Merged support for Brainpool curves and ciphersuites
diff --git a/ChangeLog b/ChangeLog
index 2621f53..8e3b0a9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,9 @@
 PolarSSL ChangeLog (Sorted per branch, date)
 
 = Branch 1.3
+Features
+   * Support for Brainpool curves and TLS ciphersuites (RFC 7027)
+
 Changes
    * RSA blinding locks for a smaller amount of time
    * TLS compression only allocates working buffer once
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index bd12343..e4ab5e1 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -241,6 +241,9 @@
 #define POLARSSL_ECP_DP_SECP256R1_ENABLED
 #define POLARSSL_ECP_DP_SECP384R1_ENABLED
 #define POLARSSL_ECP_DP_SECP521R1_ENABLED
+#define POLARSSL_ECP_DP_BP256R1_ENABLED
+#define POLARSSL_ECP_DP_BP384R1_ENABLED
+#define POLARSSL_ECP_DP_BP512R1_ENABLED
 
 /**
  * \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED
@@ -1013,7 +1016,7 @@
  * Caller:  library/ecdh.c
  *          library/ecdsa.c
  *
- * Requires: POLARSSL_BIGNUM_C
+ * Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
  */
 #define POLARSSL_ECP_C
 
@@ -1707,7 +1710,15 @@
 #error "POLARSSL_ECDSA_C defined, but not all prerequisites"
 #endif
 
-#if defined(POLARSSL_ECP_C) && !defined(POLARSSL_BIGNUM_C)
+#if defined(POLARSSL_ECP_C) && !defined(POLARSSL_BIGNUM_C) || ( \
+    !defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) &&              \
+    !defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) &&              \
+    !defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) &&              \
+    !defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) &&              \
+    !defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) &&              \
+    !defined(POLARSSL_ECP_DP_BP256R1_ENABLED)   &&              \
+    !defined(POLARSSL_ECP_DP_BP384R1_ENABLED)   &&              \
+    !defined(POLARSSL_ECP_DP_BP512R1_ENABLED) )
 #error "POLARSSL_ECP_C defined, but not all prerequisites"
 #endif
 
diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h
index 82455c1..7940b32 100644
--- a/include/polarssl/ecp.h
+++ b/include/polarssl/ecp.h
@@ -61,12 +61,15 @@
     POLARSSL_ECP_DP_SECP256R1,      /*!< 256-bits NIST curve  */
     POLARSSL_ECP_DP_SECP384R1,      /*!< 384-bits NIST curve  */
     POLARSSL_ECP_DP_SECP521R1,      /*!< 521-bits NIST curve  */
+    POLARSSL_ECP_DP_BP256R1,        /*!< 256-bits Brainpool curve */
+    POLARSSL_ECP_DP_BP384R1,        /*!< 384-bits Brainpool curve */
+    POLARSSL_ECP_DP_BP512R1,        /*!< 512-bits Brainpool curve */
 } ecp_group_id;
 
 /**
  * Number of supported curves (plus one for NONE)
  */
-#define POLARSSL_ECP_DP_MAX     6
+#define POLARSSL_ECP_DP_MAX     9
 
 /**
  * Curve information for use by other modules
@@ -113,21 +116,21 @@
  */
 typedef struct
 {
-    ecp_group_id id;    /*!<  RFC 4492 group ID                 */
-    mpi P;              /*!<  prime modulus of the base field   */
-    mpi A;              /*!<  currently unused (-3 assumed)     */
-    mpi B;              /*!<  constant term in the equation     */
-    ecp_point G;        /*!<  generator of the subgroup used    */
-    mpi N;              /*!<  the order of G                    */
-    size_t pbits;       /*!<  number of bits in P               */
-    size_t nbits;       /*!<  number of bits in N               */
-    unsigned int h;     /*!<  cofactor (unused now: assume 1)   */
-    int (*modp)(mpi *); /*!<  function for fast reduction mod P */
-    int (*t_pre)(ecp_point *, void *);  /*!< currently unused   */
-    int (*t_post)(ecp_point *, void *); /*!< currently unused   */
-    void *t_data;                       /*!< currently unused   */
-    ecp_point *T;       /*!<  pre-computed points (unused now)  */
-    size_t T_size;      /*!<  number for pre-computed points    */
+    ecp_group_id id;    /*!<  internal group identifier                     */
+    mpi P;              /*!<  prime modulus of the base field               */
+    mpi A;              /*!<  linear term in the equation                   */
+    mpi B;              /*!<  constant term in the equation                 */
+    ecp_point G;        /*!<  generator of the subgroup used                */
+    mpi N;              /*!<  the order of G                                */
+    size_t pbits;       /*!<  number of bits in P                           */
+    size_t nbits;       /*!<  number of bits in N                           */
+    unsigned int h;     /*!<  cofactor (unused now: assume 1)               */
+    int (*modp)(mpi *); /*!<  function for fast reduction mod P             */
+    int (*t_pre)(ecp_point *, void *);  /*!< currently unused               */
+    int (*t_post)(ecp_point *, void *); /*!< currently unused               */
+    void *t_data;                       /*!< currently unused               */
+    ecp_point *T;       /*!<  pre-computed points for ecp_mul()             */
+    size_t T_size;      /*!<  number for pre-computed points                */
 }
 ecp_group;
 
diff --git a/include/polarssl/oid.h b/include/polarssl/oid.h
index 20bacae..85ab04c 100644
--- a/include/polarssl/oid.h
+++ b/include/polarssl/oid.h
@@ -74,6 +74,8 @@
 #define OID_OIW_SECSIG_SHA1             OID_OIW_SECSIG_ALG "\x1a"
 #define OID_ORG_CERTICOM                "\x81\x04"  /* certicom(132) */
 #define OID_CERTICOM                    OID_ISO_IDENTIFIED_ORG OID_ORG_CERTICOM
+#define OID_ORG_TELETRUST               "\x24" /* teletrust(36) */
+#define OID_TELETRUST                   OID_ISO_IDENTIFIED_ORG OID_ORG_TELETRUST
 
 /*
  * ISO ITU OID parts
@@ -258,7 +260,7 @@
 #define OID_EC_ALG_ECDH                 OID_CERTICOM "\x01\x0c"
 
 /*
- * ECParameters namedCurve identifiers, from RFC 5480
+ * ECParameters namedCurve identifiers, from RFC 5480 and RFC 5639
  */
 
 /* secp192r1 OBJECT IDENTIFIER ::= {
@@ -281,6 +283,23 @@
  *   iso(1) identified-organization(3) certicom(132) curve(0) 35 } */
 #define OID_EC_GRP_SECP521R1        OID_CERTICOM "\x00\x23"
 
+/* RFC 5639 4.1
+ * ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1)
+ * identified-organization(3) teletrust(36) algorithm(3) signature-
+ * algorithm(3) ecSign(2) 8}
+ * ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1}
+ * versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */
+#define OID_EC_BRAINPOOL_V1         OID_TELETRUST "\x03\x03\x02\x08\x01\x01"
+
+/* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */
+#define OID_EC_GRP_BP256R1          OID_EC_BRAINPOOL_V1 "\x07"
+
+/* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */
+#define OID_EC_GRP_BP384R1          OID_EC_BRAINPOOL_V1 "\x0B"
+
+/* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */
+#define OID_EC_GRP_BP512R1          OID_EC_BRAINPOOL_V1 "\x0D"
+
 /*
  * ECDSA signature identifers, from RFC 5480
  */
diff --git a/library/ecp.c b/library/ecp.c
index c8ee3a7..b7af16a 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -70,28 +70,37 @@
 /*
  * List of supported curves:
  *  - internal ID
- *  - TLS NamedCurve ID (RFC 4492 section 5.1.1)
+ *  - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2)
  *  - size in bits
- *  - readeble name
+ *  - readable name
  */
 const ecp_curve_info ecp_supported_curves[] =
 {
+#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED)
+    { POLARSSL_ECP_DP_BP512R1,      28,     512,    "brainpool512r1"    },
+#endif
+#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED)
+    { POLARSSL_ECP_DP_BP384R1,      27,     384,    "brainpool384r1"    },
+#endif
+#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED)
+    { POLARSSL_ECP_DP_BP256R1,      26,     256,    "brainpool256r1"    },
+#endif
 #if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
-    { POLARSSL_ECP_DP_SECP521R1,    25,     521,    "secp521r1" },
+    { POLARSSL_ECP_DP_SECP521R1,    25,     521,    "secp521r1"         },
 #endif
 #if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
-    { POLARSSL_ECP_DP_SECP384R1,    24,     384,    "secp384r1" },
+    { POLARSSL_ECP_DP_SECP384R1,    24,     384,    "secp384r1"         },
 #endif
 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
-    { POLARSSL_ECP_DP_SECP256R1,    23,     256,    "secp256r1" },
+    { POLARSSL_ECP_DP_SECP256R1,    23,     256,    "secp256r1"         },
 #endif
 #if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
-    { POLARSSL_ECP_DP_SECP224R1,    21,     224,    "secp224r1" },
+    { POLARSSL_ECP_DP_SECP224R1,    21,     224,    "secp224r1"         },
 #endif
 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
-    { POLARSSL_ECP_DP_SECP192R1,    19,     192,    "secp192r1" },
+    { POLARSSL_ECP_DP_SECP192R1,    19,     192,    "secp192r1"         },
 #endif
-    { POLARSSL_ECP_DP_NONE,          0,     0,      NULL        },
+    { POLARSSL_ECP_DP_NONE,          0,     0,      NULL                },
 };
 
 /*
@@ -163,6 +172,7 @@
         return;
 
     mpi_free( &grp->P );
+    mpi_free( &grp->A );
     mpi_free( &grp->B );
     ecp_point_free( &grp->G );
     mpi_free( &grp->N );
@@ -253,15 +263,16 @@
 }
 
 /*
- * Import an ECP group from ASCII strings
+ * Import an ECP group from ASCII strings, general case (A used)
  */
-int ecp_group_read_string( ecp_group *grp, int radix,
-                           const char *p, const char *b,
+static int ecp_group_read_string_gen( ecp_group *grp, int radix,
+                           const char *p, const char *a, const char *b,
                            const char *gx, const char *gy, const char *n)
 {
     int ret;
 
     MPI_CHK( mpi_read_string( &grp->P, radix, p ) );
+    MPI_CHK( mpi_read_string( &grp->A, radix, a ) );
     MPI_CHK( mpi_read_string( &grp->B, radix, b ) );
     MPI_CHK( ecp_point_read_string( &grp->G, radix, gx, gy ) );
     MPI_CHK( mpi_read_string( &grp->N, radix, n ) );
@@ -270,6 +281,28 @@
     grp->nbits = mpi_msb( &grp->N );
 
 cleanup:
+    if( ret != 0 )
+        ecp_group_free( grp );
+
+    return( ret );
+}
+
+/*
+ * Import an ECP group from ASCII strings, case A == -3
+ */
+int ecp_group_read_string( ecp_group *grp, int radix,
+                           const char *p, const char *b,
+                           const char *gx, const char *gy, const char *n)
+{
+    int ret;
+
+    MPI_CHK( ecp_group_read_string_gen( grp, radix, p, "00", b, gx, gy, n ) );
+    MPI_CHK( mpi_add_int( &grp->A, &grp->P, -3 ) );
+
+cleanup:
+    if( ret != 0 )
+        ecp_group_free( grp );
+
     return( ret );
 }
 
@@ -647,6 +680,66 @@
     "F709A5D03BB5C9B8899C47AEBB6FB71E91386409"
 
 /*
+ * Domain parameters for brainpoolP256r1 (RFC 5639 3.4)
+ */
+#define BP256R1_P \
+    "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377"
+#define BP256R1_A \
+    "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9"
+#define BP256R1_B \
+    "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6"
+#define BP256R1_GX \
+    "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262"
+#define BP256R1_GY \
+    "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997"
+#define BP256R1_N \
+    "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7"
+
+/*
+ * Domain parameters for brainpoolP384r1 (RFC 5639 3.6)
+ */
+#define BP384R1_P \
+    "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB711" \
+    "23ACD3A729901D1A71874700133107EC53"
+#define BP384R1_A \
+    "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F9" \
+    "0F8AA5814A503AD4EB04A8C7DD22CE2826"
+#define BP384R1_B \
+    "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62" \
+    "D57CB4390295DBC9943AB78696FA504C11"
+#define BP384R1_GX \
+    "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10" \
+    "E8E826E03436D646AAEF87B2E247D4AF1E"
+#define BP384R1_GY \
+    "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129" \
+    "280E4646217791811142820341263C5315"
+#define BP384R1_N \
+    "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425" \
+    "A7CF3AB6AF6B7FC3103B883202E9046565"
+
+/*
+ * Domain parameters for brainpoolP512r1 (RFC 5639 3.7)
+ */
+#define BP512R1_P \
+    "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308" \
+    "717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3"
+#define BP512R1_A \
+    "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863" \
+    "BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA"
+#define BP512R1_B \
+    "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117" \
+    "A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723"
+#define BP512R1_GX \
+    "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D009" \
+    "8EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822"
+#define BP512R1_GY \
+    "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F81" \
+    "11B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892"
+#define BP512R1_N \
+    "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308" \
+    "70553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069"
+
+/*
  * Set a group using well-known domain parameters
  */
 int ecp_use_known_dp( ecp_group *grp, ecp_group_id id )
@@ -692,8 +785,29 @@
                         SECP521R1_GX, SECP521R1_GY, SECP521R1_N ) );
 #endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */
 
+#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED)
+        case POLARSSL_ECP_DP_BP256R1:
+            return( ecp_group_read_string_gen( grp, 16,
+                        BP256R1_P, BP256R1_A, BP256R1_B,
+                        BP256R1_GX, BP256R1_GY, BP256R1_N ) );
+#endif /* POLARSSL_ECP_DP_BP256R1_ENABLED */
+
+#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED)
+        case POLARSSL_ECP_DP_BP384R1:
+            return( ecp_group_read_string_gen( grp, 16,
+                        BP384R1_P, BP384R1_A, BP384R1_B,
+                        BP384R1_GX, BP384R1_GY, BP384R1_N ) );
+#endif /* POLARSSL_ECP_DP_BP384R1_ENABLED */
+
+#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED)
+        case POLARSSL_ECP_DP_BP512R1:
+            return( ecp_group_read_string_gen( grp, 16,
+                        BP512R1_P, BP512R1_A, BP512R1_B,
+                        BP512R1_GX, BP512R1_GY, BP512R1_N ) );
+#endif /* POLARSSL_ECP_DP_BP512R1_ENABLED */
+
         default:
-            grp->id = POLARSSL_ECP_DP_NONE;
+            ecp_group_free( grp );
             return( POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE );
     }
 }
@@ -945,60 +1059,59 @@
     return( ret );
 }
 
-
 /*
- * Point doubling R = 2 P, Jacobian coordinates (GECC 3.21)
+ * Point doubling R = 2 P, Jacobian coordinates
+ *
+ * http://www.hyperelliptic.org/EFD/g1p/auto-code/shortw/jacobian/doubling/dbl-2007-bl.op3
+ * with heavy variable renaming, some reordering and one minor modification
+ * (a = 2 * b, c = d - 2a replaced with c = d, c = c - b, c = c - b)
+ * in order to use a lot less intermediate variables (6 vs 25).
  */
 static int ecp_double_jac( const ecp_group *grp, ecp_point *R,
                            const ecp_point *P )
 {
     int ret;
-    mpi T1, T2, T3, X, Y, Z;
+    mpi T1, T2, T3, X3, Y3, Z3;
 
 #if defined(POLARSSL_SELF_TEST)
     dbl_count++;
 #endif
 
-    if( mpi_cmp_int( &P->Z, 0 ) == 0 )
-        return( ecp_set_zero( R ) );
-
     mpi_init( &T1 ); mpi_init( &T2 ); mpi_init( &T3 );
-    mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z );
+    mpi_init( &X3 ); mpi_init( &Y3 ); mpi_init( &Z3 );
 
-    MPI_CHK( mpi_mul_mpi( &T1,  &P->Z,  &P->Z ) );  MOD_MUL( T1 );
-    MPI_CHK( mpi_sub_mpi( &T2,  &P->X,  &T1   ) );  MOD_SUB( T2 );
-    MPI_CHK( mpi_add_mpi( &T1,  &P->X,  &T1   ) );  MOD_ADD( T1 );
-    MPI_CHK( mpi_mul_mpi( &T2,  &T2,    &T1   ) );  MOD_MUL( T2 );
-    MPI_CHK( mpi_mul_int( &T2,  &T2,    3     ) );  MOD_ADD( T2 );
-    MPI_CHK( mpi_mul_int( &Y,   &P->Y,  2     ) );  MOD_ADD( Y  );
-    MPI_CHK( mpi_mul_mpi( &Z,   &Y,     &P->Z ) );  MOD_MUL( Z  );
-    MPI_CHK( mpi_mul_mpi( &Y,   &Y,     &Y    ) );  MOD_MUL( Y  );
-    MPI_CHK( mpi_mul_mpi( &T3,  &Y,     &P->X ) );  MOD_MUL( T3 );
-    MPI_CHK( mpi_mul_mpi( &Y,   &Y,     &Y    ) );  MOD_MUL( Y  );
+    MPI_CHK( mpi_mul_mpi( &T3,  &P->X,  &P->X   ) ); MOD_MUL( T3 );
+    MPI_CHK( mpi_mul_mpi( &T2,  &P->Y,  &P->Y   ) ); MOD_MUL( T2 );
+    MPI_CHK( mpi_mul_mpi( &Y3,  &T2,    &T2     ) ); MOD_MUL( Y3 );
+    MPI_CHK( mpi_add_mpi( &X3,  &P->X,  &T2     ) ); MOD_ADD( X3 );
+    MPI_CHK( mpi_mul_mpi( &X3,  &X3,    &X3     ) ); MOD_MUL( X3 );
+    MPI_CHK( mpi_sub_mpi( &X3,  &X3,    &Y3     ) ); MOD_SUB( X3 );
+    MPI_CHK( mpi_sub_mpi( &X3,  &X3,    &T3     ) ); MOD_SUB( X3 );
+    MPI_CHK( mpi_mul_int( &T1,  &X3,    2       ) ); MOD_ADD( T1 );
+    MPI_CHK( mpi_mul_mpi( &Z3,  &P->Z,  &P->Z   ) ); MOD_MUL( Z3 );
+    MPI_CHK( mpi_mul_mpi( &X3,  &Z3,    &Z3     ) ); MOD_MUL( X3 );
+    MPI_CHK( mpi_mul_int( &T3,  &T3,    3       ) ); MOD_ADD( T3 );
+    MPI_CHK( mpi_mul_mpi( &X3,  &X3,    &grp->A ) ); MOD_MUL( X3 );
+    MPI_CHK( mpi_add_mpi( &T3,  &T3,    &X3     ) ); MOD_ADD( T3 );
+    MPI_CHK( mpi_mul_mpi( &X3,  &T3,    &T3     ) ); MOD_MUL( X3 );
+    MPI_CHK( mpi_sub_mpi( &X3,  &X3,    &T1     ) ); MOD_SUB( X3 );
+    MPI_CHK( mpi_sub_mpi( &X3,  &X3,    &T1     ) ); MOD_SUB( X3 );
+    MPI_CHK( mpi_sub_mpi( &T1,  &T1,    &X3     ) ); MOD_SUB( T1 );
+    MPI_CHK( mpi_mul_mpi( &T1,  &T3,    &T1     ) ); MOD_MUL( T1 );
+    MPI_CHK( mpi_mul_int( &T3,  &Y3,    8       ) ); MOD_ADD( T3 );
+    MPI_CHK( mpi_sub_mpi( &Y3,  &T1,    &T3     ) ); MOD_SUB( Y3 );
+    MPI_CHK( mpi_add_mpi( &T1,  &P->Y,  &P->Z   ) ); MOD_ADD( T1 );
+    MPI_CHK( mpi_mul_mpi( &T1,  &T1,    &T1     ) ); MOD_MUL( T1 );
+    MPI_CHK( mpi_sub_mpi( &T1,  &T1,    &T2     ) ); MOD_SUB( T1 );
+    MPI_CHK( mpi_sub_mpi( &Z3,  &T1,    &Z3     ) ); MOD_SUB( Z3 );
 
-    /*
-     * For Y = Y / 2 mod p, we must make sure that Y is even before
-     * using right-shift. No need to reduce mod p afterwards.
-     */
-    if( mpi_get_bit( &Y, 0 ) == 1 )
-        MPI_CHK( mpi_add_mpi( &Y, &Y, &grp->P ) );
-    MPI_CHK( mpi_shift_r( &Y,   1             ) );
-
-    MPI_CHK( mpi_mul_mpi( &X,   &T2,    &T2   ) );  MOD_MUL( X  );
-    MPI_CHK( mpi_mul_int( &T1,  &T3,    2     ) );  MOD_ADD( T1 );
-    MPI_CHK( mpi_sub_mpi( &X,   &X,     &T1   ) );  MOD_SUB( X  );
-    MPI_CHK( mpi_sub_mpi( &T1,  &T3,    &X    ) );  MOD_SUB( T1 );
-    MPI_CHK( mpi_mul_mpi( &T1,  &T1,    &T2   ) );  MOD_MUL( T1 );
-    MPI_CHK( mpi_sub_mpi( &Y,   &T1,    &Y    ) );  MOD_SUB( Y  );
-
-    MPI_CHK( mpi_copy( &R->X, &X ) );
-    MPI_CHK( mpi_copy( &R->Y, &Y ) );
-    MPI_CHK( mpi_copy( &R->Z, &Z ) );
+    MPI_CHK( mpi_copy( &R->X, &X3 ) );
+    MPI_CHK( mpi_copy( &R->Y, &Y3 ) );
+    MPI_CHK( mpi_copy( &R->Z, &Z3 ) );
 
 cleanup:
-
     mpi_free( &T1 ); mpi_free( &T2 ); mpi_free( &T3 );
-    mpi_free( &X ); mpi_free( &Y ); mpi_free( &Z );
+    mpi_free( &X3 ); mpi_free( &Y3 ); mpi_free( &Z3 );
 
     return( ret );
 }
@@ -1495,13 +1608,13 @@
 
     /*
      * YY = Y^2
-     * RHS = X (X^2 - 3) + B = X^3 - 3X + B
+     * RHS = X (X^2 + A) + B = X^3 + A X + B
      */
-    MPI_CHK( mpi_mul_mpi( &YY,  &pt->Y,  &pt->Y   ) );  MOD_MUL( YY  );
-    MPI_CHK( mpi_mul_mpi( &RHS, &pt->X,  &pt->X   ) );  MOD_MUL( RHS );
-    MPI_CHK( mpi_sub_int( &RHS, &RHS,    3        ) );  MOD_SUB( RHS );
-    MPI_CHK( mpi_mul_mpi( &RHS, &RHS,    &pt->X   ) );  MOD_MUL( RHS );
-    MPI_CHK( mpi_add_mpi( &RHS, &RHS,    &grp->B  ) );  MOD_ADD( RHS );
+    MPI_CHK( mpi_mul_mpi( &YY,  &pt->Y,   &pt->Y  ) );  MOD_MUL( YY  );
+    MPI_CHK( mpi_mul_mpi( &RHS, &pt->X,   &pt->X  ) );  MOD_MUL( RHS );
+    MPI_CHK( mpi_add_mpi( &RHS, &RHS,     &grp->A ) );  MOD_ADD( RHS );
+    MPI_CHK( mpi_mul_mpi( &RHS, &RHS,     &pt->X  ) );  MOD_MUL( RHS );
+    MPI_CHK( mpi_add_mpi( &RHS, &RHS,     &grp->B ) );  MOD_ADD( RHS );
 
     if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
         ret = POLARSSL_ERR_ECP_INVALID_KEY;
@@ -1566,6 +1679,7 @@
     ecp_point R, P;
     mpi m;
     unsigned long add_c_prev, dbl_c_prev;
+    /* exponents especially adapted for secp192r1 */
     const char *exponents[] =
     {
         "000000000000000000000000000000000000000000000000", /* zero */
@@ -1582,27 +1696,12 @@
     ecp_point_init( &P );
     mpi_init( &m );
 
+    /* Use secp192r1 if available, or any available curve */
 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
     MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP192R1 ) );
 #else
-#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
-    MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP224R1 ) );
-#else
-#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
-    MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP256R1 ) );
-#else
-#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
-    MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP384R1 ) );
-#else
-#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
-    MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP521R1 ) );
-#else
-#error No curves defines
-#endif /* POLARSSL_ECP_DP_SECP512R1_ENABLED */
-#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */
-#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */
-#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */
-#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */
+    MPI_CHK( ecp_use_known_dp( &grp, ecp_curve_list()->grp_id ) );
+#endif
 
     if( verbose != 0 )
         printf( "  ECP test #1 (constant op_count, base point G): " );
diff --git a/library/oid.c b/library/oid.c
index 485fd4c..c9cfe48 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -406,6 +406,18 @@
         POLARSSL_ECP_DP_SECP521R1,
     },
     {
+        { ADD_LEN( OID_EC_GRP_BP256R1 ),   "brainpoolP256r1","brainpool256r1" },
+        POLARSSL_ECP_DP_BP256R1,
+    },
+    {
+        { ADD_LEN( OID_EC_GRP_BP384R1 ),   "brainpoolP384r1","brainpool384r1" },
+        POLARSSL_ECP_DP_BP384R1,
+    },
+    {
+        { ADD_LEN( OID_EC_GRP_BP512R1 ),   "brainpoolP512r1","brainpool512r1" },
+        POLARSSL_ECP_DP_BP512R1,
+    },
+    {
         { NULL, 0, NULL, NULL },
         0,
     },
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 3c1bc0a..4d5a06b 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -54,8 +54,8 @@
 #endif
 
 #define BUFSIZE         1024
-#define HEADER_FORMAT   "  %-16s :  "
-#define TITLE_LEN       17
+#define HEADER_FORMAT   "  %-18s :  "
+#define TITLE_LEN       19
 
 #if !defined(POLARSSL_TIMING_C)
 int main( int argc, char *argv[] )
diff --git a/tests/data_files/ec_bp256_prv.pem b/tests/data_files/ec_bp256_prv.pem
new file mode 100644
index 0000000..9d6a867
--- /dev/null
+++ b/tests/data_files/ec_bp256_prv.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHgCAQEEICFh1vLbdlJvpiwW81aoDwHzL3dnhLNqqZeZqLdmIID/oAsGCSskAwMC
+CAEBB6FEA0IABHaMjK5KvKYwbbDtgbDEpiFcN4Bm7G1hbBRuE/HH34CblqtpEcJ9
+igIznwkmhA5VI209HvviZp0JDkxMZg+tqR0=
+-----END EC PRIVATE KEY-----
diff --git a/tests/data_files/ec_bp256_pub.pem b/tests/data_files/ec_bp256_pub.pem
new file mode 100644
index 0000000..f738623
--- /dev/null
+++ b/tests/data_files/ec_bp256_pub.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABHaMjK5KvKYwbbDtgbDEpiFcN4Bm
+7G1hbBRuE/HH34CblqtpEcJ9igIznwkmhA5VI209HvviZp0JDkxMZg+tqR0=
+-----END PUBLIC KEY-----
diff --git a/tests/data_files/ec_bp384_prv.pem b/tests/data_files/ec_bp384_prv.pem
new file mode 100644
index 0000000..34e82db
--- /dev/null
+++ b/tests/data_files/ec_bp384_prv.pem
@@ -0,0 +1,6 @@
+-----BEGIN EC PRIVATE KEY-----
+MIGoAgEBBDA92S51DZDX05/BiFzYrRLqlEHyK5M0tNllICrbFEjOJMWAioXdmvwi
+mvCjEk91W8ugCwYJKyQDAwIIAQELoWQDYgAEcZ+dCTpifg01A4XGYc6/AMYZI1Zv
+6QBqMQevHYcbxrtomF/XIuoyvjFvjng7fNGVd4X2bPwMsZXdXJmo56uqhIVTpYTf
+0rSOdtRF/gDdi+WQlth31GltI7S8jbFHJOZq
+-----END EC PRIVATE KEY-----
diff --git a/tests/data_files/ec_bp384_pub.pem b/tests/data_files/ec_bp384_pub.pem
new file mode 100644
index 0000000..eb202e2
--- /dev/null
+++ b/tests/data_files/ec_bp384_pub.pem
@@ -0,0 +1,5 @@
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABHGfnQk6Yn4NNQOFxmHOvwDGGSNW
+b+kAajEHrx2HG8a7aJhf1yLqMr4xb454O3zRlXeF9mz8DLGV3VyZqOerqoSFU6WE
+39K0jnbURf4A3YvlkJbYd9RpbSO0vI2xRyTmag==
+-----END PUBLIC KEY-----
diff --git a/tests/data_files/ec_bp512_prv.pem b/tests/data_files/ec_bp512_prv.pem
new file mode 100644
index 0000000..a30c622
--- /dev/null
+++ b/tests/data_files/ec_bp512_prv.pem
@@ -0,0 +1,7 @@
+-----BEGIN EC PRIVATE KEY-----
+MIHaAgEBBEA3LJd49p9ybLyj9KJo8WtNYX0QKA15pqApzVGHn+EBKTTf5TlUVTN9
+9pBtx9bS7qTbsgZcAij3Oz7XFkgOfXHSoAsGCSskAwMCCAEBDaGBhQOBggAEOLfs
+krYcXGx/vCik7HWdSPzU4uN03v1cSWilTb73UQ5ReIb7/DjqOapSk1nXCnFWw108
+usfOd2vbJR3WS85xI0Qk7nBJ7tBy8NvE15mW4XXVV+JjdjrpcJXAgec+fbLjitw9
+TJoEh7Ht6HbcH8phyQLpodhyK4YSko8YokhFWRo=
+-----END EC PRIVATE KEY-----
diff --git a/tests/data_files/ec_bp512_pub.pem b/tests/data_files/ec_bp512_pub.pem
new file mode 100644
index 0000000..ff5d072
--- /dev/null
+++ b/tests/data_files/ec_bp512_pub.pem
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEOLfskrYcXGx/vCik7HWdSPzU
+4uN03v1cSWilTb73UQ5ReIb7/DjqOapSk1nXCnFWw108usfOd2vbJR3WS85xI0Qk
+7nBJ7tBy8NvE15mW4XXVV+JjdjrpcJXAgec+fbLjitw9TJoEh7Ht6HbcH8phyQLp
+odhyK4YSko8YokhFWRo=
+-----END PUBLIC KEY-----
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index 051264e..e5386bd 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -197,7 +197,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void aes_selftest()
 {
     TEST_ASSERT( aes_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function
index 759b0c2..73df59e 100644
--- a/tests/suites/test_suite_arc4.function
+++ b/tests/suites/test_suite_arc4.function
@@ -34,7 +34,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void arc4_selftest()
 {
     TEST_ASSERT( arc4_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function
index 6ac2f31..27b6c13 100644
--- a/tests/suites/test_suite_base64.function
+++ b/tests/suites/test_suite_base64.function
@@ -47,7 +47,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void base64_selftest()
 {
     TEST_ASSERT( base64_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function
index 55f6e7a..59785d2 100644
--- a/tests/suites/test_suite_camellia.function
+++ b/tests/suites/test_suite_camellia.function
@@ -197,7 +197,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void camellia_selftest()
 {
     TEST_ASSERT( camellia_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 81188ae..b8f1df3 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -487,7 +487,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void cipher_selftest()
 {
     TEST_ASSERT( cipher_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_des.function b/tests/suites/test_suite_des.function
index 5c5c1c9..ee327c9 100644
--- a/tests/suites/test_suite_des.function
+++ b/tests/suites/test_suite_des.function
@@ -314,7 +314,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void des_selftest()
 {
     TEST_ASSERT( des_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 6161b4c..d66998f 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -97,7 +97,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void dhm_selftest()
 {
     TEST_ASSERT( dhm_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index 1b4d14a..9eb302b 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -281,5 +281,17 @@
 depends_on:POLARSSL_ECP_DP_SECP521R1_ENABLED
 ecp_test_vect:POLARSSL_ECP_DP_SECP521R1:"0113F82DA825735E3D97276683B2B74277BAD27335EA71664AF2430CC4F33459B9669EE78B3FFB9B8683015D344DCBFEF6FB9AF4C6C470BE254516CD3C1A1FB47362":"01EBB34DD75721ABF8ADC9DBED17889CBB9765D90A7C60F2CEF007BB0F2B26E14881FD4442E689D61CB2DD046EE30E3FFD20F9A45BBDF6413D583A2DBF59924FD35C":"00F6B632D194C0388E22D8437E558C552AE195ADFD153F92D74908351B2F8C4EDA94EDB0916D1B53C020B5EECAED1A5FC38A233E4830587BB2EE3489B3B42A5A86A4":"00CEE3480D8645A17D249F2776D28BAE616952D1791FDB4B70F7C3378732AA1B22928448BCD1DC2496D435B01048066EBE4F72903C361B1A9DC1193DC2C9D0891B96":"010EBFAFC6E85E08D24BFFFCC1A4511DB0E634BEEB1B6DEC8C5939AE44766201AF6200430BA97C8AC6A0E9F08B33CE7E9FEEB5BA4EE5E0D81510C24295B8A08D0235":"00A4A6EC300DF9E257B0372B5E7ABFEF093436719A77887EBB0B18CF8099B9F4212B6E30A1419C18E029D36863CC9D448F4DBA4D2A0E60711BE572915FBD4FEF2695":"00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC":"00F9A71641029B7FC1A808AD07CD4861E868614B865AFBECAB1F2BD4D8B55EBCB5E3A53143CEB2C511B1AE0AF5AC827F60F2FD872565AC5CA0A164038FE980A7E4BD"
 
+ECP test vectors brainpoolP256r1 rfc 7027
+depends_on:POLARSSL_ECP_DP_BP256R1_ENABLED
+ecp_test_vect:POLARSSL_ECP_DP_BP256R1:"81DB1EE100150FF2EA338D708271BE38300CB54241D79950F77B063039804F1D":"44106E913F92BC02A1705D9953A8414DB95E1AAA49E81D9E85F929A8E3100BE5":"8AB4846F11CACCB73CE49CBDD120F5A900A69FD32C272223F789EF10EB089BDC":"55E40BC41E37E3E2AD25C3C6654511FFA8474A91A0032087593852D3E7D76BD3":"8D2D688C6CF93E1160AD04CC4429117DC2C41825E1E9FCA0ADDD34E6F1B39F7B":"990C57520812BE512641E47034832106BC7D3E8DD0E4C7F1136D7006547CEC6A":"89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B":"49C27868F4ECA2179BFD7D59B1E3BF34C1DBDE61AE12931648F43E59632504DE"
+
+ECP test vectors brainpoolP384r1 rfc 7027
+depends_on:POLARSSL_ECP_DP_BP384R1_ENABLED
+ecp_test_vect:POLARSSL_ECP_DP_BP384R1:"1E20F5E048A5886F1F157C74E91BDE2B98C8B52D58E5003D57053FC4B0BD65D6F15EB5D1EE1610DF870795143627D042":"68B665DD91C195800650CDD363C625F4E742E8134667B767B1B476793588F885AB698C852D4A6E77A252D6380FCAF068":"55BC91A39C9EC01DEE36017B7D673A931236D2F1F5C83942D049E3FA20607493E0D038FF2FD30C2AB67D15C85F7FAA59":"032640BC6003C59260F7250C3DB58CE647F98E1260ACCE4ACDA3DD869F74E01F8BA5E0324309DB6A9831497ABAC96670":"4D44326F269A597A5B58BBA565DA5556ED7FD9A8A9EB76C25F46DB69D19DC8CE6AD18E404B15738B2086DF37E71D1EB4":"62D692136DE56CBE93BF5FA3188EF58BC8A3A0EC6C1E151A21038A42E9185329B5B275903D192F8D4E1F32FE9CC78C48":"0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42":"0DF213417EBE4D8E40A5F76F66C56470C489A3478D146DECF6DF0D94BAE9E598157290F8756066975F1DB34B2324B7BD"
+
+ECP test vectors brainpoolP512r1 rfc 7027
+depends_on:POLARSSL_ECP_DP_BP512R1_ENABLED
+ecp_test_vect:POLARSSL_ECP_DP_BP512R1:"16302FF0DBBB5A8D733DAB7141C1B45ACBC8715939677F6A56850A38BD87BD59B09E80279609FF333EB9D4C061231FB26F92EEB04982A5F1D1764CAD57665422":"0A420517E406AAC0ACDCE90FCD71487718D3B953EFD7FBEC5F7F27E28C6149999397E91E029E06457DB2D3E640668B392C2A7E737A7F0BF04436D11640FD09FD":"72E6882E8DB28AAD36237CD25D580DB23783961C8DC52DFA2EC138AD472A0FCEF3887CF62B623B2A87DE5C588301EA3E5FC269B373B60724F5E82A6AD147FDE7":"230E18E1BCC88A362FA54E4EA3902009292F7F8033624FD471B5D8ACE49D12CFABBC19963DAB8E2F1EBA00BFFB29E4D72D13F2224562F405CB80503666B25429":"9D45F66DE5D67E2E6DB6E93A59CE0BB48106097FF78A081DE781CDB31FCE8CCBAAEA8DD4320C4119F1E9CD437A2EAB3731FA9668AB268D871DEDA55A5473199F":"2FDC313095BCDD5FB3A91636F07A959C8E86B5636A1E930E8396049CB481961D365CC11453A06C719835475B12CB52FC3C383BCE35E27EF194512B71876285FA":"A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F":"7DB71C3DEF63212841C463E881BDCF055523BD368240E6C3143BD8DEF8B3B3223B95E0F53082FF5E412F4222537A43DF1C6D25729DDB51620A832BE6A26680A2"
+
 ECP selftest
 ecp_selftest:
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 11221a1..6981f47 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -515,7 +515,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void ecp_selftest()
 {
     TEST_ASSERT( ecp_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function
index 349945a..b131e7a 100644
--- a/tests/suites/test_suite_gcm.function
+++ b/tests/suites/test_suite_gcm.function
@@ -108,7 +108,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void gcm_selftest()
 {
     TEST_ASSERT( gcm_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function
index 649a711..e9a8347 100644
--- a/tests/suites/test_suite_mdx.function
+++ b/tests/suites/test_suite_mdx.function
@@ -187,21 +187,21 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_MD2_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_MD2_C:POLARSSL_SELF_TEST */
 void md2_selftest()
 {
     TEST_ASSERT( md2_self_test( 0 ) == 0 );
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_MD4_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_MD4_C:POLARSSL_SELF_TEST */
 void md4_selftest()
 {
     TEST_ASSERT( md4_self_test( 0 ) == 0 );
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_MD5_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_MD5_C:POLARSSL_SELF_TEST */
 void md5_selftest()
 {
     TEST_ASSERT( md5_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index 7285749..e08b48d 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -681,7 +681,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void mpi_selftest()
 {
     TEST_ASSERT( mpi_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data
index 8434efb..dc13fdb 100644
--- a/tests/suites/test_suite_pkparse.data
+++ b/tests/suites/test_suite_pkparse.data
@@ -130,6 +130,18 @@
 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP521R1_ENABLED
 pk_parse_public_keyfile_ec:"data_files/ec_521_pub.pem":0
 
+Parse Public EC Key #7 (RFC 5480, brainpoolP256r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP256R1_ENABLED
+pk_parse_public_keyfile_ec:"data_files/ec_bp256_pub.pem":0
+
+Parse Public EC Key #8 (RFC 5480, brainpoolP384r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP384R1_ENABLED
+pk_parse_public_keyfile_ec:"data_files/ec_bp384_pub.pem":0
+
+Parse Public EC Key #9 (RFC 5480, brainpoolP512r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP512R1_ENABLED
+pk_parse_public_keyfile_ec:"data_files/ec_bp512_pub.pem":0
+
 Parse EC Key #1 (SEC1 DER)
 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0
@@ -174,6 +186,18 @@
 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP521R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_521_prv.pem":"NULL":0
 
+Parse EC Key #12 (SEC1 PEM, bp256r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP256R1_ENABLED
+pk_parse_keyfile_ec:"data_files/ec_bp256_prv.pem":"NULL":0
+
+Parse EC Key #13 (SEC1 PEM, bp384r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP384R1_ENABLED
+pk_parse_keyfile_ec:"data_files/ec_bp384_prv.pem":"NULL":0
+
+Parse EC Key #14 (SEC1 PEM, bp512r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP512R1_ENABLED
+pk_parse_keyfile_ec:"data_files/ec_bp512_prv.pem":"NULL":0
+
 Key ASN1 (Incorrect first tag)
 pk_parse_key_rsa:"":"":POLARSSL_ERR_PK_KEY_INVALID_FORMAT
 
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 9bc8a24..29651cc 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -532,7 +532,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void rsa_selftest()
 {
     TEST_ASSERT( rsa_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function
index 6449881..73190dc 100644
--- a/tests/suites/test_suite_shax.function
+++ b/tests/suites/test_suite_shax.function
@@ -189,21 +189,21 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SHA1_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SHA1_C:POLARSSL_SELF_TEST */
 void sha1_selftest()
 {
     TEST_ASSERT( sha1_self_test( 0 ) == 0 );
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SHA256_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SHA256_C:POLARSSL_SELF_TEST */
 void sha256_selftest()
 {
     TEST_ASSERT( sha256_self_test( 0 ) == 0 );
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SHA512_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SHA512_C:POLARSSL_SELF_TEST */
 void sha512_selftest()
 {
     TEST_ASSERT( sha512_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 2add9e3..ff57058 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -224,7 +224,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELF_TEST */
 void x509_selftest()
 {
     TEST_ASSERT( x509_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function
index fd6189c..091752f 100644
--- a/tests/suites/test_suite_xtea.function
+++ b/tests/suites/test_suite_xtea.function
@@ -59,7 +59,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void xtea_selftest()
 {
     TEST_ASSERT( xtea_self_test( 0 ) == 0 );