TEST_ERROR_CONTEXT_ERROR);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(NULL, message, MSGLEN),
+ MBEDTLS_TEST_ERROR_CONTEXT_ERROR);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
- &client_queue, 1,
- &server,
- &server_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&server_queue,
+ &client_queue, 1,
+ &server,
+ &server_context), 0);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
- &server_queue, 1,
- &client,
- &client_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&client_queue,
+ &server_queue, 1,
+ &client,
+ &client_context), 0);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN)
- == MBEDTLS_TEST_ERROR_SEND_FAILED);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN),
+ MBEDTLS_TEST_ERROR_SEND_FAILED);
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MBEDTLS_ERR_SSL_WANT_READ);
/* Push directly to a queue to later simulate a disconnected behavior */
- TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&server_queue,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_ssl_message_queue_push_info(&server_queue,
+ MSGLEN),
+ MSGLEN);
/* Test if there's an error when trying to read from a disconnected
* socket */
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MBEDTLS_TEST_ERROR_RECV_FAILED);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MBEDTLS_TEST_ERROR_RECV_FAILED);
exit:
mbedtls_test_message_socket_close(&server_context);
mbedtls_test_message_socket_close(&client_context);
@@ -1062,46 +1052,46 @@
mbedtls_test_message_socket_init(&client_context);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
- &client_queue, 1,
- &server,
- &server_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&server_queue,
+ &client_queue, 1,
+ &server,
+ &server_context), 0);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
- &server_queue, 1,
- &client,
- &client_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&client_queue,
+ &server_queue, 1,
+ &client,
+ &client_context), 0);
/* Fill up the buffer with structured data so that unwanted changes
* can be detected */
for (i = 0; i < MSGLEN; i++) {
message[i] = i & 0xFF;
}
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- MSGLEN));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ MSGLEN));
/* Send the message to the server */
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN), MSGLEN);
/* Read from the server */
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
memset(received, 0, MSGLEN);
/* Send the message to the client */
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&server_context, message,
+ MSGLEN),
+ MSGLEN);
/* Read from the client */
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
- MSGLEN)
- == MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
+ MSGLEN),
+ MSGLEN);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
exit:
mbedtls_test_message_socket_close(&server_context);
@@ -1124,51 +1114,51 @@
mbedtls_test_message_socket_init(&client_context);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
- &client_queue, 2,
- &server,
- &server_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&server_queue,
+ &client_queue, 2,
+ &server,
+ &server_context), 0);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
- &server_queue, 2,
- &client,
- &client_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&client_queue,
+ &server_queue, 2,
+ &client,
+ &client_context), 0);
/* Fill up the buffer with structured data so that unwanted changes
* can be detected */
for (i = 0; i < MSGLEN; i++) {
message[i] = i & 0xFF;
}
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- MSGLEN*2));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ MSGLEN*2));
/* Send three message to the server, last one with an error */
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN - 1)
- == MSGLEN - 1);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN - 1),
+ MSGLEN - 1);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN),
+ MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN)
- == MBEDTLS_ERR_SSL_WANT_WRITE);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN),
+ MBEDTLS_ERR_SSL_WANT_WRITE);
/* Read three messages from the server, last one with an error */
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN - 1)
- == MSGLEN - 1);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN - 1),
+ MSGLEN - 1);
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MBEDTLS_ERR_SSL_WANT_READ);
exit:
mbedtls_test_message_socket_close(&server_context);
@@ -1191,39 +1181,39 @@
mbedtls_test_message_socket_init(&client_context);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
- &client_queue, 2,
- &server,
- &server_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&server_queue,
+ &client_queue, 2,
+ &server,
+ &server_context), 0);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
- &server_queue, 2,
- &client,
- &client_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&client_queue,
+ &server_queue, 2,
+ &client,
+ &client_context), 0);
/* Fill up the buffer with structured data so that unwanted changes
* can be detected */
for (i = 0; i < MSGLEN; i++) {
message[i] = i & 0xFF;
}
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- MSGLEN));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ MSGLEN));
/* Send two message to the server, second one with an error */
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN),
+ MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN)
- == MBEDTLS_TEST_ERROR_SEND_FAILED);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN),
+ MBEDTLS_TEST_ERROR_SEND_FAILED);
/* Read the only message from the server */
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
exit:
mbedtls_test_message_socket_close(&server_context);
@@ -1246,15 +1236,15 @@
mbedtls_test_message_socket_init(&client_context);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
- &client_queue, 2,
- &server,
- &server_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&server_queue,
+ &client_queue, 2,
+ &server,
+ &server_context), 0);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
- &server_queue, 2,
- &client,
- &client_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&client_queue,
+ &server_queue, 2,
+ &client,
+ &client_context), 0);
memset(received, 0, MSGLEN);
/* Fill up the buffer with structured data so that unwanted changes
@@ -1262,35 +1252,35 @@
for (i = 0; i < MSGLEN; i++) {
message[i] = i & 0xFF;
}
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- 2 * MSGLEN));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ 2 * MSGLEN));
/* Send two messages to the server, the second one small enough to fit in the
* receiver's buffer. */
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN)
- == MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN / 2)
- == MSGLEN / 2);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN),
+ MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN / 2),
+ MSGLEN / 2);
/* Read a truncated message from the server */
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN/2)
- == MSGLEN/2);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN/2),
+ MSGLEN/2);
/* Test that the first half of the message is valid, and second one isn't */
- TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN/2), 0);
TEST_ASSERT(memcmp(message + MSGLEN/2, received + MSGLEN/2, MSGLEN/2)
!= 0);
memset(received, 0, MSGLEN);
/* Read a full message from the server */
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN/2)
- == MSGLEN / 2);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN/2),
+ MSGLEN / 2);
/* Test that the first half of the message is valid */
- TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN/2), 0);
exit:
mbedtls_test_message_socket_close(&server_context);
@@ -1313,33 +1303,33 @@
mbedtls_test_message_socket_init(&client_context);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
- &client_queue, 1,
- &server,
- &server_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&server_queue,
+ &client_queue, 1,
+ &server,
+ &server_context), 0);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
- &server_queue, 1,
- &client,
- &client_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&client_queue,
+ &server_queue, 1,
+ &client,
+ &client_context), 0);
/* Fill up the buffer with structured data so that unwanted changes
* can be detected */
for (i = 0; i < MSGLEN; i++) {
message[i] = i & 0xFF;
}
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- MSGLEN));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ MSGLEN));
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN),
+ MSGLEN);
/* Force a read error by disconnecting the socket by hand */
server.status = 0;
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MBEDTLS_TEST_ERROR_RECV_FAILED);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MBEDTLS_TEST_ERROR_RECV_FAILED);
/* Return to a valid state */
server.status = MBEDTLS_MOCK_SOCKET_CONNECTED;
@@ -1347,11 +1337,11 @@
/* Test that even though the server tried to read once disconnected, the
* continuity is preserved */
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
exit:
mbedtls_test_message_socket_close(&server_context);
@@ -1374,48 +1364,48 @@
mbedtls_test_message_socket_init(&client_context);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
- &client_queue, 3,
- &server,
- &server_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&server_queue,
+ &client_queue, 3,
+ &server,
+ &server_context), 0);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
- &server_queue, 3,
- &client,
- &client_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&client_queue,
+ &server_queue, 3,
+ &client,
+ &client_context), 0);
/* Fill up the buffer with structured data so that unwanted changes
* can be detected */
for (i = 0; i < MSGLEN; i++) {
message[i] = i & 0xFF;
}
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- MSGLEN*3));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ MSGLEN*3));
/* Interleaved test - [2 sends, 1 read] twice, and then two reads
* (to wrap around the buffer) */
for (i = 0; i < 2; i++) {
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN) == MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN), MSGLEN);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
memset(received, 0, sizeof(received));
}
for (i = 0; i < 2; i++) {
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
}
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MBEDTLS_ERR_SSL_WANT_READ);
exit:
mbedtls_test_message_socket_close(&server_context);
mbedtls_test_message_socket_close(&client_context);
@@ -1437,75 +1427,75 @@
mbedtls_test_message_socket_init(&client_context);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
- &client_queue, 3,
- &server,
- &server_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&server_queue,
+ &client_queue, 3,
+ &server,
+ &server_context), 0);
- TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
- &server_queue, 3,
- &client,
- &client_context) == 0);
+ TEST_EQUAL(mbedtls_test_message_socket_setup(&client_queue,
+ &server_queue, 3,
+ &client,
+ &client_context), 0);
/* Fill up the buffer with structured data so that unwanted changes
* can be detected */
for (i = 0; i < MSGLEN; i++) {
message[i] = i & 0xFF;
}
- TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
- MSGLEN*3));
+ TEST_EQUAL(0, mbedtls_test_mock_socket_connect(&client, &server,
+ MSGLEN*3));
/* Interleaved test - [2 sends, 1 read] twice, both ways, and then two reads
* (to wrap around the buffer) both ways. */
for (i = 0; i < 2; i++) {
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&server_context, message,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_send_msg(&server_context, message,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
memset(received, 0, sizeof(received));
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
memset(received, 0, sizeof(received));
}
for (i = 0; i < 2; i++) {
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
memset(received, 0, sizeof(received));
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
- MSGLEN) == MSGLEN);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
+ MSGLEN), MSGLEN);
- TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+ TEST_EQUAL(memcmp(message, received, MSGLEN), 0);
memset(received, 0, sizeof(received));
}
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
- MSGLEN)
- == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+ MSGLEN),
+ MBEDTLS_ERR_SSL_WANT_READ);
- TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
- MSGLEN)
- == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
+ MSGLEN),
+ MBEDTLS_ERR_SSL_WANT_READ);
exit:
mbedtls_test_message_socket_close(&server_context);
mbedtls_test_message_socket_close(&client_context);
@@ -1524,12 +1514,12 @@
mbedtls_ssl_config_init(&conf);
MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_DATAGRAM,
- MBEDTLS_SSL_PRESET_DEFAULT) == 0);
+ TEST_EQUAL(mbedtls_ssl_config_defaults(&conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+ MBEDTLS_SSL_PRESET_DEFAULT), 0);
- TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+ TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);
/* Read previous record numbers */
for (len = 0; len < prevs->len; len += 6) {
@@ -1539,7 +1529,7 @@
/* Check new number */
memcpy(ssl.in_ctr + 2, new->x, 6);
- TEST_ASSERT(mbedtls_ssl_dtls_replay_check(&ssl) == ret);
+ TEST_EQUAL(mbedtls_ssl_dtls_replay_check(&ssl), ret);
exit:
mbedtls_ssl_free(&ssl);
@@ -1557,13 +1547,13 @@
mbedtls_ssl_init(&ssl);
USE_PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, input_hostname0) == 0);
+ TEST_EQUAL(mbedtls_ssl_set_hostname(&ssl, input_hostname0), 0);
output_hostname = mbedtls_ssl_get_hostname(&ssl);
- TEST_ASSERT(strcmp(input_hostname0, output_hostname) == 0);
+ TEST_EQUAL(strcmp(input_hostname0, output_hostname), 0);
- TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, input_hostname1) == 0);
+ TEST_EQUAL(mbedtls_ssl_set_hostname(&ssl, input_hostname1), 0);
output_hostname = mbedtls_ssl_get_hostname(&ssl);
- TEST_ASSERT(strcmp(input_hostname1, output_hostname) == 0);
+ TEST_EQUAL(strcmp(input_hostname1, output_hostname), 0);
exit:
mbedtls_ssl_free(&ssl);
@@ -1601,7 +1591,7 @@
(size_t) cid0_len,
(size_t) cid1_len);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
TEST_CALLOC(buf, buflen);
@@ -1660,7 +1650,7 @@
/* DTLS 1.2 + CID hides the real content type and
* uses a special CID content type in the protected
* record. Double-check this. */
- TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_CID);
+ TEST_EQUAL(rec.type, MBEDTLS_SSL_MSG_CID);
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
@@ -1669,24 +1659,24 @@
/* TLS 1.3 hides the real content type and
* always uses Application Data as the content type
* for protected records. Double-check this. */
- TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA);
+ TEST_EQUAL(rec.type, MBEDTLS_SSL_MSG_APPLICATION_DATA);
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* Decrypt record with t_dec */
ret = mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
/* Compare results */
- TEST_ASSERT(rec.type == rec_backup.type);
- TEST_ASSERT(memcmp(rec.ctr, rec_backup.ctr, 8) == 0);
- TEST_ASSERT(rec.ver[0] == rec_backup.ver[0]);
- TEST_ASSERT(rec.ver[1] == rec_backup.ver[1]);
- TEST_ASSERT(rec.data_len == rec_backup.data_len);
- TEST_ASSERT(rec.data_offset == rec_backup.data_offset);
- TEST_ASSERT(memcmp(rec.buf + rec.data_offset,
- rec_backup.buf + rec_backup.data_offset,
- rec.data_len) == 0);
+ TEST_EQUAL(rec.type, rec_backup.type);
+ TEST_EQUAL(memcmp(rec.ctr, rec_backup.ctr, 8), 0);
+ TEST_EQUAL(rec.ver[0], rec_backup.ver[0]);
+ TEST_EQUAL(rec.ver[1], rec_backup.ver[1]);
+ TEST_EQUAL(rec.data_len, rec_backup.data_len);
+ TEST_EQUAL(rec.data_offset, rec_backup.data_offset);
+ TEST_EQUAL(memcmp(rec.buf + rec.data_offset,
+ rec_backup.buf + rec_backup.data_offset,
+ rec.data_len), 0);
}
exit:
@@ -1754,7 +1744,7 @@
(size_t) cid0_len,
(size_t) cid1_len);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
TEST_CALLOC(buf, buflen);
@@ -1819,7 +1809,7 @@
/* DTLS 1.2 + CID hides the real content type and
* uses a special CID content type in the protected
* record. Double-check this. */
- TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_CID);
+ TEST_EQUAL(rec.type, MBEDTLS_SSL_MSG_CID);
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
@@ -1828,26 +1818,26 @@
/* TLS 1.3 hides the real content type and
* always uses Application Data as the content type
* for protected records. Double-check this. */
- TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA);
+ TEST_EQUAL(rec.type, MBEDTLS_SSL_MSG_APPLICATION_DATA);
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* Decrypt record with t_dec */
- TEST_ASSERT(mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec) == 0);
+ TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec), 0);
/* Compare results */
- TEST_ASSERT(rec.type == rec_backup.type);
- TEST_ASSERT(memcmp(rec.ctr, rec_backup.ctr, 8) == 0);
- TEST_ASSERT(rec.ver[0] == rec_backup.ver[0]);
- TEST_ASSERT(rec.ver[1] == rec_backup.ver[1]);
- TEST_ASSERT(rec.data_len == rec_backup.data_len);
- TEST_ASSERT(rec.data_offset == rec_backup.data_offset);
- TEST_ASSERT(memcmp(rec.buf + rec.data_offset,
- rec_backup.buf + rec_backup.data_offset,
- rec.data_len) == 0);
+ TEST_EQUAL(rec.type, rec_backup.type);
+ TEST_EQUAL(memcmp(rec.ctr, rec_backup.ctr, 8), 0);
+ TEST_EQUAL(rec.ver[0], rec_backup.ver[0]);
+ TEST_EQUAL(rec.ver[1], rec_backup.ver[1]);
+ TEST_EQUAL(rec.data_len, rec_backup.data_len);
+ TEST_EQUAL(rec.data_offset, rec_backup.data_offset);
+ TEST_EQUAL(memcmp(rec.buf + rec.data_offset,
+ rec_backup.buf + rec_backup.data_offset,
+ rec.data_len), 0);
}
- TEST_ASSERT(seen_success == 1);
+ TEST_EQUAL(seen_success, 1);
}
exit:
@@ -1886,16 +1876,16 @@
/* Check sanity of test parameters. */
TEST_ASSERT((size_t) desired_length <= sizeof(dst));
- TEST_ASSERT((size_t) desired_length == expected->len);
+ TEST_EQUAL((size_t) desired_length, expected->len);
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_hkdf_expand_label(
- (psa_algorithm_t) hash_alg,
- secret->x, secret->len,
- lbl, lbl_len,
- ctx->x, ctx->len,
- dst, desired_length) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_hkdf_expand_label(
+ (psa_algorithm_t) hash_alg,
+ secret->x, secret->len,
+ lbl, lbl_len,
+ ctx->x, ctx->len,
+ dst, desired_length), 0);
TEST_MEMORY_COMPARE(dst, (size_t) desired_length,
expected->x, (size_t) expected->len);
@@ -1919,7 +1909,7 @@
mbedtls_ssl_key_set keys;
/* Check sanity of test parameters. */
- TEST_ASSERT(client_secret->len == server_secret->len);
+ TEST_EQUAL(client_secret->len, server_secret->len);
TEST_ASSERT(
expected_client_write_iv->len == expected_server_write_iv->len &&
expected_client_write_iv->len == (size_t) desired_iv_len);
@@ -1984,17 +1974,17 @@
/* Check sanity of test parameters. */
TEST_ASSERT((size_t) desired_length <= sizeof(dst));
- TEST_ASSERT((size_t) desired_length == expected->len);
+ TEST_EQUAL((size_t) desired_length, expected->len);
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_derive_secret(
- (psa_algorithm_t) hash_alg,
- secret->x, secret->len,
- lbl, lbl_len,
- ctx->x, ctx->len,
- already_hashed,
- dst, desired_length) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_derive_secret(
+ (psa_algorithm_t) hash_alg,
+ secret->x, secret->len,
+ lbl, lbl_len,
+ ctx->x, ctx->len,
+ already_hashed,
+ dst, desired_length), 0);
TEST_MEMORY_COMPARE(dst, desired_length,
expected->x, desired_length);
@@ -2016,16 +2006,16 @@
/* Check sanity of test parameters. */
TEST_ASSERT((size_t) desired_length <= sizeof(dst));
- TEST_ASSERT((size_t) desired_length == expected->len);
+ TEST_EQUAL((size_t) desired_length, expected->len);
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_exporter(
- (psa_algorithm_t) hash_alg,
- secret->x, secret->len,
- (unsigned char *) label, strlen(label),
- (unsigned char *) context_value, strlen(context_value),
- dst, desired_length) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_exporter(
+ (psa_algorithm_t) hash_alg,
+ secret->x, secret->len,
+ (unsigned char *) label, strlen(label),
+ (unsigned char *) context_value, strlen(context_value),
+ dst, desired_length), 0);
TEST_MEMORY_COMPARE(dst, desired_length,
expected->x, desired_length);
@@ -2055,9 +2045,9 @@
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_derive_early_secrets(
- alg, secret->x, transcript->x, transcript->len,
- &secrets) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_derive_early_secrets(
+ alg, secret->x, transcript->x, transcript->len,
+ &secrets), 0);
TEST_MEMORY_COMPARE(secrets.client_early_traffic_secret, hash_len,
traffic_expected->x, traffic_expected->len);
@@ -2089,9 +2079,9 @@
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_derive_handshake_secrets(
- alg, secret->x, transcript->x, transcript->len,
- &secrets) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_derive_handshake_secrets(
+ alg, secret->x, transcript->x, transcript->len,
+ &secrets), 0);
TEST_MEMORY_COMPARE(secrets.client_handshake_traffic_secret, hash_len,
client_expected->x, client_expected->len);
@@ -2125,9 +2115,9 @@
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_derive_application_secrets(
- alg, secret->x, transcript->x, transcript->len,
- &secrets) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_derive_application_secrets(
+ alg, secret->x, transcript->x, transcript->len,
+ &secrets), 0);
TEST_MEMORY_COMPARE(secrets.client_application_traffic_secret_N, hash_len,
client_expected->x, client_expected->len);
@@ -2159,9 +2149,9 @@
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_derive_resumption_master_secret(
- alg, secret->x, transcript->x, transcript->len,
- &secrets) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_derive_resumption_master_secret(
+ alg, secret->x, transcript->x, transcript->len,
+ &secrets), 0);
TEST_MEMORY_COMPARE(secrets.resumption_master_secret, hash_len,
resumption_expected->x, resumption_expected->len);
@@ -2189,13 +2179,13 @@
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_create_psk_binder(
- NULL, /* SSL context for debugging only */
- alg,
- psk->x, psk->len,
- psk_type,
- transcript->x,
- binder) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_create_psk_binder(
+ NULL, /* SSL context for debugging only */
+ alg,
+ psk->x, psk->len,
+ psk_type,
+ transcript->x,
+ binder), 0);
TEST_MEMORY_COMPARE(binder, hash_len,
binder_expected->x, binder_expected->len);
@@ -2237,8 +2227,8 @@
other_endpoint = MBEDTLS_SSL_IS_SERVER;
}
- TEST_ASSERT(server_write_key->len == client_write_key->len);
- TEST_ASSERT(server_write_iv->len == client_write_iv->len);
+ TEST_EQUAL(server_write_key->len, client_write_key->len);
+ TEST_EQUAL(server_write_iv->len, client_write_iv->len);
memcpy(keys.client_write_key,
client_write_key->x, client_write_key->len);
@@ -2254,12 +2244,12 @@
MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_populate_transform(
- &transform_send, endpoint,
- ciphersuite, &keys, NULL) == 0);
- TEST_ASSERT(mbedtls_ssl_tls13_populate_transform(
- &transform_recv, other_endpoint,
- ciphersuite, &keys, NULL) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_populate_transform(
+ &transform_send, endpoint,
+ ciphersuite, &keys, NULL), 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_populate_transform(
+ &transform_recv, other_endpoint,
+ ciphersuite, &keys, NULL), 0);
/* Make sure we have enough space in the buffer even if
* we use more padding than the KAT. */
@@ -2286,14 +2276,14 @@
memset(&rec.ctr[0], 0, 8);
rec.ctr[7] = ctr;
- TEST_ASSERT(mbedtls_ssl_encrypt_buf(NULL, &transform_send, &rec) == 0);
+ TEST_EQUAL(mbedtls_ssl_encrypt_buf(NULL, &transform_send, &rec), 0);
if (padding_used == MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) {
TEST_MEMORY_COMPARE(rec.buf + rec.data_offset, rec.data_len,
ciphertext->x, ciphertext->len);
}
- TEST_ASSERT(mbedtls_ssl_decrypt_buf(NULL, &transform_recv, &rec) == 0);
+ TEST_EQUAL(mbedtls_ssl_decrypt_buf(NULL, &transform_recv, &rec), 0);
TEST_MEMORY_COMPARE(rec.buf + rec.data_offset, rec.data_len,
plaintext->x, plaintext->len);
@@ -2315,11 +2305,11 @@
PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls13_evolve_secret(
- (psa_algorithm_t) hash_alg,
- secret->len ? secret->x : NULL,
- input->len ? input->x : NULL, input->len,
- secret_new) == 0);
+ TEST_EQUAL(mbedtls_ssl_tls13_evolve_secret(
+ (psa_algorithm_t) hash_alg,
+ secret->len ? secret->x : NULL,
+ input->len ? input->x : NULL, input->len,
+ secret_new), 0);
TEST_MEMORY_COMPARE(secret_new, (size_t) expected->len,
expected->x, (size_t) expected->len);
@@ -2342,13 +2332,13 @@
MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_tls_prf(type, secret->x, secret->len,
- label, random->x, random->len,
- output, result_str->len) == exp_ret);
+ TEST_EQUAL(mbedtls_ssl_tls_prf(type, secret->x, secret->len,
+ label, random->x, random->len,
+ output, result_str->len), exp_ret);
if (exp_ret == 0) {
- TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
- result_str->len, result_str->len) == 0);
+ TEST_EQUAL(mbedtls_test_hexcmp(output, result_str->x,
+ result_str->len, result_str->len), 0);
}
exit:
@@ -2378,94 +2368,94 @@
((void) crt_file);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
- TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session(
- &original, 0, endpoint_type) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls13_populate_session(
+ &original, 0, endpoint_type), 0);
}
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) {
- TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(
- &original, ticket_len, endpoint_type, crt_file) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls12_populate_session(
+ &original, ticket_len, endpoint_type, crt_file), 0);
}
#endif
/* Serialize it */
- TEST_ASSERT(mbedtls_ssl_session_save(&original, NULL, 0, &len)
- == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+ TEST_EQUAL(mbedtls_ssl_session_save(&original, NULL, 0, &len),
+ MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
TEST_CALLOC(buf, len);
- TEST_ASSERT(mbedtls_ssl_session_save(&original, buf, len, &len)
- == 0);
+ TEST_EQUAL(mbedtls_ssl_session_save(&original, buf, len, &len),
+ 0);
/* Restore session from serialized data */
- TEST_ASSERT(mbedtls_ssl_session_load(&restored, buf, len) == 0);
+ TEST_EQUAL(mbedtls_ssl_session_load(&restored, buf, len), 0);
/*
* Make sure both session structures are identical
*/
#if defined(MBEDTLS_HAVE_TIME)
if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) {
- TEST_ASSERT(original.start == restored.start);
+ TEST_EQUAL(original.start, restored.start);
}
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
- TEST_ASSERT(original.ticket_creation_time == restored.ticket_creation_time);
+ TEST_EQUAL(original.ticket_creation_time, restored.ticket_creation_time);
#endif
#endif /* MBEDTLS_HAVE_TIME */
- TEST_ASSERT(original.tls_version == restored.tls_version);
- TEST_ASSERT(original.endpoint == restored.endpoint);
- TEST_ASSERT(original.ciphersuite == restored.ciphersuite);
+ TEST_EQUAL(original.tls_version, restored.tls_version);
+ TEST_EQUAL(original.endpoint, restored.endpoint);
+ TEST_EQUAL(original.ciphersuite, restored.ciphersuite);
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) {
- TEST_ASSERT(original.id_len == restored.id_len);
- TEST_ASSERT(memcmp(original.id,
- restored.id, sizeof(original.id)) == 0);
- TEST_ASSERT(memcmp(original.master,
- restored.master, sizeof(original.master)) == 0);
+ TEST_EQUAL(original.id_len, restored.id_len);
+ TEST_EQUAL(memcmp(original.id,
+ restored.id, sizeof(original.id)), 0);
+ TEST_EQUAL(memcmp(original.master,
+ restored.master, sizeof(original.master)), 0);
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
TEST_ASSERT((original.peer_cert == NULL) ==
(restored.peer_cert == NULL));
if (original.peer_cert != NULL) {
- TEST_ASSERT(original.peer_cert->raw.len ==
- restored.peer_cert->raw.len);
- TEST_ASSERT(memcmp(original.peer_cert->raw.p,
- restored.peer_cert->raw.p,
- original.peer_cert->raw.len) == 0);
+ TEST_EQUAL(original.peer_cert->raw.len,
+ restored.peer_cert->raw.len);
+ TEST_EQUAL(memcmp(original.peer_cert->raw.p,
+ restored.peer_cert->raw.p,
+ original.peer_cert->raw.len), 0);
}
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
- TEST_ASSERT(original.peer_cert_digest_type ==
- restored.peer_cert_digest_type);
- TEST_ASSERT(original.peer_cert_digest_len ==
- restored.peer_cert_digest_len);
+ TEST_EQUAL(original.peer_cert_digest_type,
+ restored.peer_cert_digest_type);
+ TEST_EQUAL(original.peer_cert_digest_len,
+ restored.peer_cert_digest_len);
TEST_ASSERT((original.peer_cert_digest == NULL) ==
(restored.peer_cert_digest == NULL));
if (original.peer_cert_digest != NULL) {
- TEST_ASSERT(memcmp(original.peer_cert_digest,
- restored.peer_cert_digest,
- original.peer_cert_digest_len) == 0);
+ TEST_EQUAL(memcmp(original.peer_cert_digest,
+ restored.peer_cert_digest,
+ original.peer_cert_digest_len), 0);
}
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
- TEST_ASSERT(original.verify_result == restored.verify_result);
+ TEST_EQUAL(original.verify_result, restored.verify_result);
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- TEST_ASSERT(original.mfl_code == restored.mfl_code);
+ TEST_EQUAL(original.mfl_code, restored.mfl_code);
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
- TEST_ASSERT(original.encrypt_then_mac == restored.encrypt_then_mac);
+ TEST_EQUAL(original.encrypt_then_mac, restored.encrypt_then_mac);
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
- TEST_ASSERT(original.ticket_len == restored.ticket_len);
+ TEST_EQUAL(original.ticket_len, restored.ticket_len);
if (original.ticket_len != 0) {
TEST_ASSERT(original.ticket != NULL);
TEST_ASSERT(restored.ticket != NULL);
- TEST_ASSERT(memcmp(original.ticket,
- restored.ticket, original.ticket_len) == 0);
+ TEST_EQUAL(memcmp(original.ticket,
+ restored.ticket, original.ticket_len), 0);
}
- TEST_ASSERT(original.ticket_lifetime == restored.ticket_lifetime);
+ TEST_EQUAL(original.ticket_lifetime, restored.ticket_lifetime);
#endif
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@@ -2473,15 +2463,15 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- TEST_ASSERT(original.ticket_age_add == restored.ticket_age_add);
- TEST_ASSERT(original.ticket_flags == restored.ticket_flags);
- TEST_ASSERT(original.resumption_key_len == restored.resumption_key_len);
+ TEST_EQUAL(original.ticket_age_add, restored.ticket_age_add);
+ TEST_EQUAL(original.ticket_flags, restored.ticket_flags);
+ TEST_EQUAL(original.resumption_key_len, restored.resumption_key_len);
if (original.resumption_key_len != 0) {
TEST_ASSERT(original.resumption_key != NULL);
TEST_ASSERT(restored.resumption_key != NULL);
- TEST_ASSERT(memcmp(original.resumption_key,
- restored.resumption_key,
- original.resumption_key_len) == 0);
+ TEST_EQUAL(memcmp(original.resumption_key,
+ restored.resumption_key,
+ original.resumption_key_len), 0);
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
@@ -2502,16 +2492,16 @@
if (endpoint_type == MBEDTLS_SSL_IS_CLIENT) {
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
#if defined(MBEDTLS_HAVE_TIME)
- TEST_ASSERT(original.ticket_reception_time == restored.ticket_reception_time);
+ TEST_EQUAL(original.ticket_reception_time, restored.ticket_reception_time);
#endif
- TEST_ASSERT(original.ticket_lifetime == restored.ticket_lifetime);
- TEST_ASSERT(original.ticket_len == restored.ticket_len);
+ TEST_EQUAL(original.ticket_lifetime, restored.ticket_lifetime);
+ TEST_EQUAL(original.ticket_len, restored.ticket_len);
if (original.ticket_len != 0) {
TEST_ASSERT(original.ticket != NULL);
TEST_ASSERT(restored.ticket != NULL);
- TEST_ASSERT(memcmp(original.ticket,
- restored.ticket,
- original.ticket_len) == 0);
+ TEST_EQUAL(memcmp(original.ticket,
+ restored.ticket,
+ original.ticket_len), 0);
}
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
TEST_ASSERT(original.hostname != NULL);
@@ -2526,12 +2516,12 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_EARLY_DATA)
- TEST_ASSERT(
- original.max_early_data_size == restored.max_early_data_size);
+ TEST_EQUAL(
+ original.max_early_data_size, restored.max_early_data_size);
#endif
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
- TEST_ASSERT(original.record_size_limit == restored.record_size_limit);
+ TEST_EQUAL(original.record_size_limit, restored.record_size_limit);
#endif
exit:
@@ -2563,15 +2553,15 @@
switch (tls_version) {
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case MBEDTLS_SSL_VERSION_TLS1_3:
- TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session(
- &session, 0, endpoint_type) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls13_populate_session(
+ &session, 0, endpoint_type), 0);
break;
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
case MBEDTLS_SSL_VERSION_TLS1_2:
- TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(
- &session, ticket_len, endpoint_type, crt_file) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls12_populate_session(
+ &session, ticket_len, endpoint_type, crt_file), 0);
break;
#endif
default:
@@ -2581,31 +2571,31 @@
}
/* Get desired buffer size for serializing */
- TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &len0)
- == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+ TEST_EQUAL(mbedtls_ssl_session_save(&session, NULL, 0, &len0),
+ MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
/* Allocate first buffer */
buf1 = mbedtls_calloc(1, len0);
TEST_ASSERT(buf1 != NULL);
/* Serialize to buffer and free live session */
- TEST_ASSERT(mbedtls_ssl_session_save(&session, buf1, len0, &len1)
- == 0);
- TEST_ASSERT(len0 == len1);
+ TEST_EQUAL(mbedtls_ssl_session_save(&session, buf1, len0, &len1),
+ 0);
+ TEST_EQUAL(len0, len1);
mbedtls_ssl_session_free(&session);
/* Restore session from serialized data */
- TEST_ASSERT(mbedtls_ssl_session_load(&session, buf1, len1) == 0);
+ TEST_EQUAL(mbedtls_ssl_session_load(&session, buf1, len1), 0);
/* Allocate second buffer and serialize to it */
buf2 = mbedtls_calloc(1, len0);
TEST_ASSERT(buf2 != NULL);
- TEST_ASSERT(mbedtls_ssl_session_save(&session, buf2, len0, &len2)
- == 0);
+ TEST_EQUAL(mbedtls_ssl_session_save(&session, buf2, len0, &len2),
+ 0);
/* Make sure both serialized versions are identical */
- TEST_ASSERT(len1 == len2);
- TEST_ASSERT(memcmp(buf1, buf2, len1) == 0);
+ TEST_EQUAL(len1, len2);
+ TEST_EQUAL(memcmp(buf1, buf2, len1), 0);
exit:
mbedtls_ssl_session_free(&session);
@@ -2636,14 +2626,14 @@
switch (tls_version) {
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case MBEDTLS_SSL_VERSION_TLS1_3:
- TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session(
- &session, 0, endpoint_type) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls13_populate_session(
+ &session, 0, endpoint_type), 0);
break;
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
case MBEDTLS_SSL_VERSION_TLS1_2:
- TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(
- &session, ticket_len, endpoint_type, crt_file) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls12_populate_session(
+ &session, ticket_len, endpoint_type, crt_file), 0);
break;
#endif
default:
@@ -2652,8 +2642,8 @@
break;
}
- TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len)
- == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+ TEST_EQUAL(mbedtls_ssl_session_save(&session, NULL, 0, &good_len),
+ MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
/* Try all possible bad lengths */
for (bad_len = 1; bad_len < good_len; bad_len++) {
@@ -2661,10 +2651,10 @@
mbedtls_free(buf);
buf = NULL;
TEST_CALLOC(buf, bad_len);
- TEST_ASSERT(mbedtls_ssl_session_save(&session, buf, bad_len,
- &test_len)
- == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
- TEST_ASSERT(test_len == good_len);
+ TEST_EQUAL(mbedtls_ssl_session_save(&session, buf, bad_len,
+ &test_len),
+ MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+ TEST_EQUAL(test_len, good_len);
}
exit:
@@ -2695,15 +2685,15 @@
switch (tls_version) {
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case MBEDTLS_SSL_VERSION_TLS1_3:
- TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session(
- &session, 0, endpoint_type) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls13_populate_session(
+ &session, 0, endpoint_type), 0);
break;
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
case MBEDTLS_SSL_VERSION_TLS1_2:
- TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(
- &session, ticket_len, endpoint_type, crt_file) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls12_populate_session(
+ &session, ticket_len, endpoint_type, crt_file), 0);
break;
#endif
@@ -2713,11 +2703,11 @@
break;
}
- TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len)
- == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+ TEST_EQUAL(mbedtls_ssl_session_save(&session, NULL, 0, &good_len),
+ MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
TEST_CALLOC(good_buf, good_len);
- TEST_ASSERT(mbedtls_ssl_session_save(&session, good_buf, good_len,
- &good_len) == 0);
+ TEST_EQUAL(mbedtls_ssl_session_save(&session, good_buf, good_len,
+ &good_len), 0);
mbedtls_ssl_session_free(&session);
/* Try all possible bad lengths */
@@ -2728,8 +2718,8 @@
TEST_CALLOC_NONNULL(bad_buf, bad_len);
memcpy(bad_buf, good_buf, bad_len);
- TEST_ASSERT(mbedtls_ssl_session_load(&session, bad_buf, bad_len)
- == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_ssl_session_load(&session, bad_buf, bad_len),
+ MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
}
exit:
@@ -2764,14 +2754,14 @@
switch (tls_version) {
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case MBEDTLS_SSL_VERSION_TLS1_3:
- TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session(
- &session, 0, endpoint_type) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls13_populate_session(
+ &session, 0, endpoint_type), 0);
break;
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
case MBEDTLS_SSL_VERSION_TLS1_2:
- TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(
- &session, 0, endpoint_type, NULL) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls12_populate_session(
+ &session, 0, endpoint_type, NULL), 0);
break;
#endif
@@ -2782,18 +2772,18 @@
}
/* Infer length of serialized session. */
- TEST_ASSERT(mbedtls_ssl_session_save(&session,
- serialized_session,
- sizeof(serialized_session),
- &serialized_session_len) == 0);
+ TEST_EQUAL(mbedtls_ssl_session_save(&session,
+ serialized_session,
+ sizeof(serialized_session),
+ &serialized_session_len), 0);
mbedtls_ssl_session_free(&session);
/* Without any modification, we should be able to successfully
* de-serialize the session - double-check that. */
- TEST_ASSERT(mbedtls_ssl_session_load(&session,
- serialized_session,
- serialized_session_len) == 0);
+ TEST_EQUAL(mbedtls_ssl_session_load(&session,
+ serialized_session,
+ serialized_session_len), 0);
mbedtls_ssl_session_free(&session);
/* Go through the bytes in the serialized session header and
@@ -2812,10 +2802,10 @@
*byte ^= corrupted_bit;
/* Attempt to deserialize */
- TEST_ASSERT(mbedtls_ssl_session_load(&session,
- serialized_session,
- serialized_session_len) ==
- MBEDTLS_ERR_SSL_VERSION_MISMATCH);
+ TEST_EQUAL(mbedtls_ssl_session_load(&session,
+ serialized_session,
+ serialized_session_len),
+ MBEDTLS_ERR_SSL_VERSION_MISMATCH);
/* Undo the change */
*byte ^= corrupted_bit;
@@ -2840,15 +2830,15 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case MBEDTLS_SSL_VERSION_TLS1_3:
ciphersuite_id = MBEDTLS_TLS1_3_AES_128_GCM_SHA256;
- TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session(
- &session, 0, MBEDTLS_SSL_IS_SERVER) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls13_populate_session(
+ &session, 0, MBEDTLS_SSL_IS_SERVER), 0);
break;
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
case MBEDTLS_SSL_VERSION_TLS1_2:
ciphersuite_id = MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256;
- TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(
- &session, 0, MBEDTLS_SSL_IS_SERVER, NULL) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_tls12_populate_session(
+ &session, 0, MBEDTLS_SSL_IS_SERVER, NULL), 0);
break;
#endif
@@ -2857,15 +2847,18 @@
TEST_ASSERT(0);
break;
}
+
+ /* We expect pointers to the same strings, not just strings with
+ * the same content. */
TEST_ASSERT(*mbedtls_ssl_session_get_id(&session) == session.id);
- TEST_ASSERT(mbedtls_ssl_session_get_id_len(&session) == session.id_len);
+ TEST_EQUAL(mbedtls_ssl_session_get_id_len(&session), session.id_len);
/* mbedtls_test_ssl_tls1x_populate_session sets a mock suite-id of 0xabcd */
- TEST_ASSERT(mbedtls_ssl_session_get_ciphersuite_id(&session) == 0xabcd);
+ TEST_EQUAL(mbedtls_ssl_session_get_ciphersuite_id(&session), 0xabcd);
/* Test setting a reference id for tls1.3 and tls1.2 */
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id);
if (ciphersuite_info != NULL) {
- TEST_ASSERT(mbedtls_ssl_ciphersuite_get_id(ciphersuite_info) == ciphersuite_id);
+ TEST_EQUAL(mbedtls_ssl_ciphersuite_get_id(ciphersuite_info), ciphersuite_id);
}
exit:
@@ -2879,6 +2872,7 @@
{
enum { BUFFSIZE = 1024 };
mbedtls_test_ssl_endpoint ep;
+ memset(&ep, 0, sizeof(ep));
int ret = -1;
mbedtls_test_handshake_test_options options;
mbedtls_test_init_handshake_options(&options);
@@ -2886,20 +2880,18 @@
MD_OR_USE_PSA_INIT();
- ret = mbedtls_test_ssl_endpoint_init(NULL, endpoint_type, &options,
- NULL, NULL, NULL);
- TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret);
+ ret = mbedtls_test_ssl_endpoint_init(NULL, endpoint_type, &options);
+ TEST_EQUAL(MBEDTLS_ERR_SSL_BAD_INPUT_DATA, ret);
ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, options.pk_alg,
0, 0, 0);
- TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret);
+ TEST_EQUAL(MBEDTLS_ERR_SSL_BAD_INPUT_DATA, ret);
- ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, &options,
- NULL, NULL, NULL);
- TEST_ASSERT(ret == 0);
+ ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, &options);
+ TEST_EQUAL(ret, 0);
exit:
- mbedtls_test_ssl_endpoint_free(&ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&ep);
mbedtls_test_free_handshake_options(&options);
MD_OR_USE_PSA_DONE();
}
@@ -2910,6 +2902,8 @@
{
enum { BUFFSIZE = 1024 };
mbedtls_test_ssl_endpoint base_ep, second_ep;
+ memset(&base_ep, 0, sizeof(base_ep));
+ memset(&second_ep, 0, sizeof(second_ep));
int ret = -1;
(void) tls_version;
@@ -2935,25 +2929,22 @@
#endif
MD_OR_USE_PSA_INIT();
- mbedtls_platform_zeroize(&base_ep, sizeof(base_ep));
- mbedtls_platform_zeroize(&second_ep, sizeof(second_ep));
- ret = mbedtls_test_ssl_endpoint_init(&base_ep, endpoint_type, &options,
- NULL, NULL, NULL);
- TEST_ASSERT(ret == 0);
+ ret = mbedtls_test_ssl_endpoint_init(&base_ep, endpoint_type, &options);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(
&second_ep,
(endpoint_type == MBEDTLS_SSL_IS_SERVER) ?
MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
- &options, NULL, NULL, NULL);
+ &options);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_test_mock_socket_connect(&(base_ep.socket),
&(second_ep.socket),
BUFFSIZE);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_test_move_handshake_to_state(&(base_ep.ssl),
&(second_ep.ssl),
@@ -2962,7 +2953,7 @@
TEST_ASSERT(ret == 0 ||
ret == MBEDTLS_ERR_SSL_WANT_READ ||
ret == MBEDTLS_ERR_SSL_WANT_WRITE);
- TEST_ASSERT(base_ep.ssl.state == state);
+ TEST_EQUAL(base_ep.ssl.state, state);
} else {
TEST_ASSERT(ret != 0 &&
ret != MBEDTLS_ERR_SSL_WANT_READ &&
@@ -2972,8 +2963,8 @@
exit:
mbedtls_test_free_handshake_options(&options);
- mbedtls_test_ssl_endpoint_free(&base_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&second_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&base_ep);
+ mbedtls_test_ssl_endpoint_free(&second_ep);
MD_OR_USE_PSA_DONE();
}
/* END_CASE */
@@ -3053,6 +3044,7 @@
options.opaque_alg = psa_alg;
options.opaque_alg2 = psa_alg2;
options.opaque_usage = psa_usage;
+ options.srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE;
options.expected_handshake_result = expected_handshake_result;
options.expected_ciphersuite = expected_ciphersuite;
@@ -3232,8 +3224,7 @@
client_options.cli_log_fun = mbedtls_test_ssl_log_analyzer;
#endif
TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL,
- NULL), 0);
+ &client_options), 0);
server_options.server_min_version = version;
server_options.server_max_version = version;
@@ -3242,8 +3233,7 @@
server_options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
#endif
TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL,
- NULL), 0);
+ &server_options), 0);
TEST_EQUAL(mbedtls_test_mock_socket_connect(&client.socket,
&server.socket,
@@ -3328,8 +3318,8 @@
#endif
exit:
- mbedtls_test_ssl_endpoint_free(&client, NULL);
- mbedtls_test_ssl_endpoint_free(&server, NULL);
+ mbedtls_test_ssl_endpoint_free(&client);
+ mbedtls_test_ssl_endpoint_free(&server);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
MD_OR_USE_PSA_DONE();
@@ -3415,13 +3405,13 @@
mbedtls_ssl_config_init(&conf);
MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_conf_psk(&conf,
- psk0, sizeof(psk0),
- psk0_identity, sizeof(psk0_identity)) == 0);
- TEST_ASSERT(mbedtls_ssl_conf_psk(&conf,
- psk1, sizeof(psk1),
- psk1_identity, sizeof(psk1_identity)) ==
- MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE);
+ TEST_EQUAL(mbedtls_ssl_conf_psk(&conf,
+ psk0, sizeof(psk0),
+ psk0_identity, sizeof(psk0_identity)), 0);
+ TEST_EQUAL(mbedtls_ssl_conf_psk(&conf,
+ psk1, sizeof(psk1),
+ psk1_identity, sizeof(psk1_identity)),
+ MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE);
exit:
mbedtls_ssl_config_free(&conf);
@@ -3460,43 +3450,43 @@
switch (mode) {
case 0:
- TEST_ASSERT(mbedtls_ssl_conf_psk(&conf,
- psk0_raw, sizeof(psk0_raw),
- psk0_raw_identity, sizeof(psk0_raw_identity))
- == 0);
- TEST_ASSERT(mbedtls_ssl_conf_psk_opaque(&conf,
- psk1_opaque,
- psk1_opaque_identity,
- sizeof(psk1_opaque_identity))
- == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE);
+ TEST_EQUAL(mbedtls_ssl_conf_psk(&conf,
+ psk0_raw, sizeof(psk0_raw),
+ psk0_raw_identity, sizeof(psk0_raw_identity)),
+ 0);
+ TEST_EQUAL(mbedtls_ssl_conf_psk_opaque(&conf,
+ psk1_opaque,
+ psk1_opaque_identity,
+ sizeof(psk1_opaque_identity)),
+ MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE);
break;
case 1:
- TEST_ASSERT(mbedtls_ssl_conf_psk_opaque(&conf,
- psk0_opaque,
- psk0_opaque_identity,
- sizeof(psk0_opaque_identity))
- == 0);
- TEST_ASSERT(mbedtls_ssl_conf_psk(&conf,
- psk1_raw, sizeof(psk1_raw),
- psk1_raw_identity, sizeof(psk1_raw_identity))
- == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE);
+ TEST_EQUAL(mbedtls_ssl_conf_psk_opaque(&conf,
+ psk0_opaque,
+ psk0_opaque_identity,
+ sizeof(psk0_opaque_identity)),
+ 0);
+ TEST_EQUAL(mbedtls_ssl_conf_psk(&conf,
+ psk1_raw, sizeof(psk1_raw),
+ psk1_raw_identity, sizeof(psk1_raw_identity)),
+ MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE);
break;
case 2:
- TEST_ASSERT(mbedtls_ssl_conf_psk_opaque(&conf,
- psk0_opaque,
- psk0_opaque_identity,
- sizeof(psk0_opaque_identity))
- == 0);
- TEST_ASSERT(mbedtls_ssl_conf_psk_opaque(&conf,
- psk1_opaque,
- psk1_opaque_identity,
- sizeof(psk1_opaque_identity))
- == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE);
+ TEST_EQUAL(mbedtls_ssl_conf_psk_opaque(&conf,
+ psk0_opaque,
+ psk0_opaque_identity,
+ sizeof(psk0_opaque_identity)),
+ 0);
+ TEST_EQUAL(mbedtls_ssl_conf_psk_opaque(&conf,
+ psk1_opaque,
+ psk1_opaque_identity,
+ sizeof(psk1_opaque_identity)),
+ MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE);
break;
@@ -3529,7 +3519,7 @@
mbedtls_ssl_conf_min_tls_version(&conf, min_tls_version);
mbedtls_ssl_conf_max_tls_version(&conf, max_tls_version);
- TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == expected_ssl_setup_result);
+ TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), expected_ssl_setup_result);
TEST_EQUAL(mbedtls_ssl_conf_get_endpoint(
mbedtls_ssl_context_get_config(&ssl)), endpoint);
@@ -3562,7 +3552,7 @@
mbedtls_ssl_init(&ssl);
MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+ TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);
TEST_ASSERT(ssl.conf != NULL && ssl.conf->group_list != NULL);
@@ -3587,6 +3577,8 @@
enum { BUFFSIZE = 1024 };
mbedtls_test_handshake_test_options options;
mbedtls_test_ssl_endpoint client, server;
+ memset(&client, 0, sizeof(client));
+ memset(&server, 0, sizeof(server));
mbedtls_test_ssl_log_pattern srv_pattern, cli_pattern;
mbedtls_test_message_socket_context server_context, client_context;
@@ -3597,49 +3589,45 @@
options.srv_log_obj = &srv_pattern;
options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
- mbedtls_platform_zeroize(&client, sizeof(client));
- mbedtls_platform_zeroize(&server, sizeof(server));
-
mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context);
MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
- &options, NULL, NULL,
- NULL) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
+ &options), 0);
- TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
- &options, NULL, NULL, NULL) == 0);
+ TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
+ &options), 0);
mbedtls_debug_set_threshold(1);
mbedtls_ssl_conf_dbg(&server.conf, options.srv_log_fun,
options.srv_log_obj);
- TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket),
- &(server.socket),
- BUFFSIZE) == 0);
+ TEST_EQUAL(mbedtls_test_mock_socket_connect(&(client.socket),
+ &(server.socket),
+ BUFFSIZE), 0);
- TEST_ASSERT(mbedtls_test_move_handshake_to_state(
- &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_WRAPUP)
- == 0);
+ TEST_EQUAL(mbedtls_test_move_handshake_to_state(
+ &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_WRAPUP),
+ 0);
/* Force a bad session_id_len that will be read by the server in
* mbedtls_ssl_cache_set. */
server.ssl.session_negotiate->id_len = 33;
if (options.cli_msg_len != 0 || options.srv_msg_len != 0) {
/* Start data exchanging test */
- TEST_ASSERT(mbedtls_test_ssl_exchange_data(
- &(client.ssl), options.cli_msg_len,
- options.expected_cli_fragments,
- &(server.ssl), options.srv_msg_len,
- options.expected_srv_fragments)
- == 0);
+ TEST_EQUAL(mbedtls_test_ssl_exchange_data(
+ &(client.ssl), options.cli_msg_len,
+ options.expected_cli_fragments,
+ &(server.ssl), options.srv_msg_len,
+ options.expected_srv_fragments),
+ 0);
}
/* Make sure that the cache did not store the session */
TEST_EQUAL(srv_pattern.counter, 1);
exit:
- mbedtls_test_ssl_endpoint_free(&client, NULL);
- mbedtls_test_ssl_endpoint_free(&server, NULL);
+ mbedtls_test_ssl_endpoint_free(&client);
+ mbedtls_test_ssl_endpoint_free(&server);
mbedtls_test_free_handshake_options(&options);
mbedtls_debug_set_threshold(0);
MD_OR_USE_PSA_DONE();
@@ -3686,7 +3674,7 @@
USE_PSA_INIT();
mbedtls_timing_set_delay(&delay_context, 50, 100);
- TEST_ASSERT(mbedtls_timing_get_final_delay(&delay_context) == 100);
+ TEST_EQUAL(mbedtls_timing_get_final_delay(&delay_context), 100);
exit:
USE_PSA_DONE();
@@ -3710,63 +3698,63 @@
mbedtls_ssl_config_init(&conf);
MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_STREAM,
- MBEDTLS_SSL_PRESET_DEFAULT)
- == 0);
+ TEST_EQUAL(mbedtls_ssl_config_defaults(&conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT),
+ 0);
- TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+ TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);
/* Can't use CID functions with stream transport. */
- TEST_ASSERT(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_ENABLED, own_cid,
- sizeof(own_cid))
- == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_ENABLED, own_cid,
+ sizeof(own_cid)),
+ MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
- TEST_ASSERT(mbedtls_ssl_get_own_cid(&ssl, &cid_enabled, test_cid,
- &own_cid_len)
- == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_ssl_get_own_cid(&ssl, &cid_enabled, test_cid,
+ &own_cid_len),
+ MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
- TEST_ASSERT(mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_DATAGRAM,
- MBEDTLS_SSL_PRESET_DEFAULT)
- == 0);
+ TEST_EQUAL(mbedtls_ssl_config_defaults(&conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+ MBEDTLS_SSL_PRESET_DEFAULT),
+ 0);
/* Attempt to set config cid size too big. */
- TEST_ASSERT(mbedtls_ssl_conf_cid(&conf, MBEDTLS_SSL_CID_IN_LEN_MAX + 1,
- MBEDTLS_SSL_UNEXPECTED_CID_IGNORE)
- == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_ssl_conf_cid(&conf, MBEDTLS_SSL_CID_IN_LEN_MAX + 1,
+ MBEDTLS_SSL_UNEXPECTED_CID_IGNORE),
+ MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
- TEST_ASSERT(mbedtls_ssl_conf_cid(&conf, sizeof(own_cid),
- MBEDTLS_SSL_UNEXPECTED_CID_IGNORE)
- == 0);
+ TEST_EQUAL(mbedtls_ssl_conf_cid(&conf, sizeof(own_cid),
+ MBEDTLS_SSL_UNEXPECTED_CID_IGNORE),
+ 0);
/* Attempt to set CID length not matching config. */
- TEST_ASSERT(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_ENABLED, own_cid,
- MBEDTLS_SSL_CID_IN_LEN_MAX - 1)
- == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_ENABLED, own_cid,
+ MBEDTLS_SSL_CID_IN_LEN_MAX - 1),
+ MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
- TEST_ASSERT(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_ENABLED, own_cid,
- sizeof(own_cid))
- == 0);
+ TEST_EQUAL(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_ENABLED, own_cid,
+ sizeof(own_cid)),
+ 0);
/* Test we get back what we put in. */
- TEST_ASSERT(mbedtls_ssl_get_own_cid(&ssl, &cid_enabled, test_cid,
- &own_cid_len)
- == 0);
+ TEST_EQUAL(mbedtls_ssl_get_own_cid(&ssl, &cid_enabled, test_cid,
+ &own_cid_len),
+ 0);
TEST_EQUAL(cid_enabled, MBEDTLS_SSL_CID_ENABLED);
TEST_MEMORY_COMPARE(own_cid, own_cid_len, test_cid, own_cid_len);
/* Test disabling works. */
- TEST_ASSERT(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_DISABLED, NULL,
- 0)
- == 0);
+ TEST_EQUAL(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_DISABLED, NULL,
+ 0),
+ 0);
- TEST_ASSERT(mbedtls_ssl_get_own_cid(&ssl, &cid_enabled, test_cid,
- &own_cid_len)
- == 0);
+ TEST_EQUAL(mbedtls_ssl_get_own_cid(&ssl, &cid_enabled, test_cid,
+ &own_cid_len),
+ 0);
TEST_EQUAL(cid_enabled, MBEDTLS_SSL_CID_DISABLED);
@@ -3782,6 +3770,8 @@
{
enum { BUFFSIZE = 17000 };
mbedtls_test_ssl_endpoint client, server;
+ memset(&client, 0, sizeof(client));
+ memset(&server, 0, sizeof(server));
mbedtls_psa_stats_t stats;
size_t free_slots_before = -1;
mbedtls_test_handshake_test_options client_options, server_options;
@@ -3791,8 +3781,6 @@
uint16_t iana_tls_group_list[] = { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1,
MBEDTLS_SSL_IANA_TLS_GROUP_NONE };
MD_OR_USE_PSA_INIT();
- mbedtls_platform_zeroize(&client, sizeof(client));
- mbedtls_platform_zeroize(&server, sizeof(server));
/* Client side, force SECP256R1 to make one key bitflip fail
* the raw key agreement. Flipping the first byte makes the
@@ -3800,16 +3788,14 @@
client_options.pk_alg = MBEDTLS_PK_ECDSA;
client_options.group_list = iana_tls_group_list;
TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL,
- NULL), 0);
+ &client_options), 0);
/* Server side */
server_options.pk_alg = MBEDTLS_PK_ECDSA;
server_options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2;
server_options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2;
TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL,
- NULL), 0);
+ &server_options), 0);
TEST_EQUAL(mbedtls_test_mock_socket_connect(&(client.socket),
&(server.socket),
@@ -3843,8 +3829,8 @@
}
exit:
- mbedtls_test_ssl_endpoint_free(&client, NULL);
- mbedtls_test_ssl_endpoint_free(&server, NULL);
+ mbedtls_test_ssl_endpoint_free(&client);
+ mbedtls_test_ssl_endpoint_free(&server);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
@@ -3856,6 +3842,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
unsigned char *buf, *end;
size_t buf_len;
int step = 0;
@@ -3867,21 +3855,19 @@
/*
* Test set-up
*/
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
MD_OR_USE_PSA_INIT();
client_options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL);
+ &client_options);
TEST_EQUAL(ret, 0);
mbedtls_test_init_handshake_options(&server_options);
server_options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL);
+ &server_options);
TEST_EQUAL(ret, 0);
ret = mbedtls_test_mock_socket_connect(&(client_ep.socket),
@@ -3925,8 +3911,8 @@
ret = mbedtls_ssl_tls13_parse_certificate(&(client_ep.ssl), buf, end);
TEST_EQUAL(ret, expected_result);
- TEST_ASSERT(mbedtls_ssl_cmp_chk_buf_ptr_fail_args(
- &expected_chk_buf_ptr_args) == 0);
+ TEST_EQUAL(mbedtls_ssl_cmp_chk_buf_ptr_fail_args(
+ &expected_chk_buf_ptr_args), 0);
mbedtls_ssl_reset_chk_buf_ptr_fail_args();
@@ -3939,8 +3925,8 @@
exit:
mbedtls_ssl_reset_chk_buf_ptr_fail_args();
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
MD_OR_USE_PSA_DONE();
@@ -4105,12 +4091,12 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -4131,11 +4117,11 @@
* Prepare for handshake with the ticket.
*/
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL);
+ &client_options);
TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL);
+ &server_options);
TEST_EQUAL(ret, 0);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
@@ -4168,8 +4154,8 @@
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL);
exit:
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
mbedtls_ssl_session_free(&saved_session);
@@ -4190,6 +4176,8 @@
const char *early_data = "This is early data.";
size_t early_data_len = strlen(early_data);
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -4200,8 +4188,6 @@
MBEDTLS_SSL_IANA_TLS_GROUP_NONE
};
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -4293,13 +4279,13 @@
}
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL);
+ &client_options);
TEST_EQUAL(ret, 0);
server_options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
server_options.srv_log_obj = &server_pattern;
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL);
+ &server_options);
TEST_EQUAL(ret, 0);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
@@ -4374,8 +4360,8 @@
MBEDTLS_SSL_HANDSHAKE_OVER), 0);
exit:
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
mbedtls_ssl_session_free(&saved_session);
@@ -4389,6 +4375,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -4399,8 +4387,6 @@
};
uint8_t client_random[MBEDTLS_CLIENT_HELLO_RANDOM_LEN];
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -4447,11 +4433,11 @@
}
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL);
+ &client_options);
TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL);
+ &server_options);
TEST_EQUAL(ret, 0);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
@@ -4667,7 +4653,7 @@
break;
case MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO:
- TEST_ASSERT(scenario == TEST_EARLY_DATA_HRR);
+ TEST_EQUAL(scenario, TEST_EARLY_DATA_HRR);
TEST_EQUAL(client_ep.ssl.early_data_state,
MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED);
break;
@@ -4748,8 +4734,8 @@
#endif
exit:
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
mbedtls_ssl_session_free(&saved_session);
@@ -4762,6 +4748,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -4772,8 +4760,6 @@
};
int beyond_first_hello = 0;
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -4824,11 +4810,11 @@
}
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL);
+ &client_options);
TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL);
+ &server_options);
TEST_EQUAL(ret, 0);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
@@ -5068,12 +5054,12 @@
* this first part of the handshake with HRR.
*/
if ((scenario == TEST_EARLY_DATA_HRR) && (beyond_first_hello)) {
- TEST_ASSERT(mbedtls_test_move_handshake_to_state(
- &(client_ep.ssl), &(server_ep.ssl),
- MBEDTLS_SSL_SERVER_HELLO) == 0);
- TEST_ASSERT(mbedtls_test_move_handshake_to_state(
- &(client_ep.ssl), &(server_ep.ssl),
- MBEDTLS_SSL_CLIENT_HELLO) == 0);
+ TEST_EQUAL(mbedtls_test_move_handshake_to_state(
+ &(client_ep.ssl), &(server_ep.ssl),
+ MBEDTLS_SSL_SERVER_HELLO), 0);
+ TEST_EQUAL(mbedtls_test_move_handshake_to_state(
+ &(client_ep.ssl), &(server_ep.ssl),
+ MBEDTLS_SSL_CLIENT_HELLO), 0);
}
TEST_EQUAL(mbedtls_test_move_handshake_to_state(
@@ -5097,8 +5083,8 @@
} while (1);
exit:
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
mbedtls_ssl_session_free(&saved_session);
@@ -5111,6 +5097,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -5120,8 +5108,6 @@
uint32_t written_early_data_size = 0;
uint32_t read_early_data_size = 0;
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -5147,11 +5133,11 @@
* Prepare for handshake with the ticket.
*/
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL);
+ &client_options);
TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL);
+ &server_options);
TEST_EQUAL(ret, 0);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
@@ -5239,13 +5225,13 @@
ret = mbedtls_ssl_handshake(&(server_ep.ssl));
TEST_EQUAL(ret, MBEDTLS_ERR_SSL_WANT_READ);
- TEST_ASSERT(mbedtls_test_move_handshake_to_state(
- &(client_ep.ssl), &(server_ep.ssl), MBEDTLS_SSL_HANDSHAKE_OVER)
- == 0);
+ TEST_EQUAL(mbedtls_test_move_handshake_to_state(
+ &(client_ep.ssl), &(server_ep.ssl), MBEDTLS_SSL_HANDSHAKE_OVER),
+ 0);
exit:
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
mbedtls_ssl_session_free(&saved_session);
@@ -5264,6 +5250,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -5282,8 +5270,6 @@
uint32_t written_early_data_size = 0;
uint32_t max_early_data_size;
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -5351,11 +5337,11 @@
}
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL);
+ &client_options);
TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL);
+ &server_options);
TEST_EQUAL(ret, 0);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
@@ -5473,7 +5459,7 @@
goto exit;
}
- TEST_ASSERT(ret == MBEDTLS_ERR_SSL_WANT_READ);
+ TEST_EQUAL(ret, MBEDTLS_ERR_SSL_WANT_READ);
TEST_EQUAL(server_pattern.counter, 1);
server_pattern.counter = 0;
@@ -5498,8 +5484,8 @@
TEST_EQUAL(server_pattern.counter, 1);
exit:
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
mbedtls_test_free_handshake_options(&client_options);
mbedtls_test_free_handshake_options(&server_options);
mbedtls_ssl_session_free(&saved_session);
@@ -5547,16 +5533,16 @@
options.pk_alg = pk_alg;
ret = mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
- &options, NULL, NULL, NULL);
- TEST_EQUAL(ret, 0);
+ &options);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
- &options, NULL, NULL, NULL);
- TEST_EQUAL(ret, 0);
+ &options);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_test_mock_socket_connect(&server.socket, &client.socket,
BUFFSIZE);
- TEST_EQUAL(ret, 0);
+ TEST_EQUAL(ret, 0);
/* Make the server move to the required state */
ret = mbedtls_test_move_handshake_to_state(&client.ssl, &server.ssl, state);
@@ -5573,13 +5559,13 @@
do {
ret = mbedtls_ssl_handshake_step(&server.ssl);
} while (ret == 0 && server.ssl.state == state);
- TEST_EQUAL(ret, expected_ret);
+ TEST_EQUAL(ret, expected_ret);
TEST_ASSERT(srv_pattern.counter >= 1);
exit:
mbedtls_test_free_handshake_options(&options);
- mbedtls_test_ssl_endpoint_free(&server, NULL);
- mbedtls_test_ssl_endpoint_free(&client, NULL);
+ mbedtls_test_ssl_endpoint_free(&server);
+ mbedtls_test_ssl_endpoint_free(&client);
mbedtls_debug_set_threshold(0);
PSA_DONE();
}
@@ -5625,16 +5611,16 @@
options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
- &options, NULL, NULL, NULL);
- TEST_EQUAL(ret, 0);
+ &options);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
- &options, NULL, NULL, NULL);
- TEST_EQUAL(ret, 0);
+ &options);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_test_mock_socket_connect(&server.socket, &client.socket,
BUFFSIZE);
- TEST_EQUAL(ret, 0);
+ TEST_EQUAL(ret, 0);
/* Make the server move past the initial dummy state */
ret = mbedtls_test_move_handshake_to_state(&client.ssl, &server.ssl,
@@ -5692,8 +5678,8 @@
exit:
mbedtls_test_free_handshake_options(&options);
- mbedtls_test_ssl_endpoint_free(&server, NULL);
- mbedtls_test_ssl_endpoint_free(&client, NULL);
+ mbedtls_test_ssl_endpoint_free(&server);
+ mbedtls_test_ssl_endpoint_free(&client);
mbedtls_debug_set_threshold(0);
mbedtls_free(first_frag);
PSA_DONE();
@@ -5709,12 +5695,14 @@
uint8_t *key_buffer_server = NULL;
uint8_t *key_buffer_client = NULL;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
MD_OR_USE_PSA_INIT();
ret = mbedtls_test_ssl_do_handshake_with_endpoints(&server_ep, &client_ep, &options, proto);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
TEST_ASSERT(exported_key_length > 0);
TEST_CALLOC(key_buffer_server, exported_key_length);
@@ -5729,17 +5717,17 @@
key_buffer_server, (size_t) exported_key_length,
label, sizeof(label),
context, sizeof(context), use_context);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_ssl_export_keying_material(&client_ep.ssl,
key_buffer_client, (size_t) exported_key_length,
label, sizeof(label),
context, sizeof(context), use_context);
- TEST_ASSERT(ret == 0);
- TEST_ASSERT(memcmp(key_buffer_server, key_buffer_client, (size_t) exported_key_length) == 0);
+ TEST_EQUAL(ret, 0);
+ TEST_EQUAL(memcmp(key_buffer_server, key_buffer_client, (size_t) exported_key_length), 0);
exit:
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
mbedtls_test_free_handshake_options(&options);
mbedtls_free(key_buffer_server);
mbedtls_free(key_buffer_client);
@@ -5754,12 +5742,14 @@
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
MD_OR_USE_PSA_INIT();
ret = mbedtls_test_ssl_do_handshake_with_endpoints(&server_ep, &client_ep, &options, proto);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
char label_server[] = "test-label-server";
char label_client[] = "test-label-client";
@@ -5770,17 +5760,17 @@
key_buffer_server, sizeof(key_buffer_server),
label_server, sizeof(label_server),
context, sizeof(context), 1);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_ssl_export_keying_material(&client_ep.ssl,
key_buffer_client, sizeof(key_buffer_client),
label_client, sizeof(label_client),
context, sizeof(context), 1);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
TEST_ASSERT(memcmp(key_buffer_server, key_buffer_client, sizeof(key_buffer_server)) != 0);
exit:
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
mbedtls_test_free_handshake_options(&options);
MD_OR_USE_PSA_DONE();
}
@@ -5793,12 +5783,14 @@
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
MD_OR_USE_PSA_INIT();
ret = mbedtls_test_ssl_do_handshake_with_endpoints(&server_ep, &client_ep, &options, proto);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
char label[] = "test-label";
uint8_t key_buffer_server[24] = { 0 };
@@ -5809,17 +5801,17 @@
key_buffer_server, sizeof(key_buffer_server),
label, sizeof(label),
context_server, sizeof(context_server), 1);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_ssl_export_keying_material(&client_ep.ssl,
key_buffer_client, sizeof(key_buffer_client),
label, sizeof(label),
context_client, sizeof(context_client), 1);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
TEST_ASSERT(memcmp(key_buffer_server, key_buffer_client, sizeof(key_buffer_server)) != 0);
exit:
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
mbedtls_test_free_handshake_options(&options);
MD_OR_USE_PSA_DONE();
}
@@ -5833,6 +5825,8 @@
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
MD_OR_USE_PSA_INIT();
@@ -5841,7 +5835,7 @@
&client_ep,
&options,
MBEDTLS_SSL_VERSION_TLS1_3);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
char label[] = "test-label";
uint8_t key_buffer_server[16] = { 0 };
@@ -5851,17 +5845,17 @@
key_buffer_server, sizeof(key_buffer_server),
label, sizeof(label),
context, sizeof(context), 1);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_ssl_export_keying_material(&client_ep.ssl,
key_buffer_client, sizeof(key_buffer_client),
label, sizeof(label),
context, sizeof(context), 1);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
TEST_ASSERT(memcmp(key_buffer_server, key_buffer_client, sizeof(key_buffer_server)) != 0);
exit:
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
mbedtls_test_free_handshake_options(&options);
MD_OR_USE_PSA_DONE();
}
@@ -5876,6 +5870,8 @@
char *label = NULL;
uint8_t *context = NULL;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
TEST_ASSERT(exported_key_length > 0);
@@ -5888,17 +5884,17 @@
MD_OR_USE_PSA_INIT();
ret = mbedtls_test_ssl_do_handshake_with_endpoints(&server_ep, &client_ep, &options, proto);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_ssl_export_keying_material(&client_ep.ssl,
key_buffer, exported_key_length,
label, label_length,
context, context_length, 1);
- TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(ret, MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
exit:
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
mbedtls_test_free_handshake_options(&options);
mbedtls_free(key_buffer);
mbedtls_free(label);
@@ -5914,6 +5910,8 @@
int ret = -1;
mbedtls_test_ssl_endpoint server_ep, client_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
mbedtls_test_init_handshake_options(&options);
@@ -5924,22 +5922,22 @@
MD_OR_USE_PSA_INIT();
- ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, &options,
- NULL, NULL, NULL);
- TEST_ASSERT(ret == 0);
- ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, &options,
- NULL, NULL, NULL);
- TEST_ASSERT(ret == 0);
+ ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, &options);
+ TEST_EQUAL(ret, 0);
+ ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, &options);
+ TEST_EQUAL(ret, 0);
ret = mbedtls_test_mock_socket_connect(&client_ep.socket, &server_ep.socket, BUFFSIZE);
- TEST_ASSERT(ret == 0);
+ TEST_EQUAL(ret, 0);
if (check_server) {
ret = mbedtls_test_move_handshake_to_state(&server_ep.ssl, &client_ep.ssl, state);
} else {
ret = mbedtls_test_move_handshake_to_state(&client_ep.ssl, &server_ep.ssl, state);
}
- TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_WANT_READ || MBEDTLS_ERR_SSL_WANT_WRITE);
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ TEST_EQUAL(ret, 0);
+ }
char label[] = "test-label";
uint8_t key_buffer[24] = { 0 };
@@ -5949,11 +5947,11 @@
NULL, 0, 0);
/* FIXME: A more appropriate error code should be created for this case. */
- TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ TEST_EQUAL(ret, MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
exit:
- mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
- mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&server_ep);
+ mbedtls_test_ssl_endpoint_free(&client_ep);
mbedtls_test_free_handshake_options(&options);
MD_OR_USE_PSA_DONE();
}
diff --git a/tests/suites/test_suite_ssl_decrypt.function b/tests/suites/test_suite_ssl_decrypt.function
index 909e6cf..37265de 100644
--- a/tests/suites/test_suite_ssl_decrypt.function
+++ b/tests/suites/test_suite_ssl_decrypt.function
@@ -37,7 +37,8 @@
mbedtls_ssl_write_version(rec_good.ver,
MBEDTLS_SSL_TRANSPORT_STREAM,
version);
- const char sample_plaintext[3] = "ABC";
+ /* We need to tell the compiler that we meant to leave out the null character. */
+ const char sample_plaintext[3] MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING = "ABC";
mbedtls_ssl_context ssl;
mbedtls_ssl_init(&ssl);
uint8_t *buf = NULL;
diff --git a/tests/suites/test_suite_x509_oid.data b/tests/suites/test_suite_x509_oid.data
new file mode 100644
index 0000000..09bd652
--- /dev/null
+++ b/tests/suites/test_suite_x509_oid.data
@@ -0,0 +1,106 @@
+OID get Any Policy certificate policy
+oid_get_certificate_policies:"551D2000":"Any Policy"
+
+OID get certificate policy invalid oid
+oid_get_certificate_policies:"5533445566":""
+
+OID get certificate policy wrong oid - id-ce-authorityKeyIdentifier
+oid_get_certificate_policies:"551D23":""
+
+OID get Ext Key Usage - id-kp-serverAuth
+oid_get_extended_key_usage:"2B06010505070301":"TLS Web Server Authentication"
+
+OID get Ext Key Usage - id-kp-clientAuth
+oid_get_extended_key_usage:"2B06010505070302":"TLS Web Client Authentication"
+
+OID get Ext Key Usage - id-kp-codeSigning
+oid_get_extended_key_usage:"2B06010505070303":"Code Signing"
+
+OID get Ext Key Usage - id-kp-emailProtection
+oid_get_extended_key_usage:"2B06010505070304":"E-mail Protection"
+
+OID get Ext Key Usage - id-kp-timeStamping
+oid_get_extended_key_usage:"2B06010505070308":"Time Stamping"
+
+OID get Ext Key Usage - id-kp-OCSPSigning
+oid_get_extended_key_usage:"2B06010505070309":"OCSP Signing"
+
+OID get Ext Key Usage - id-kp-wisun-fan-device
+oid_get_extended_key_usage:"2B0601040182E42501":"Wi-SUN Alliance Field Area Network (FAN)"
+
+OID get Ext Key Usage invalid oid
+oid_get_extended_key_usage:"5533445566":""
+
+OID get Ext Key Usage wrong oid - id-ce-authorityKeyIdentifier
+oid_get_extended_key_usage:"551D23":""
+
+OID get x509 extension - id-ce-basicConstraints
+oid_get_x509_extension:"551D13":MBEDTLS_X509_EXT_BASIC_CONSTRAINTS
+
+OID get x509 extension - id-ce-keyUsage
+oid_get_x509_extension:"551D0F":MBEDTLS_X509_EXT_KEY_USAGE
+
+OID get x509 extension - id-ce-extKeyUsage
+oid_get_x509_extension:"551D25":MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE
+
+OID get x509 extension - id-ce-subjectAltName
+oid_get_x509_extension:"551D11":MBEDTLS_X509_EXT_SUBJECT_ALT_NAME
+
+OID get x509 extension - id-netscape-certtype
+oid_get_x509_extension:"6086480186F8420101":MBEDTLS_X509_EXT_NS_CERT_TYPE
+
+OID get x509 extension - id-ce-certificatePolicies
+oid_get_x509_extension:"551D20":MBEDTLS_X509_EXT_CERTIFICATE_POLICIES
+
+OID get x509 extension - invalid oid
+oid_get_x509_extension:"5533445566":0
+
+OID get x509 extension - wrong oid - id-ce
+oid_get_x509_extension:"551D":0
+
+OID hash id - id-md5
+depends_on:PSA_WANT_ALG_MD5
+oid_get_md_alg_id:"2A864886f70d0205":MBEDTLS_MD_MD5
+
+OID hash id - id-sha1
+depends_on:PSA_WANT_ALG_SHA_1
+oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1
+
+OID hash id - id-sha224
+depends_on:PSA_WANT_ALG_SHA_224
+oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224
+
+OID hash id - id-sha256
+depends_on:PSA_WANT_ALG_SHA_256
+oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256
+
+OID hash id - id-sha384
+depends_on:PSA_WANT_ALG_SHA_384
+oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384
+
+OID hash id - id-sha512
+depends_on:PSA_WANT_ALG_SHA_512
+oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512
+
+OID hash id - id-sha3-224
+depends_on:PSA_WANT_ALG_SHA3_224
+oid_get_md_alg_id:"608648016503040207":MBEDTLS_MD_SHA3_224
+
+OID hash id - id-sha3-256
+depends_on:PSA_WANT_ALG_SHA3_256
+oid_get_md_alg_id:"608648016503040208":MBEDTLS_MD_SHA3_256
+
+OID hash id - id-sha3-384
+depends_on:PSA_WANT_ALG_SHA3_384
+oid_get_md_alg_id:"608648016503040209":MBEDTLS_MD_SHA3_384
+
+OID hash id - id-sha3-512
+depends_on:PSA_WANT_ALG_SHA3_512
+oid_get_md_alg_id:"60864801650304020a":MBEDTLS_MD_SHA3_512
+
+OID hash id - id-ripemd160
+depends_on:PSA_WANT_ALG_RIPEMD160
+oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160
+
+OID hash id - invalid oid
+oid_get_md_alg_id:"2B864886f70d0204":-1
diff --git a/tests/suites/test_suite_x509_oid.function b/tests/suites/test_suite_x509_oid.function
new file mode 100644
index 0000000..b988aa0
--- /dev/null
+++ b/tests/suites/test_suite_x509_oid.function
@@ -0,0 +1,92 @@
+/* BEGIN_HEADER */
+#include "x509_oid.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "string.h"
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
+void oid_get_certificate_policies(data_t *oid, char *result_str)
+{
+ mbedtls_asn1_buf asn1_buf = { 0, 0, NULL };
+ int ret;
+ const char *desc;
+
+ asn1_buf.tag = MBEDTLS_ASN1_OID;
+ asn1_buf.p = oid->x;
+ asn1_buf.len = oid->len;
+
+ ret = mbedtls_x509_oid_get_certificate_policies(&asn1_buf, &desc);
+ if (strlen(result_str) == 0) {
+ TEST_ASSERT(ret == MBEDTLS_ERR_X509_UNKNOWN_OID);
+ } else {
+ TEST_ASSERT(ret == 0);
+ TEST_ASSERT(strcmp((char *) desc, result_str) == 0);
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
+void oid_get_extended_key_usage(data_t *oid, char *result_str)
+{
+ mbedtls_asn1_buf asn1_buf = { 0, 0, NULL };
+ int ret;
+ const char *desc;
+
+ asn1_buf.tag = MBEDTLS_ASN1_OID;
+ asn1_buf.p = oid->x;
+ asn1_buf.len = oid->len;
+
+ ret = mbedtls_x509_oid_get_extended_key_usage(&asn1_buf, &desc);
+ if (strlen(result_str) == 0) {
+ TEST_ASSERT(ret == MBEDTLS_ERR_X509_UNKNOWN_OID);
+ } else {
+ TEST_ASSERT(ret == 0);
+ TEST_ASSERT(strcmp((char *) desc, result_str) == 0);
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_OID_HAVE_GET_X509_EXT_TYPE */
+void oid_get_x509_extension(data_t *oid, int exp_type)
+{
+ mbedtls_asn1_buf ext_oid = { 0, 0, NULL };
+ int ret;
+ int ext_type;
+
+ ext_oid.tag = MBEDTLS_ASN1_OID;
+ ext_oid.p = oid->x;
+ ext_oid.len = oid->len;
+
+ ret = mbedtls_x509_oid_get_x509_ext_type(&ext_oid, &ext_type);
+ if (exp_type == 0) {
+ TEST_ASSERT(ret == MBEDTLS_ERR_X509_UNKNOWN_OID);
+ } else {
+ TEST_ASSERT(ret == 0);
+ TEST_ASSERT(ext_type == exp_type);
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_OID_HAVE_GET_MD_ALG */
+void oid_get_md_alg_id(data_t *oid, int exp_md_id)
+{
+ mbedtls_asn1_buf md_oid = { 0, 0, NULL };
+ int ret;
+ mbedtls_md_type_t md_id = 0;
+
+ md_oid.tag = MBEDTLS_ASN1_OID;
+ md_oid.p = oid->x;
+ md_oid.len = oid->len;
+
+ ret = mbedtls_x509_oid_get_md_alg(&md_oid, &md_id);
+
+ if (exp_md_id < 0) {
+ TEST_ASSERT(ret == MBEDTLS_ERR_X509_UNKNOWN_OID);
+ TEST_ASSERT(md_id == 0);
+ } else {
+ TEST_ASSERT(ret == 0);
+ TEST_ASSERT((mbedtls_md_type_t) exp_md_id == md_id);
+ }
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index d962f34..c2a7f30 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -48,23 +48,23 @@
X509 CRT information RSA-PSS, SHA1 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_1
-x509_cert_info:"../framework/data_files/parse_input/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"../framework/data_files/parse_input/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
X509 CRT information RSA-PSS, SHA224 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_224
-x509_cert_info:"../framework/data_files/parse_input/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"../framework/data_files/parse_input/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
X509 CRT information RSA-PSS, SHA256 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_256
-x509_cert_info:"../framework/data_files/parse_input/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"../framework/data_files/parse_input/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
X509 CRT information RSA-PSS, SHA384 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_384
-x509_cert_info:"../framework/data_files/parse_input/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"../framework/data_files/parse_input/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
X509 CRT information RSA-PSS, SHA512 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_512
-x509_cert_info:"../framework/data_files/parse_input/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"../framework/data_files/parse_input/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
X509 CRT information EC, SHA1 Digest
depends_on:MBEDTLS_PEM_PARSE_C:PSA_HAVE_ALG_SOME_ECDSA:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_1
@@ -268,23 +268,23 @@
X509 CRL information RSA-PSS, SHA1 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_1
-mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n"
+mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1)\n"
X509 CRL information RSA-PSS, SHA224 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_224
-mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n"
+mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224)\n"
X509 CRL information RSA-PSS, SHA256 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_256
-mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n"
+mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256)\n"
X509 CRL information RSA-PSS, SHA384 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_384
-mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n"
+mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384)\n"
X509 CRL information RSA-PSS, SHA512 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_512
-mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n"
+mbedtls_x509_crl_info:"../framework/data_files/parse_input/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512)\n"
X509 CRL Information EC, SHA1 Digest
depends_on:MBEDTLS_PEM_PARSE_C:PSA_WANT_ALG_SHA_1:PSA_HAVE_ALG_SOME_ECDSA
@@ -368,23 +368,23 @@
X509 CSR Information RSA-PSS with SHA1
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_1:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
+mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
X509 CSR Information RSA-PSS with SHA224
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_224:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
+mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
X509 CSR Information RSA-PSS with SHA256
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_256:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
+mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
X509 CSR Information RSA-PSS with SHA384
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_384:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
+mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
X509 CSR Information RSA-PSS with SHA512
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_512:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
+mbedtls_x509_csr_info:"../framework/data_files/parse_input/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n"
X509 CSR Information RSA with SHA256 - Microsoft header
depends_on:MBEDTLS_PEM_PARSE_C:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
@@ -903,10 +903,6 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_1:MBEDTLS_USE_PSA_CRYPTO
x509_verify:"../framework/data_files/server9-bad-saltlen.crt":"../framework/data_files/test-ca.crt":"../framework/data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL"
-X509 CRT verification #69 (RSASSA-PSS, wrong mgf_hash)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_1
-x509_verify:"../framework/data_files/server9-bad-mgfhash.crt":"../framework/data_files/test-ca.crt":"../framework/data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL"
-
X509 CRT verification #70 (v1 trusted CA)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_1
x509_verify:"../framework/data_files/server1-v1.crt":"../framework/data_files/test-ca-v1.crt":"../framework/data_files/crl.pem":"NULL":0:0:"compat":"NULL"
@@ -1334,15 +1330,15 @@
X509 CRT ASN1 (TBS, valid version tag + length, unknown version number 3)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"308196308180a0030201038204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION
+x509parse_crt:"308196308180a0030201038204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION
X509 CRT ASN1 (TBS, valid version tag + length, unknown version number 4)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"308196308180a0030201048204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION
+x509parse_crt:"308196308180a0030201048204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION
X509 CRT ASN1 (TBS, valid version tag + length, version number overflow)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"308199308183a00602047FFFFFFF8204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION
+x509parse_crt:"308199308183a00602047FFFFFFF8204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION
X509 CRT ASN1 (TBS, serial missing)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
@@ -1374,47 +1370,47 @@
X509 CRT ASN1 (TBS, inv AlgID, OID missing)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"307b3073a0030201008204deadbeef3000300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff3000030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"307b3073a0030201008204deadbeef3000300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff0201033000030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv AlgID, OID tag wrong)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"307f3075a0030201008204deadbeef30020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30020500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"307f3075a0030201008204deadbeef30020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff02010330020500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv AlgID, OID inv length encoding)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"307f3075a0030201008204deadbeef30020685300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30020685030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"307f3075a0030201008204deadbeef30020685300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff02010330020685030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv AlgID, OID length out of bounds)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"307f3075a0030201008204deadbeef30020601300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30020601030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"307f3075a0030201008204deadbeef30020601300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff02010330020601030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv AlgID, OID empty)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"307f3075a0030201008204deadbeef30020600300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30020600030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, MBEDTLS_ERR_OID_NOT_FOUND)
+x509parse_crt:"307f3075a0030201008204deadbeef30020600300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff02010330020600030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, MBEDTLS_ERR_X509_UNKNOWN_OID)
X509 CRT ASN1 (TBS, inv AlgID, OID unknown)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"3081873079a0030201008204deadbeef30060604deadbeef300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30060604deadbeef030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, MBEDTLS_ERR_OID_NOT_FOUND)
+x509parse_crt:"3081873079a0030201008204deadbeef30060604deadbeef300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff02010330060604deadbeef030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, MBEDTLS_ERR_X509_UNKNOWN_OID)
X509 CRT ASN1 (TBS, inv AlgID, param inv length encoding)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0685300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0685030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0685300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0685030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv AlgID, param length out of bounds)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0601300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0601030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0601300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0601030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv AlgID, param length mismatch)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"30819a308182a0030201008204deadbeef300f06092a864886f70d01010b06010000300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300f06092a864886f70d01010b06010000030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"30819a308182a0030201008204deadbeef300f06092a864886f70d01010b06010000300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300f06092a864886f70d01010b06010000030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv AlgID, params present but empty)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
-x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0600300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0600030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG
+x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0600300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0600030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG
X509 CRT ASN1 (TBS, inv AlgID, bad RSASSA-PSS params)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_X509_RSASSA_PSS_SUPPORT
-x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010a3100300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010a3100030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010a3100300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010a3100030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, Issuer missing)
depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C
@@ -1438,83 +1434,83 @@
X509 CRT ASN1 (TBS, inv Issuer, RDNSequence empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081893074a0030201028204deadbeef300d06092a864886f70d01010b05003000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081893074a0030201028204deadbeef300d06092a864886f70d01010b05003000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, RDN inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv Issuer, RDN inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023185301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023185301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Issuer, RDN length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023101301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023101301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, RDN empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023100301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023100301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023085301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023085301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023001301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023001301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue type inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue type inv no length data)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818e3079a0030201028204deadbeef300d06092a864886f70d01010b050030053103300106301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818e3079a0030201028204deadbeef300d06092a864886f70d01010b050030053103300106301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue type inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020685301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020685301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue type length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020601301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020601301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020600301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020600301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308190307ba0030201028204deadbeef300d06092a864886f70d01010b050030073105300306000c301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308190307ba0030201028204deadbeef300d06092a864886f70d01010b050030073105300306000c301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000C85301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000C85301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000c01301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000c01301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value length mismatch)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308193307ea0030201028204deadbeef300d06092a864886f70d01010b0500300a3108300606000c010000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"308193307ea0030201028204deadbeef300d06092a864886f70d01010b0500300a3108300606000c010000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv Issuer, 2nd AttributeTypeValue empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300e310c300806000c04546573743000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300e310c300806000c04546573743000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, Validity missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
@@ -1538,63 +1534,63 @@
X509 CRT ASN1 (TBS, inv Validity, notBefore missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30793064a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573743000300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30793064a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573743000300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Validity, notBefore inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c045465737430020500300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c045465737430020500300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv Validity, notBefore no length)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"307a3065a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c0454657374300117300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"307a3065a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c0454657374300117300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Validity, notBefore inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573743002178f300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573743002178f300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Validity, notBefore length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c045465737430021701300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c045465737430021701300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Validity, notBefore empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a3008060013045465737430101700170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE
+x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a3008060013045465737430101700170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE
X509 CRT ASN1 (TBS, inv Validity, notBefore invalid)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE
+x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE
X509 CRT ASN1 (TBS, inv Validity, notAfter missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374300e170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374300e170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Validity, notAfter inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935390500300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935390500300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv Validity, notAfter length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081883073a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374300f170c30393132333132333539353917300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081883073a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374300f170c30393132333132333539353917300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Validity, notAfter inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391785300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391785300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Validity, notAfter length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391701300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391701300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Validity, notAfter empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391700300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE
+x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391700300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE
X509 CRT ASN1 (TBS, inv Validity, notAfter invalid)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303931323331323335393539170c303930313031303000000000300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE
+x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303931323331323335393539170c303930313031303000000000300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE
X509 CRT ASN1 (TBS, inv Validity, data remaining after 'notAfter')
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e170c303930313031303030303030170c3039313233313233353935391700300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e170c303930313031303030303030170c3039313233313233353935391700300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, Subject missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
@@ -1618,79 +1614,79 @@
X509 CRT ASN1 (TBS, inv Subject, RDN inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930020500302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930020500302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv Subject, RDN inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023185302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023185302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Subject, RDN length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023101302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023101302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, RDN empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023100302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023100302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431020500302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431020500302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023085302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023085302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023001302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023001302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023000302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023000302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue type inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020500302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020500302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue type inv no length data)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818e3079a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930053103300106302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818e3079a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930053103300106302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue type inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020685302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020685302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue type length out of bounds )
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020601302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020601302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020600302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020600302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000500302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000500302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308190307ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930073105300306000c302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308190307ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930073105300306000c302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000C85302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000C85302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000c01302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000c01302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value length mismatch)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308193307ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300a3108300606000c010000302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"308193307ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300a3108300606000c010000302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv Subject, 2nd AttributeTypeValue empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300e310c300806000c04546573743000302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300e310c300806000c04546573743000302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, SubPubKeyInfo missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
@@ -1734,11 +1730,11 @@
X509 CRT ASN1 (TBS, inv SubPubKeyInfo, algorithm empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081883073a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081883073a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d30000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubPubKeyInfo, algorithm unknown)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010100050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_UNKNOWN_PK_ALG
+x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010005000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_UNKNOWN_PK_ALG
X509 CRT ASN1 (TBS, inv SubPubKeyInfo, bitstring missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
@@ -1774,11 +1770,11 @@
X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY
X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv RSA modulus)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY
X509 CRT ASN1 (TBS, inv SubPubKeyInfo, total length mismatch)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
@@ -1799,263 +1795,263 @@
# and hence we obtain an INVALID_TAG error during extension parsing.
X509 CRT ASN1 (TBS, inv IssuerID, inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff0500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff0201030500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv IssuerID, length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308197308181a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308197308181a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a1300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv IssuerID, inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a185300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv IssuerID, length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a101300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, no IssuerID, inv SubjectID, length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308197308181a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa2300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308197308181a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a2300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, no IssuerID, inv SubjectID, inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, no IssuerID, inv SubjectID, length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a1000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308199308183a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"308199308183a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a2300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, IssuerID unsupported in v1 CRT)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, SubjectID unsupported in v1 CRT)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv v3Ext, inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a2000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv v3Ext, outer length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819b308185a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30819b308185a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, outer length inv encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a385300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a385300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv v3Ext, outer length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a301300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a301300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, outer length 0)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a300300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a300300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, inner tag invalid)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv v3Ext, inner length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819d308187a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30819d308187a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, inner length inv encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv v3Ext, inner length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, inner/outer length mismatch)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819f308189a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a303300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"30819f308189a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a303300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv v3Ext, first ext inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv v3Ext, first ext length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819f308189a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a303300130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"30819f308189a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a303300130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, inv first ext length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30430023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30430023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv v3Ext, first ext length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30430023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30430023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, first ext empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30430023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30430023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, first ext extnID inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a306300430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a306300430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv v3Ext, first ext extnID length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a130818ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3053003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a130818ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3053003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, first ext extnID inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a306300430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a306300430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv v3Ext, first ext extnID length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a306300430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a306300430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, no extnValue)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a306300430020600300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a306300430020600300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, inv critical tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3083006300406000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3083006300406000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv v3Ext, critical length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a330818da0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30730053003060001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a330818da0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30730053003060001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, critical inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3083006300406000185300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3083006300406000185300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv v3Ext, critical length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3083006300406000101300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3083006300406000101300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, critical length 0)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3083006300406000100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3083006300406000100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv v3Ext, critical length 2)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a6308190a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30a30083006060001020000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081a6308190a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30a30083006060001020000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv v3Ext, extnValue inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b3009300706000101000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30b3009300706000101000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv v3Ext, extnValue length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a6308190a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30a30083006060001010004300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a6308190a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30a30083006060001010004300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, extnValue length inv encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b3009300706000101000485300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30b3009300706000101000485300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv v3Ext, extnValue length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b3009300706000101000401300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30b3009300706000101000401300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv v3Ext, data remaining after extnValue)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b3009060001010004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30d300b3009060001010004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, data missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b300930070603551d200400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30b300930070603551d200400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, invalid outer tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d2004020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30d300b30090603551d2004020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, outer length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a8308192a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30c300a30080603551d20040130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a8308192a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30c300a30080603551d20040130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, outer length inv encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d2004023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30d300b30090603551d2004023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, outer length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d2004023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30d300b30090603551d2004023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, no policies)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d2004023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30d300b30090603551d2004023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy invalid tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d20040430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30f300d300b0603551d20040430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d200403300130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30e300c300a0603551d200403300130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length inv encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d20040430023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30f300d300b0603551d20040430023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d20040430023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30f300d300b0603551d20040430023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, empty policy)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d20040430023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30f300d300b0603551d20040430023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy invalid OID tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d200406300430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a311300f300d0603551d200406300430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy no OID length)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ac308196a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a310300e300c0603551d2004053003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ac308196a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a310300e300c0603551d2004053003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy OID length inv encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d200406300430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a311300f300d0603551d200406300430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy OID length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d200406300430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a311300f300d0603551d200406300430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, unknown critical policy)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010101040730053003060100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE
+x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a315301330110603551d20010101040730053003060100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier invalid tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a314301230100603551d200409300730050601000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a314301230100603551d200409300730050601000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier no length)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081af308199a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3133011300f0603551d2004083006300406010030300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081af308199a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3133011300f0603551d2004083006300406010030300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a314301230100603551d200409300730050601003085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a314301230100603551d200409300730050601003085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a314301230100603551d200409300730050601003001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a314301230100603551d200409300730050601003001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv extBasicConstraint, no pathlen length)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a314301230100603551d130101010406300402010102300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a314301230100603551d130101010406300402010102300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (inv extBasicConstraint, pathlen is INT_MAX)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_1
@@ -2067,199 +2063,199 @@
X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d13010101040730050201010285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a315301330110603551d13010101040730050201010285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d13010101040730050201010201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a315301330110603551d13010101040730050201010201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d13010101040730050201010200300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a315301330110603551d13010101040730050201010200300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen length mismatch)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b430819ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a318301630140603551d13010101040a30080201010201010500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081b430819ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a318301630140603551d13010101040a30080201010201010500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv v3Ext, ExtKeyUsage bad second tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d250416301406082b0601050507030107082b06010505070302300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d250416301406082b0601050507030107082b06010505070302300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv SubjectAltName, empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b300930070603551d110400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30b300930070603551d110400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, inv tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30d300b30090603551d1104020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv SubjectAltName, length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a8308192a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30c300a30080603551d11040130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a8308192a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30c300a30080603551d11040130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30d300b30090603551d1104023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv SubjectAltName, length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30d300b30090603551d1104023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, data remaining after name SEQUENCE)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d110403300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30e300c300a0603551d110403300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv SubjectAltName, name component length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d110403300180300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30e300c300a0603551d110403300180300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, name component inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430028085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30f300d300b0603551d11040430028085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv SubjectAltName, name component length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430028001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30f300d300b0603551d11040430028001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, name component unexpected tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430024000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30f300d300b0603551d11040430024000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv SubjectAltName, otherName component empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d1104043002a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a30f300d300b0603551d1104043002a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, otherName invalid OID tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a311300f300d0603551d1104063004a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ac308196a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a310300e300c0603551d1104053003a00106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ac308196a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a310300e300c0603551d1104053003a00106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a311300f300d0603551d1104063004a0020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a311300f300d0603551d1104063004a0020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName EXPLICIT tag missing
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b530819fa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a319301730150603551d11040e300ca00a06082b06010505070804300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b530819fa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a319301730150603551d11040e300ca00a06082b06010505070804300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName unexpected EXPLICIT tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b060105050708040500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31b301930170603551d110410300ea00c06082b060105050708040500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b63081a0a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31a301830160603551d11040f300da00b06082b06010505070804a0300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b63081a0a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31a301830160603551d11040f300da00b06082b06010505070804a0300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inv outer length)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31b301930170603551d110410300ea00c06082b06010505070804a085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31b301930170603551d110410300ea00c06082b06010505070804a001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length 0)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31b301930170603551d110410300ea00c06082b06010505070804a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner tag invalid)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b83081a2a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31c301a30180603551d110411300fa00d06082b06010505070804a00130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b83081a2a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31c301a30180603551d110411300fa00d06082b06010505070804a00130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length inv encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName empty)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName unexpected OID tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID no length)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ba3081a4a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31e301c301a0603551d1104133011a00f06082b06010505070804a003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ba3081a4a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31e301c301a0603551d1104133011a00f06082b06010505070804a003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020600300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020600300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data invalid tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bc3081a6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a320301e301c0603551d1104153013a01106082b06010505070804a0053003060004300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081bc3081a6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a320301e301c0603551d1104153013a01106082b06010505070804a0053003060004300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000485300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000485300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000401300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000401300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #1)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083006060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083006060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #2)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #3)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0063004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a3233021301f0603551d1104183016a01406082b06010505070804a0063004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a340303e301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS
+x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a340303e301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS
X509 CRT ASN1 (TBS, inv v3Ext, ExtKeyUsage repeated)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a340303e301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d250416301406082b0601050507030106082b06010505070302300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS
+x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a340303e301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d250416301406082b0601050507030106082b06010505070302300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS
X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated outside Extensions)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT (TBS, valid v3Ext in v3 CRT)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0
X509 CRT ASN1 (TBS, valid v3Ext in v1 CRT)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, valid v3Ext in v2 CRT)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (TBS, valid SubjectID, valid IssuerID, inv v3Ext, SubjectAltName repeated outside Extensions, inv SubjectAltNames tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_1
@@ -2267,117 +2263,117 @@
X509 CRT ASN1 (SignatureAlgorithm missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081aa3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081aa3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (inv SignatureAlgorithm, bad tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573740500":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573740500":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (inv SignatureAlgorithm, length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ab3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e7465737430":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ab3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e7465737430":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (inv SignatureAlgorithm, inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573743085":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573743085":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (inv SignatureAlgorithm, length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573743001":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573743001":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (inv SignatureAlgorithm, not the same as SignatureAlgorithm in TBS)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010a0500030200ff":"":MBEDTLS_ERR_X509_SIG_MISMATCH
+x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010a0500030200ff":"":MBEDTLS_ERR_X509_SIG_MISMATCH
X509 CRT ASN1 (Signature missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081b93081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081b93081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (inv Signature, bad tag)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000500":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
+x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000500":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 CRT ASN1 (inv Signature, length missing)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081ba3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b050003":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081ba3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b050003":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (inv Signature, inv length encoding)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000385":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
+x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000385":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_INVALID_LENGTH)
X509 CRT ASN1 (inv Signature, length out of bounds)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000301":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000301":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 CRT ASN1 (inv Signature, inv data #1)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
# signature = bit string with invalid encoding (missing number of unused bits)
-x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000300":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_INVALID_DATA)
+x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000300":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_INVALID_DATA)
X509 CRT ASN1 (inv Signature, inv data #2)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
# signature = bit string with invalid encoding (number of unused bits too large)
-x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030108":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_INVALID_DATA)
+x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030108":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_INVALID_DATA)
X509 CRT ASN1 (empty Signature)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
# signature = empty bit string in DER encoding
-x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030100":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0
+x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030100":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0
X509 CRT ASN1 (dummy 24-bit Signature)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
# signature = bit string "011001100110111101101111"
-x509parse_crt:"3081bf3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030400666f6f":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0
+x509parse_crt:"3081bf3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030400666f6f":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0
# The ASN.1 module rejects non-octet-aligned bit strings.
X509 CRT ASN1 (inv Signature: not octet-aligned)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
# signature = bit string "01100110011011110110111"
-x509parse_crt:"3081bf3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030401666f6e":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_INVALID_DATA)
+x509parse_crt:"3081bf3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030401666f6e":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, MBEDTLS_ERR_ASN1_INVALID_DATA)
X509 CRT ASN1 (inv Signature, length mismatch)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"3081be3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff00":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
+x509parse_crt:"3081be3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff00":"":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH)
X509 CRT ASN1 (well-formed)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (GeneralizedTime in notBefore, UTCTime in notAfter)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2010-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2010-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (UTCTime in notBefore, GeneralizedTime in notAfter)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e170c303931323331323335393539180e3230313030313031303030303030300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-12-31 23\:59\:59\nexpires on \: 2010-01-01 00\:00\:00\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e170c303931323331323335393539180e3230313030313031303030303030300c310a30080600130454657374302a300d06092A864886F70D01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-12-31 23\:59\:59\nexpires on \: 2010-01-01 00\:00\:00\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with X520 CN)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: CN=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: CN=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with X520 C)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: C=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: C=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with X520 L)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: L=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: L=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with X520 ST)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ST=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ST=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with X520 O)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: O=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: O=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with X520 OU)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: OU=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: OU=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with unknown X520 part)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with composite RDN)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_1
@@ -2385,11 +2381,11 @@
X509 CRT ASN1 (Name with PKCS9 email)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d01010b050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: emailAddress=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d01010b050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: emailAddress=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (Name with unknown PKCS9 part)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d01010b050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
+x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d01010b050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0
X509 CRT ASN1 (ECDSA signature, RSA key)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_1:PSA_HAVE_ALG_SOME_ECDSA
@@ -2425,19 +2421,19 @@
X509 CRT ASN1 (Unsupported critical policy recognized by callback)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010101040730053003060101300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0
+x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a315301330110603551d20010101040730053003060101300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0
X509 CRT ASN1 (Unsupported critical policy not recognized by callback)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010101040730053003060100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE
+x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a315301330110603551d20010101040730053003060100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE
X509 CRT ASN1 (Unsupported non critical policy recognized by callback)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010100040730053003060101300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0
+x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a315301330110603551d20010100040730053003060101300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0
X509 CRT ASN1 (Unsupported non critical policy not recognized by callback)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
-x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010100040730053003060100300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0
+x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d01010105000319003016021100ffffffffffffffffffffffffffffffff020103a100a200a315301330110603551d20010100040730053003060100300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0
X509 CRL ASN1 (Incorrect first tag)
x509parse_crl:"":"":MBEDTLS_ERR_X509_INVALID_FORMAT
@@ -2741,7 +2737,7 @@
x509_oid_numstr:"2b06010505070301":"1.3.6.1.5.5.7.3.1":18:17
X509 OID numstring #3 (buffer too small)
-x509_oid_numstr:"2b06010505070301":"1.3.6.1.5.5.7.3.1":17:MBEDTLS_ERR_OID_BUF_TOO_SMALL
+x509_oid_numstr:"2b06010505070301":"1.3.6.1.5.5.7.3.1":17:PSA_ERROR_BUFFER_TOO_SMALL
X509 OID numstring #4 (larger number)
x509_oid_numstr:"2a864886f70d":"1.2.840.113549":15:14
@@ -2849,7 +2845,7 @@
x509_parse_rsassa_pss_params:"a00f300d06096086480165030402013000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_INVALID_DATA)
X509 RSASSA-PSS parameters ASN1 (HashAlg unknown OID)
-x509_parse_rsassa_pss_params:"a00d300b06096086480165030402ff":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_OID_NOT_FOUND)
+x509_parse_rsassa_pss_params:"a00d300b06096086480165030402ff":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_X509_UNKNOWN_OID)
X509 RSASSA-PSS parameters ASN1 (good, MGAlg = MGF1-SHA256)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
@@ -2870,7 +2866,7 @@
x509_parse_rsassa_pss_params:"a11a301906092a864886f70d010108300b0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_OUT_OF_DATA)
X509 RSASSA-PSS parameters ASN1 (MGAlg OID != MGF1)
-x509_parse_rsassa_pss_params:"a11a301806092a864886f70d010109300b0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE, MBEDTLS_ERR_OID_NOT_FOUND)
+x509_parse_rsassa_pss_params:"a11a301806092a864886f70d010109300b0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE, MBEDTLS_ERR_X509_UNKNOWN_OID)
X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong tag)
x509_parse_rsassa_pss_params:"a11a301806092a864886f70d010108310b0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
@@ -2885,7 +2881,7 @@
x509_parse_rsassa_pss_params:"a11a301806092a864886f70d010108300b0709608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
X509 RSASSA-PSS parameters ASN1 (MGAlg.params.alg unknown OID)
-x509_parse_rsassa_pss_params:"a11a301806092a864886f70d010108300b06096086480165030402ff":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_OID_NOT_FOUND)
+x509_parse_rsassa_pss_params:"a11a301806092a864886f70d010108300b06096086480165030402ff":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, MBEDTLS_ERR_X509_UNKNOWN_OID)
X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params NULL)
depends_on:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_256
@@ -3151,6 +3147,10 @@
depends_on:PSA_HAVE_ALG_SOME_ECDSA:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
x509parse_crt_file:"../framework/data_files/parse_input/server5.crt":0
+X509 File parse (RSASSA-PSS, MGF1 hash alg != message hash alg)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_1
+x509parse_crt_file:"../framework/data_files/server9-bad-mgfhash.crt":MBEDTLS_ERR_X509_INVALID_ALG
+
X509 File parse & read the ca_istrue field (Not Set)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:PSA_WANT_ALG_SHA_1
mbedtls_x509_get_ca_istrue:"../framework/data_files/parse_input/server1.crt":0
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index fae3657..4f0605c 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -7,6 +7,7 @@
#include "x509_internal.h"
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include "mbedtls/base64.h"
#include "mbedtls/error.h"
#include "mbedtls/pk.h"
@@ -679,7 +680,7 @@
TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0);
- mbedtls_ecp_set_max_ops(max_ops);
+ psa_interruptible_set_max_ops(max_ops);
cnt_restart = 0;
do {
@@ -1009,8 +1010,8 @@
parsed_cur = &parsed;
len = 0;
for (i = 0; parsed_cur != NULL; i++) {
- TEST_EQUAL(mbedtls_oid_get_attr_short_name(&parsed_cur->oid,
- &short_name), 0);
+ TEST_EQUAL(mbedtls_x509_oid_get_attr_short_name(&parsed_cur->oid,
+ &short_name), 0);
len += mbedtls_snprintf((char *) out + len, out_size - len, "%s ", short_name);
parsed_cur = mbedtls_x509_dn_get_next(parsed_cur);
}
@@ -1119,15 +1120,29 @@
mbedtls_x509_crt crt;
#if !defined(MBEDTLS_X509_REMOVE_INFO)
unsigned char output[2000] = { 0 };
- int res;
#else
((void) result_str);
#endif
+ /* Tests whose result is MBEDTLS_ERR_PK_INVALID_PUBKEY might return
+ * MBEDTLS_ERR_ASN1_UNEXPECTED_TAG until psa#308 is merged. This variable
+ * is therefore used for backward compatiblity and will be removed in
+ * mbedtls#10229. */
+ int result_back_comp = result;
+ int res;
+
+#if !defined(MBEDTLS_PK_USE_PSA_RSA_DATA)
+ /* Support for mbedtls#10213 before psa#308. Once psa#308 will be
+ * merged this dirty fix can be removed. */
+ if (result == MBEDTLS_ERR_PK_INVALID_PUBKEY) {
+ result_back_comp = MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
+ }
+#endif /* MBEDTLS_PK_USE_PSA_RSA_DATA */
mbedtls_x509_crt_init(&crt);
USE_PSA_INIT();
- TEST_EQUAL(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len), result);
+ res = mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len);
+ TEST_ASSERT((res == result) || (res == result_back_comp));
#if !defined(MBEDTLS_X509_REMOVE_INFO)
if ((result) == 0) {
res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
@@ -1142,7 +1157,8 @@
mbedtls_x509_crt_free(&crt);
mbedtls_x509_crt_init(&crt);
- TEST_EQUAL(mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len), result);
+ res = mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len);
+ TEST_ASSERT((res == result) || (res == result_back_comp));
#if !defined(MBEDTLS_X509_REMOVE_INFO)
if ((result) == 0) {
memset(output, 0, 2000);
@@ -1160,8 +1176,8 @@
mbedtls_x509_crt_free(&crt);
mbedtls_x509_crt_init(&crt);
- TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, NULL),
- result);
+ res = mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, NULL);
+ TEST_ASSERT((res == result) || (res == result_back_comp));
#if !defined(MBEDTLS_X509_REMOVE_INFO)
if ((result) == 0) {
res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
@@ -1177,8 +1193,8 @@
mbedtls_x509_crt_free(&crt);
mbedtls_x509_crt_init(&crt);
- TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, NULL),
- result);
+ res = mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, NULL);
+ TEST_ASSERT((res == result) || (res == result_back_comp));
#if !defined(MBEDTLS_X509_REMOVE_INFO)
if ((result) == 0) {
res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
@@ -1502,7 +1518,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C:!MBEDTLS_X509_REMOVE_INFO */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void x509_oid_desc(data_t *buf, char *ref_desc)
{
mbedtls_x509_buf oid;
@@ -1515,7 +1531,7 @@
oid.p = buf->x;
oid.len = buf->len;
- ret = mbedtls_oid_get_extended_key_usage(&oid, &desc);
+ ret = mbedtls_x509_oid_get_extended_key_usage(&oid, &desc);
if (strcmp(ref_desc, "notfound") == 0) {
TEST_ASSERT(ret != 0);
@@ -1667,6 +1683,9 @@
mbedtls_x509_crt crt;
mbedtls_x509_crt_init(&crt);
+ /* X509 relies on PK under the hood and the latter can use PSA to store keys
+ * and perform operations so psa_crypto_init() must be called before. */
+ USE_PSA_INIT();
TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, file), ref_ret);
@@ -1681,6 +1700,7 @@
exit:
mbedtls_x509_crt_free(&crt);
+ USE_PSA_DONE();
}
/* END_CASE */
@@ -1696,6 +1716,9 @@
char name_buf[128];
mbedtls_x509_crt_init(&crt);
+ /* X509 relies on PK under the hood and the latter can use PSA to store keys
+ * and perform operations so psa_crypto_init() must be called before. */
+ USE_PSA_INIT();
TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, file), ref_ret);
@@ -1747,6 +1770,7 @@
exit:
mbedtls_x509_crt_free(&crt);
+ USE_PSA_DONE();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index e4e08da..4dcd967 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -254,6 +254,27 @@
X509 String to Names #20 (Reject empty AttributeValue)
mbedtls_x509_string_to_names:"C=NL, O=, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0
+# Note: the behaviour is incorrect, output from string->names->string should be
+# the same as the input, rather than just the last component, see
+# https://github.com/Mbed-TLS/mbedtls/issues/10189
+# Still including tests for the current incorrect behaviour because of the
+# variants below where we want to ensure at least that no memory corruption
+# happens (which would be a lot worse than just a functional bug).
+X509 String to Names (repeated OID)
+mbedtls_x509_string_to_names:"CN=ab,CN=cd,CN=ef":"CN=ef":0:0
+
+# Note: when a value starts with a # sign, it's treated as the hex encoding of
+# the DER encoding of the value. Here, 0400 is a zero-length OCTET STRING.
+# The tag actually doesn't matter for our purposes, only the length.
+X509 String to Names (repeated OID, 1st is zero-length)
+mbedtls_x509_string_to_names:"CN=#0400,CN=cd,CN=ef":"CN=ef":0:0
+
+X509 String to Names (repeated OID, middle is zero-length)
+mbedtls_x509_string_to_names:"CN=ab,CN=#0400,CN=ef":"CN=ef":0:0
+
+X509 String to Names (repeated OID, last is zero-length)
+mbedtls_x509_string_to_names:"CN=ab,CN=cd,CN=#0400":"CN=#0000":0:MAY_FAIL_GET_NAME
+
X509 Round trip test (Escaped characters)
mbedtls_x509_string_to_names:"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":0:0
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 107d923..224768a 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -5,6 +5,7 @@
#include "x509_internal.h"
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
+#include "x509_oid.h"
#include "mbedtls/rsa.h"
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
@@ -37,7 +38,7 @@
goto cleanup;
}
- if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk,
+ if (mbedtls_pk_verify_ext(csr.sig_pk, NULL, &csr.pk,
csr.sig_md, hash, mbedtls_md_get_size_from_type(csr.sig_md),
csr.sig.p, csr.sig.len) != 0) {
ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;
@@ -669,6 +670,11 @@
TEST_LE_S(1, ret);
TEST_ASSERT(strcmp((char *) out, parsed_name) == 0);
+ /* Check that calling a 2nd time with the same param (now non-NULL)
+ * returns an error as expected. */
+ ret = mbedtls_x509_string_to_names(&names, name);
+ TEST_EQUAL(ret, MBEDTLS_ERR_X509_BAD_INPUT_DATA);
+
exit:
mbedtls_asn1_free_named_data_list(&names);
@@ -703,7 +709,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C */
void oid_from_numeric_string(char *oid_str, int error_ret,
data_t *exp_oid_buf)
{
diff --git a/tf-psa-crypto b/tf-psa-crypto
index f936d86..110b9a4 160000
--- a/tf-psa-crypto
+++ b/tf-psa-crypto
@@ -1 +1 @@
-Subproject commit f936d86b2587eb4a961cac5b3b95b949ee056ee6
+Subproject commit 110b9a44d79975c0eab61f46c65837abc5c9309a