Squashed 'lib/mbedtls/external/mbedtls/' content from commit 2ca6c285a0dd
git-subtree-dir: lib/mbedtls/external/mbedtls
git-subtree-split: 2ca6c285a0dd3f33982dd57299012dacab1ff206
diff --git a/tests/include/alt-dummy/aes_alt.h b/tests/include/alt-dummy/aes_alt.h
new file mode 100644
index 0000000..dc47dd1
--- /dev/null
+++ b/tests/include/alt-dummy/aes_alt.h
@@ -0,0 +1,23 @@
+/* aes_alt.h with dummy types for MBEDTLS_AES_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef AES_ALT_H
+#define AES_ALT_H
+
+typedef struct mbedtls_aes_context {
+ int dummy;
+}
+mbedtls_aes_context;
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+
+typedef struct mbedtls_aes_xts_context {
+ int dummy;
+} mbedtls_aes_xts_context;
+#endif
+
+
+#endif /* aes_alt.h */
diff --git a/tests/include/alt-dummy/aria_alt.h b/tests/include/alt-dummy/aria_alt.h
new file mode 100644
index 0000000..94db8c7
--- /dev/null
+++ b/tests/include/alt-dummy/aria_alt.h
@@ -0,0 +1,16 @@
+/* aria_alt.h with dummy types for MBEDTLS_ARIA_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef ARIA_ALT_H
+#define ARIA_ALT_H
+
+typedef struct mbedtls_aria_context {
+ int dummy;
+}
+mbedtls_aria_context;
+
+
+#endif /* aria_alt.h */
diff --git a/tests/include/alt-dummy/camellia_alt.h b/tests/include/alt-dummy/camellia_alt.h
new file mode 100644
index 0000000..97bc16b
--- /dev/null
+++ b/tests/include/alt-dummy/camellia_alt.h
@@ -0,0 +1,16 @@
+/* camellia_alt.h with dummy types for MBEDTLS_CAMELLIA_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef CAMELLIA_ALT_H
+#define CAMELLIA_ALT_H
+
+typedef struct mbedtls_camellia_context {
+ int dummy;
+}
+mbedtls_camellia_context;
+
+
+#endif /* camellia_alt.h */
diff --git a/tests/include/alt-dummy/ccm_alt.h b/tests/include/alt-dummy/ccm_alt.h
new file mode 100644
index 0000000..c25f42b
--- /dev/null
+++ b/tests/include/alt-dummy/ccm_alt.h
@@ -0,0 +1,16 @@
+/* ccm_alt.h with dummy types for MBEDTLS_CCM_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef CCM_ALT_H
+#define CCM_ALT_H
+
+typedef struct mbedtls_ccm_context {
+ int dummy;
+}
+mbedtls_ccm_context;
+
+
+#endif /* ccm_alt.h */
diff --git a/tests/include/alt-dummy/chacha20_alt.h b/tests/include/alt-dummy/chacha20_alt.h
new file mode 100644
index 0000000..6fd84d0
--- /dev/null
+++ b/tests/include/alt-dummy/chacha20_alt.h
@@ -0,0 +1,16 @@
+/* chacha20_alt.h with dummy types for MBEDTLS_CHACHA20_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef CHACHA20_ALT_H
+#define CHACHA20_ALT_H
+
+typedef struct mbedtls_chacha20_context {
+ int dummy;
+}
+mbedtls_chacha20_context;
+
+
+#endif /* chacha20_alt.h */
diff --git a/tests/include/alt-dummy/chachapoly_alt.h b/tests/include/alt-dummy/chachapoly_alt.h
new file mode 100644
index 0000000..de28ced
--- /dev/null
+++ b/tests/include/alt-dummy/chachapoly_alt.h
@@ -0,0 +1,18 @@
+/* chachapoly_alt.h with dummy types for MBEDTLS_CHACHAPOLY_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef CHACHAPOLY_ALT_H
+#define CHACHAPOLY_ALT_H
+
+#include "mbedtls/chacha20.h"
+
+typedef struct mbedtls_chachapoly_context {
+ int dummy;
+}
+mbedtls_chachapoly_context;
+
+
+#endif /* chachapoly_alt.h */
diff --git a/tests/include/alt-dummy/cmac_alt.h b/tests/include/alt-dummy/cmac_alt.h
new file mode 100644
index 0000000..68b53d7
--- /dev/null
+++ b/tests/include/alt-dummy/cmac_alt.h
@@ -0,0 +1,15 @@
+/* cmac_alt.h with dummy types for MBEDTLS_CMAC_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef CMAC_ALT_H
+#define CMAC_ALT_H
+
+struct mbedtls_cmac_context_t {
+ int dummy;
+};
+
+
+#endif /* cmac_alt.h */
diff --git a/tests/include/alt-dummy/des_alt.h b/tests/include/alt-dummy/des_alt.h
new file mode 100644
index 0000000..d079861
--- /dev/null
+++ b/tests/include/alt-dummy/des_alt.h
@@ -0,0 +1,22 @@
+/* des_alt.h with dummy types for MBEDTLS_DES_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ *
+ */
+
+#ifndef DES_ALT_H
+#define DES_ALT_H
+
+typedef struct mbedtls_des_context {
+ int dummy;
+}
+mbedtls_des_context;
+
+typedef struct mbedtls_des3_context {
+ int dummy;
+}
+mbedtls_des3_context;
+
+
+#endif /* des_alt.h */
diff --git a/tests/include/alt-dummy/dhm_alt.h b/tests/include/alt-dummy/dhm_alt.h
new file mode 100644
index 0000000..3cb51d2
--- /dev/null
+++ b/tests/include/alt-dummy/dhm_alt.h
@@ -0,0 +1,16 @@
+/* dhm_alt.h with dummy types for MBEDTLS_DHM_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef DHM_ALT_H
+#define DHM_ALT_H
+
+typedef struct mbedtls_dhm_context {
+ int dummy;
+}
+mbedtls_dhm_context;
+
+
+#endif /* dhm_alt.h */
diff --git a/tests/include/alt-dummy/ecjpake_alt.h b/tests/include/alt-dummy/ecjpake_alt.h
new file mode 100644
index 0000000..4d75248
--- /dev/null
+++ b/tests/include/alt-dummy/ecjpake_alt.h
@@ -0,0 +1,15 @@
+/* ecjpake_alt.h with dummy types for MBEDTLS_ECJPAKE_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef ECJPAKE_ALT_H
+#define ECJPAKE_ALT_H
+
+typedef struct mbedtls_ecjpake_context {
+ int dummy;
+} mbedtls_ecjpake_context;
+
+
+#endif /* ecjpake_alt.h */
diff --git a/tests/include/alt-dummy/ecp_alt.h b/tests/include/alt-dummy/ecp_alt.h
new file mode 100644
index 0000000..d204b18
--- /dev/null
+++ b/tests/include/alt-dummy/ecp_alt.h
@@ -0,0 +1,22 @@
+/* ecp_alt.h with dummy types for MBEDTLS_ECP_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef ECP_ALT_H
+#define ECP_ALT_H
+
+typedef struct mbedtls_ecp_group {
+ const mbedtls_ecp_group_id id;
+ const mbedtls_mpi P;
+ const mbedtls_mpi A;
+ const mbedtls_mpi B;
+ const mbedtls_ecp_point G;
+ const mbedtls_mpi N;
+ const size_t pbits;
+ const size_t nbits;
+}
+mbedtls_ecp_group;
+
+#endif /* ecp_alt.h */
diff --git a/tests/include/alt-dummy/gcm_alt.h b/tests/include/alt-dummy/gcm_alt.h
new file mode 100644
index 0000000..cfa73d2
--- /dev/null
+++ b/tests/include/alt-dummy/gcm_alt.h
@@ -0,0 +1,16 @@
+/* gcm_alt.h with dummy types for MBEDTLS_GCM_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef GCM_ALT_H
+#define GCM_ALT_H
+
+typedef struct mbedtls_gcm_context {
+ int dummy;
+}
+mbedtls_gcm_context;
+
+
+#endif /* gcm_alt.h */
diff --git a/tests/include/alt-dummy/md5_alt.h b/tests/include/alt-dummy/md5_alt.h
new file mode 100644
index 0000000..e3a15d7
--- /dev/null
+++ b/tests/include/alt-dummy/md5_alt.h
@@ -0,0 +1,16 @@
+/* md5_alt.h with dummy types for MBEDTLS_MD5_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MD5_ALT_H
+#define MD5_ALT_H
+
+typedef struct mbedtls_md5_context {
+ int dummy;
+}
+mbedtls_md5_context;
+
+
+#endif /* md5_alt.h */
diff --git a/tests/include/alt-dummy/nist_kw_alt.h b/tests/include/alt-dummy/nist_kw_alt.h
new file mode 100644
index 0000000..1274d40
--- /dev/null
+++ b/tests/include/alt-dummy/nist_kw_alt.h
@@ -0,0 +1,15 @@
+/* nist_kw_alt.h with dummy types for MBEDTLS_NIST_KW_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef NIST_KW_ALT_H
+#define NIST_KW_ALT_H
+
+typedef struct {
+ int dummy;
+} mbedtls_nist_kw_context;
+
+
+#endif /* nist_kw_alt.h */
diff --git a/tests/include/alt-dummy/platform_alt.h b/tests/include/alt-dummy/platform_alt.h
new file mode 100644
index 0000000..6757392
--- /dev/null
+++ b/tests/include/alt-dummy/platform_alt.h
@@ -0,0 +1,16 @@
+/* platform_alt.h with dummy types for MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PLATFORM_ALT_H
+#define PLATFORM_ALT_H
+
+typedef struct mbedtls_platform_context {
+ int dummy;
+}
+mbedtls_platform_context;
+
+
+#endif /* platform_alt.h */
diff --git a/tests/include/alt-dummy/poly1305_alt.h b/tests/include/alt-dummy/poly1305_alt.h
new file mode 100644
index 0000000..c8ed1bc
--- /dev/null
+++ b/tests/include/alt-dummy/poly1305_alt.h
@@ -0,0 +1,16 @@
+/* poly1305_alt.h with dummy types for MBEDTLS_POLY1305_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef POLY1305_ALT_H
+#define POLY1305_ALT_H
+
+typedef struct mbedtls_poly1305_context {
+ int dummy;
+}
+mbedtls_poly1305_context;
+
+
+#endif /* poly1305_alt.h */
diff --git a/tests/include/alt-dummy/ripemd160_alt.h b/tests/include/alt-dummy/ripemd160_alt.h
new file mode 100644
index 0000000..72ae47e
--- /dev/null
+++ b/tests/include/alt-dummy/ripemd160_alt.h
@@ -0,0 +1,16 @@
+/* ripemd160_alt.h with dummy types for MBEDTLS_RIPEMD160_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef RIPEMD160_ALT_H
+#define RIPEMD160_ALT_H
+
+typedef struct mbedtls_ripemd160_context {
+ int dummy;
+}
+mbedtls_ripemd160_context;
+
+
+#endif /* ripemd160_alt.h */
diff --git a/tests/include/alt-dummy/rsa_alt.h b/tests/include/alt-dummy/rsa_alt.h
new file mode 100644
index 0000000..eabc26d
--- /dev/null
+++ b/tests/include/alt-dummy/rsa_alt.h
@@ -0,0 +1,16 @@
+/* rsa_alt.h with dummy types for MBEDTLS_RSA_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef RSA_ALT_H
+#define RSA_ALT_H
+
+typedef struct mbedtls_rsa_context {
+ int dummy;
+}
+mbedtls_rsa_context;
+
+
+#endif /* rsa_alt.h */
diff --git a/tests/include/alt-dummy/sha1_alt.h b/tests/include/alt-dummy/sha1_alt.h
new file mode 100644
index 0000000..d8ac971
--- /dev/null
+++ b/tests/include/alt-dummy/sha1_alt.h
@@ -0,0 +1,16 @@
+/* sha1_alt.h with dummy types for MBEDTLS_SHA1_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef SHA1_ALT_H
+#define SHA1_ALT_H
+
+typedef struct mbedtls_sha1_context {
+ int dummy;
+}
+mbedtls_sha1_context;
+
+
+#endif /* sha1_alt.h */
diff --git a/tests/include/alt-dummy/sha256_alt.h b/tests/include/alt-dummy/sha256_alt.h
new file mode 100644
index 0000000..b1900ad
--- /dev/null
+++ b/tests/include/alt-dummy/sha256_alt.h
@@ -0,0 +1,16 @@
+/* sha256_alt.h with dummy types for MBEDTLS_SHA256_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef SHA256_ALT_H
+#define SHA256_ALT_H
+
+typedef struct mbedtls_sha256_context {
+ int dummy;
+}
+mbedtls_sha256_context;
+
+
+#endif /* sha256_alt.h */
diff --git a/tests/include/alt-dummy/sha512_alt.h b/tests/include/alt-dummy/sha512_alt.h
new file mode 100644
index 0000000..857bc91
--- /dev/null
+++ b/tests/include/alt-dummy/sha512_alt.h
@@ -0,0 +1,16 @@
+/* sha512_alt.h with dummy types for MBEDTLS_SHA512_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef SHA512_ALT_H
+#define SHA512_ALT_H
+
+typedef struct mbedtls_sha512_context {
+ int dummy;
+}
+mbedtls_sha512_context;
+
+
+#endif /* sha512_alt.h */
diff --git a/tests/include/alt-dummy/threading_alt.h b/tests/include/alt-dummy/threading_alt.h
new file mode 100644
index 0000000..07d5da4
--- /dev/null
+++ b/tests/include/alt-dummy/threading_alt.h
@@ -0,0 +1,14 @@
+/* threading_alt.h with dummy types for MBEDTLS_THREADING_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef THREADING_ALT_H
+#define THREADING_ALT_H
+
+typedef struct mbedtls_threading_mutex_t {
+ int dummy;
+} mbedtls_threading_mutex_t;
+
+#endif /* threading_alt.h */
diff --git a/tests/include/alt-dummy/timing_alt.h b/tests/include/alt-dummy/timing_alt.h
new file mode 100644
index 0000000..69bee60
--- /dev/null
+++ b/tests/include/alt-dummy/timing_alt.h
@@ -0,0 +1,19 @@
+/* timing_alt.h with dummy types for MBEDTLS_TIMING_ALT */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TIMING_ALT_H
+#define TIMING_ALT_H
+
+struct mbedtls_timing_hr_time {
+ int dummy;
+};
+
+typedef struct mbedtls_timing_delay_context {
+ int dummy;
+} mbedtls_timing_delay_context;
+
+
+#endif /* timing_alt.h */
diff --git a/tests/include/alt-extra/psa/crypto.h b/tests/include/alt-extra/psa/crypto.h
new file mode 100644
index 0000000..005f3ae
--- /dev/null
+++ b/tests/include/alt-extra/psa/crypto.h
@@ -0,0 +1,7 @@
+/* The goal of the include/alt-extra directory is to test what happens
+ * if certain files come _after_ the normal include directory.
+ * Make sure that if the alt-extra directory comes before the normal
+ * directory (so we wouldn't be achieving our test objective), the build
+ * will fail.
+ */
+#error "The normal include directory must come first in the include path"
diff --git a/tests/include/baremetal-override/time.h b/tests/include/baremetal-override/time.h
new file mode 100644
index 0000000..0a44275
--- /dev/null
+++ b/tests/include/baremetal-override/time.h
@@ -0,0 +1,6 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#error "time.h included in a configuration without MBEDTLS_HAVE_TIME"
diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h
new file mode 100644
index 0000000..fdf3a2d
--- /dev/null
+++ b/tests/include/spe/crypto_spe.h
@@ -0,0 +1,131 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ *
+ */
+
+/**
+ * \file crypto_spe.h
+ *
+ * \brief When Mbed TLS is built with the MBEDTLS_PSA_CRYPTO_SPM option
+ * enabled, this header is included by all .c files in Mbed TLS that
+ * use PSA Crypto function names. This avoids duplication of symbols
+ * between TF-M and Mbed TLS.
+ *
+ * \note This file should be included before including any PSA Crypto headers
+ * from Mbed TLS.
+ */
+
+#ifndef CRYPTO_SPE_H
+#define CRYPTO_SPE_H
+
+#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x
+
+#define psa_crypto_init \
+ PSA_FUNCTION_NAME(psa_crypto_init)
+#define psa_key_derivation_get_capacity \
+ PSA_FUNCTION_NAME(psa_key_derivation_get_capacity)
+#define psa_key_derivation_set_capacity \
+ PSA_FUNCTION_NAME(psa_key_derivation_set_capacity)
+#define psa_key_derivation_input_bytes \
+ PSA_FUNCTION_NAME(psa_key_derivation_input_bytes)
+#define psa_key_derivation_output_bytes \
+ PSA_FUNCTION_NAME(psa_key_derivation_output_bytes)
+#define psa_key_derivation_input_key \
+ PSA_FUNCTION_NAME(psa_key_derivation_input_key)
+#define psa_key_derivation_output_key \
+ PSA_FUNCTION_NAME(psa_key_derivation_output_key)
+#define psa_key_derivation_setup \
+ PSA_FUNCTION_NAME(psa_key_derivation_setup)
+#define psa_key_derivation_abort \
+ PSA_FUNCTION_NAME(psa_key_derivation_abort)
+#define psa_key_derivation_key_agreement \
+ PSA_FUNCTION_NAME(psa_key_derivation_key_agreement)
+#define psa_raw_key_agreement \
+ PSA_FUNCTION_NAME(psa_raw_key_agreement)
+#define psa_generate_random \
+ PSA_FUNCTION_NAME(psa_generate_random)
+#define psa_aead_encrypt \
+ PSA_FUNCTION_NAME(psa_aead_encrypt)
+#define psa_aead_decrypt \
+ PSA_FUNCTION_NAME(psa_aead_decrypt)
+#define psa_open_key \
+ PSA_FUNCTION_NAME(psa_open_key)
+#define psa_close_key \
+ PSA_FUNCTION_NAME(psa_close_key)
+#define psa_import_key \
+ PSA_FUNCTION_NAME(psa_import_key)
+#define psa_destroy_key \
+ PSA_FUNCTION_NAME(psa_destroy_key)
+#define psa_get_key_attributes \
+ PSA_FUNCTION_NAME(psa_get_key_attributes)
+#define psa_reset_key_attributes \
+ PSA_FUNCTION_NAME(psa_reset_key_attributes)
+#define psa_export_key \
+ PSA_FUNCTION_NAME(psa_export_key)
+#define psa_export_public_key \
+ PSA_FUNCTION_NAME(psa_export_public_key)
+#define psa_purge_key \
+ PSA_FUNCTION_NAME(psa_purge_key)
+#define psa_copy_key \
+ PSA_FUNCTION_NAME(psa_copy_key)
+#define psa_cipher_operation_init \
+ PSA_FUNCTION_NAME(psa_cipher_operation_init)
+#define psa_cipher_generate_iv \
+ PSA_FUNCTION_NAME(psa_cipher_generate_iv)
+#define psa_cipher_set_iv \
+ PSA_FUNCTION_NAME(psa_cipher_set_iv)
+#define psa_cipher_encrypt_setup \
+ PSA_FUNCTION_NAME(psa_cipher_encrypt_setup)
+#define psa_cipher_decrypt_setup \
+ PSA_FUNCTION_NAME(psa_cipher_decrypt_setup)
+#define psa_cipher_update \
+ PSA_FUNCTION_NAME(psa_cipher_update)
+#define psa_cipher_finish \
+ PSA_FUNCTION_NAME(psa_cipher_finish)
+#define psa_cipher_abort \
+ PSA_FUNCTION_NAME(psa_cipher_abort)
+#define psa_hash_operation_init \
+ PSA_FUNCTION_NAME(psa_hash_operation_init)
+#define psa_hash_setup \
+ PSA_FUNCTION_NAME(psa_hash_setup)
+#define psa_hash_update \
+ PSA_FUNCTION_NAME(psa_hash_update)
+#define psa_hash_finish \
+ PSA_FUNCTION_NAME(psa_hash_finish)
+#define psa_hash_verify \
+ PSA_FUNCTION_NAME(psa_hash_verify)
+#define psa_hash_abort \
+ PSA_FUNCTION_NAME(psa_hash_abort)
+#define psa_hash_clone \
+ PSA_FUNCTION_NAME(psa_hash_clone)
+#define psa_hash_compute \
+ PSA_FUNCTION_NAME(psa_hash_compute)
+#define psa_hash_compare \
+ PSA_FUNCTION_NAME(psa_hash_compare)
+#define psa_mac_operation_init \
+ PSA_FUNCTION_NAME(psa_mac_operation_init)
+#define psa_mac_sign_setup \
+ PSA_FUNCTION_NAME(psa_mac_sign_setup)
+#define psa_mac_verify_setup \
+ PSA_FUNCTION_NAME(psa_mac_verify_setup)
+#define psa_mac_update \
+ PSA_FUNCTION_NAME(psa_mac_update)
+#define psa_mac_sign_finish \
+ PSA_FUNCTION_NAME(psa_mac_sign_finish)
+#define psa_mac_verify_finish \
+ PSA_FUNCTION_NAME(psa_mac_verify_finish)
+#define psa_mac_abort \
+ PSA_FUNCTION_NAME(psa_mac_abort)
+#define psa_sign_hash \
+ PSA_FUNCTION_NAME(psa_sign_hash)
+#define psa_verify_hash \
+ PSA_FUNCTION_NAME(psa_verify_hash)
+#define psa_asymmetric_encrypt \
+ PSA_FUNCTION_NAME(psa_asymmetric_encrypt)
+#define psa_asymmetric_decrypt \
+ PSA_FUNCTION_NAME(psa_asymmetric_decrypt)
+#define psa_generate_key \
+ PSA_FUNCTION_NAME(psa_generate_key)
+
+#endif /* CRYPTO_SPE_H */
diff --git a/tests/include/test/arguments.h b/tests/include/test/arguments.h
new file mode 100644
index 0000000..6d267b6
--- /dev/null
+++ b/tests/include/test/arguments.h
@@ -0,0 +1,26 @@
+/**
+ * \file arguments.h
+ *
+ * \brief Manipulation of test arguments.
+ *
+ * Much of the code is in host_test.function, to be migrated here later.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_ARGUMENTS_H
+#define TEST_ARGUMENTS_H
+
+#include "mbedtls/build_info.h"
+#include <stdint.h>
+#include <stdlib.h>
+
+typedef union {
+ size_t len;
+ intmax_t sint;
+} mbedtls_test_argument_t;
+
+#endif /* TEST_ARGUMENTS_H */
diff --git a/tests/include/test/asn1_helpers.h b/tests/include/test/asn1_helpers.h
new file mode 100644
index 0000000..2eb9171
--- /dev/null
+++ b/tests/include/test/asn1_helpers.h
@@ -0,0 +1,38 @@
+/** Helper functions for tests that manipulate ASN.1 data.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef ASN1_HELPERS_H
+#define ASN1_HELPERS_H
+
+#include "test/helpers.h"
+
+/** Skip past an INTEGER in an ASN.1 buffer.
+ *
+ * Mark the current test case as failed in any of the following conditions:
+ * - The buffer does not start with an ASN.1 INTEGER.
+ * - The integer's size or parity does not match the constraints expressed
+ * through \p min_bits, \p max_bits and \p must_be_odd.
+ *
+ * \param p Upon entry, `*p` points to the first byte of the
+ * buffer to parse.
+ * On successful return, `*p` points to the first byte
+ * after the parsed INTEGER.
+ * On failure, `*p` is unspecified.
+ * \param end The end of the ASN.1 buffer.
+ * \param min_bits Fail the test case if the integer does not have at
+ * least this many significant bits.
+ * \param max_bits Fail the test case if the integer has more than
+ * this many significant bits.
+ * \param must_be_odd Fail the test case if the integer is even.
+ *
+ * \return \c 0 if the test failed, otherwise 1.
+ */
+int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end,
+ size_t min_bits, size_t max_bits,
+ int must_be_odd);
+
+#endif /* ASN1_HELPERS_H */
diff --git a/tests/include/test/bignum_helpers.h b/tests/include/test/bignum_helpers.h
new file mode 100644
index 0000000..a5e49cb
--- /dev/null
+++ b/tests/include/test/bignum_helpers.h
@@ -0,0 +1,98 @@
+/**
+ * \file bignum_helpers.h
+ *
+ * \brief This file contains the prototypes of helper functions for
+ * bignum-related testing.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_BIGNUM_HELPERS_H
+#define TEST_BIGNUM_HELPERS_H
+
+#include <mbedtls/build_info.h>
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+#include <mbedtls/bignum.h>
+#include <bignum_mod.h>
+
+/** Allocate and populate a core MPI from a test case argument.
+ *
+ * This function allocates exactly as many limbs as necessary to fit
+ * the length of the input. In other words, it preserves leading zeros.
+ *
+ * The limb array is allocated with mbedtls_calloc() and must later be
+ * freed with mbedtls_free().
+ *
+ * \param[in,out] pX The address where a pointer to the allocated limb
+ * array will be stored.
+ * \c *pX must be null on entry.
+ * On exit, \c *pX is null on error or if the number
+ * of limbs is 0.
+ * \param[out] plimbs The address where the number of limbs will be stored.
+ * \param[in] input The test argument to read.
+ * It is interpreted as a hexadecimal representation
+ * of a non-negative integer.
+ *
+ * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
+ */
+int mbedtls_test_read_mpi_core(mbedtls_mpi_uint **pX, size_t *plimbs,
+ const char *input);
+
+/** Read a modulus from a hexadecimal string.
+ *
+ * This function allocates exactly as many limbs as necessary to fit
+ * the length of the input. In other words, it preserves leading zeros.
+ *
+ * The limb array is allocated with mbedtls_calloc() and must later be
+ * freed with mbedtls_free(). You can do that by calling
+ * mbedtls_test_mpi_mod_modulus_free_with_limbs().
+ *
+ * \param[in,out] N A modulus structure. It must be initialized, but
+ * not set up.
+ * \param[in] s The null-terminated hexadecimal string to read from.
+ * \param int_rep The desired representation of residues.
+ *
+ * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
+ */
+int mbedtls_test_read_mpi_modulus(mbedtls_mpi_mod_modulus *N,
+ const char *s,
+ mbedtls_mpi_mod_rep_selector int_rep);
+
+/** Free a modulus and its limbs.
+ *
+ * \param[in] N A modulus structure such that there is no other
+ * reference to `N->p`.
+ */
+void mbedtls_test_mpi_mod_modulus_free_with_limbs(mbedtls_mpi_mod_modulus *N);
+
+/** Read an MPI from a hexadecimal string.
+ *
+ * Like mbedtls_mpi_read_string(), but with tighter guarantees around
+ * edge cases.
+ *
+ * - This function guarantees that if \p s begins with '-' then the sign
+ * bit of the result will be negative, even if the value is 0.
+ * When this function encounters such a "negative 0", it calls
+ * mbedtls_test_increment_case_uses_negative_0().
+ * - The size of the result is exactly the minimum number of limbs needed to fit
+ * the digits in the input. In particular, this function constructs a bignum
+ * with 0 limbs for an empty string, and a bignum with leading 0 limbs if the
+ * string has sufficiently many leading 0 digits. This is important so that
+ * the "0 (null)" and "0 (1 limb)" and "leading zeros" test cases do what they
+ * claim.
+ *
+ * \param[out] X The MPI object to populate. It must be initialized.
+ * \param[in] s The null-terminated hexadecimal string to read from.
+ *
+ * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
+ */
+int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s);
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+#endif /* TEST_BIGNUM_HELPERS_H */
diff --git a/tests/include/test/certs.h b/tests/include/test/certs.h
new file mode 100644
index 0000000..db69536
--- /dev/null
+++ b/tests/include/test/certs.h
@@ -0,0 +1,234 @@
+/**
+ * \file certs.h
+ *
+ * \brief Sample certificates and DHM parameters for testing
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_CERTS_H
+#define MBEDTLS_CERTS_H
+
+#include "mbedtls/build_info.h"
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* List of all PEM-encoded CA certificates, terminated by NULL;
+ * PEM encoded if MBEDTLS_PEM_PARSE_C is enabled, DER encoded
+ * otherwise. */
+extern const char *mbedtls_test_cas[];
+extern const size_t mbedtls_test_cas_len[];
+
+/* List of all DER-encoded CA certificates, terminated by NULL */
+extern const unsigned char *mbedtls_test_cas_der[];
+extern const size_t mbedtls_test_cas_der_len[];
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+/* Concatenation of all CA certificates in PEM format if available */
+extern const char mbedtls_test_cas_pem[];
+extern const size_t mbedtls_test_cas_pem_len;
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+/*
+ * CA test certificates
+ */
+
+extern const char mbedtls_test_ca_crt_ec_pem[];
+extern const char mbedtls_test_ca_key_ec_pem[];
+extern const char mbedtls_test_ca_pwd_ec_pem[];
+extern const char mbedtls_test_ca_key_rsa_pem[];
+extern const char mbedtls_test_ca_pwd_rsa_pem[];
+extern const char mbedtls_test_ca_crt_rsa_sha1_pem[];
+extern const char mbedtls_test_ca_crt_rsa_sha256_pem[];
+
+extern const unsigned char mbedtls_test_ca_crt_ec_der[];
+extern const unsigned char mbedtls_test_ca_key_ec_der[];
+extern const unsigned char mbedtls_test_ca_key_rsa_der[];
+extern const unsigned char mbedtls_test_ca_crt_rsa_sha1_der[];
+extern const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[];
+
+extern const size_t mbedtls_test_ca_crt_ec_pem_len;
+extern const size_t mbedtls_test_ca_key_ec_pem_len;
+extern const size_t mbedtls_test_ca_pwd_ec_pem_len;
+extern const size_t mbedtls_test_ca_key_rsa_pem_len;
+extern const size_t mbedtls_test_ca_pwd_rsa_pem_len;
+extern const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len;
+extern const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len;
+
+extern const size_t mbedtls_test_ca_crt_ec_der_len;
+extern const size_t mbedtls_test_ca_key_ec_der_len;
+extern const size_t mbedtls_test_ca_pwd_ec_der_len;
+extern const size_t mbedtls_test_ca_key_rsa_der_len;
+extern const size_t mbedtls_test_ca_pwd_rsa_der_len;
+extern const size_t mbedtls_test_ca_crt_rsa_sha1_der_len;
+extern const size_t mbedtls_test_ca_crt_rsa_sha256_der_len;
+
+/* Config-dependent dispatch between PEM and DER encoding
+ * (PEM if enabled, otherwise DER) */
+
+extern const char mbedtls_test_ca_crt_ec[];
+extern const char mbedtls_test_ca_key_ec[];
+extern const char mbedtls_test_ca_pwd_ec[];
+extern const char mbedtls_test_ca_key_rsa[];
+extern const char mbedtls_test_ca_pwd_rsa[];
+extern const char mbedtls_test_ca_crt_rsa_sha1[];
+extern const char mbedtls_test_ca_crt_rsa_sha256[];
+
+extern const size_t mbedtls_test_ca_crt_ec_len;
+extern const size_t mbedtls_test_ca_key_ec_len;
+extern const size_t mbedtls_test_ca_pwd_ec_len;
+extern const size_t mbedtls_test_ca_key_rsa_len;
+extern const size_t mbedtls_test_ca_pwd_rsa_len;
+extern const size_t mbedtls_test_ca_crt_rsa_sha1_len;
+extern const size_t mbedtls_test_ca_crt_rsa_sha256_len;
+
+/* Config-dependent dispatch between SHA-1 and SHA-256
+ * (SHA-256 if enabled, otherwise SHA-1) */
+
+extern const char mbedtls_test_ca_crt_rsa[];
+extern const size_t mbedtls_test_ca_crt_rsa_len;
+
+/* Config-dependent dispatch between EC and RSA
+ * (RSA if enabled, otherwise EC) */
+
+extern const char *mbedtls_test_ca_crt;
+extern const char *mbedtls_test_ca_key;
+extern const char *mbedtls_test_ca_pwd;
+extern const size_t mbedtls_test_ca_crt_len;
+extern const size_t mbedtls_test_ca_key_len;
+extern const size_t mbedtls_test_ca_pwd_len;
+
+/*
+ * Server test certificates
+ */
+
+extern const char mbedtls_test_srv_crt_ec_pem[];
+extern const char mbedtls_test_srv_key_ec_pem[];
+extern const char mbedtls_test_srv_pwd_ec_pem[];
+extern const char mbedtls_test_srv_key_rsa_pem[];
+extern const char mbedtls_test_srv_pwd_rsa_pem[];
+extern const char mbedtls_test_srv_crt_rsa_sha1_pem[];
+extern const char mbedtls_test_srv_crt_rsa_sha256_pem[];
+
+extern const unsigned char mbedtls_test_srv_crt_ec_der[];
+extern const unsigned char mbedtls_test_srv_key_ec_der[];
+extern const unsigned char mbedtls_test_srv_key_rsa_der[];
+extern const unsigned char mbedtls_test_srv_crt_rsa_sha1_der[];
+extern const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[];
+
+extern const size_t mbedtls_test_srv_crt_ec_pem_len;
+extern const size_t mbedtls_test_srv_key_ec_pem_len;
+extern const size_t mbedtls_test_srv_pwd_ec_pem_len;
+extern const size_t mbedtls_test_srv_key_rsa_pem_len;
+extern const size_t mbedtls_test_srv_pwd_rsa_pem_len;
+extern const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len;
+extern const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len;
+
+extern const size_t mbedtls_test_srv_crt_ec_der_len;
+extern const size_t mbedtls_test_srv_key_ec_der_len;
+extern const size_t mbedtls_test_srv_pwd_ec_der_len;
+extern const size_t mbedtls_test_srv_key_rsa_der_len;
+extern const size_t mbedtls_test_srv_pwd_rsa_der_len;
+extern const size_t mbedtls_test_srv_crt_rsa_sha1_der_len;
+extern const size_t mbedtls_test_srv_crt_rsa_sha256_der_len;
+
+/* Config-dependent dispatch between PEM and DER encoding
+ * (PEM if enabled, otherwise DER) */
+
+extern const char mbedtls_test_srv_crt_ec[];
+extern const char mbedtls_test_srv_key_ec[];
+extern const char mbedtls_test_srv_pwd_ec[];
+extern const char mbedtls_test_srv_key_rsa[];
+extern const char mbedtls_test_srv_pwd_rsa[];
+extern const char mbedtls_test_srv_crt_rsa_sha1[];
+extern const char mbedtls_test_srv_crt_rsa_sha256[];
+
+extern const size_t mbedtls_test_srv_crt_ec_len;
+extern const size_t mbedtls_test_srv_key_ec_len;
+extern const size_t mbedtls_test_srv_pwd_ec_len;
+extern const size_t mbedtls_test_srv_key_rsa_len;
+extern const size_t mbedtls_test_srv_pwd_rsa_len;
+extern const size_t mbedtls_test_srv_crt_rsa_sha1_len;
+extern const size_t mbedtls_test_srv_crt_rsa_sha256_len;
+
+/* Config-dependent dispatch between SHA-1 and SHA-256
+ * (SHA-256 if enabled, otherwise SHA-1) */
+
+extern const char mbedtls_test_srv_crt_rsa[];
+extern const size_t mbedtls_test_srv_crt_rsa_len;
+
+/* Config-dependent dispatch between EC and RSA
+ * (RSA if enabled, otherwise EC) */
+
+extern const char *mbedtls_test_srv_crt;
+extern const char *mbedtls_test_srv_key;
+extern const char *mbedtls_test_srv_pwd;
+extern const size_t mbedtls_test_srv_crt_len;
+extern const size_t mbedtls_test_srv_key_len;
+extern const size_t mbedtls_test_srv_pwd_len;
+
+/*
+ * Client test certificates
+ */
+
+extern const char mbedtls_test_cli_crt_ec_pem[];
+extern const char mbedtls_test_cli_key_ec_pem[];
+extern const char mbedtls_test_cli_pwd_ec_pem[];
+extern const char mbedtls_test_cli_key_rsa_pem[];
+extern const char mbedtls_test_cli_pwd_rsa_pem[];
+extern const char mbedtls_test_cli_crt_rsa_pem[];
+
+extern const unsigned char mbedtls_test_cli_crt_ec_der[];
+extern const unsigned char mbedtls_test_cli_key_ec_der[];
+extern const unsigned char mbedtls_test_cli_key_rsa_der[];
+extern const unsigned char mbedtls_test_cli_crt_rsa_der[];
+
+extern const size_t mbedtls_test_cli_crt_ec_pem_len;
+extern const size_t mbedtls_test_cli_key_ec_pem_len;
+extern const size_t mbedtls_test_cli_pwd_ec_pem_len;
+extern const size_t mbedtls_test_cli_key_rsa_pem_len;
+extern const size_t mbedtls_test_cli_pwd_rsa_pem_len;
+extern const size_t mbedtls_test_cli_crt_rsa_pem_len;
+
+extern const size_t mbedtls_test_cli_crt_ec_der_len;
+extern const size_t mbedtls_test_cli_key_ec_der_len;
+extern const size_t mbedtls_test_cli_key_rsa_der_len;
+extern const size_t mbedtls_test_cli_crt_rsa_der_len;
+
+/* Config-dependent dispatch between PEM and DER encoding
+ * (PEM if enabled, otherwise DER) */
+
+extern const char mbedtls_test_cli_crt_ec[];
+extern const char mbedtls_test_cli_key_ec[];
+extern const char mbedtls_test_cli_pwd_ec[];
+extern const char mbedtls_test_cli_key_rsa[];
+extern const char mbedtls_test_cli_pwd_rsa[];
+extern const char mbedtls_test_cli_crt_rsa[];
+
+extern const size_t mbedtls_test_cli_crt_ec_len;
+extern const size_t mbedtls_test_cli_key_ec_len;
+extern const size_t mbedtls_test_cli_pwd_ec_len;
+extern const size_t mbedtls_test_cli_key_rsa_len;
+extern const size_t mbedtls_test_cli_pwd_rsa_len;
+extern const size_t mbedtls_test_cli_crt_rsa_len;
+
+/* Config-dependent dispatch between EC and RSA
+ * (RSA if enabled, otherwise EC) */
+
+extern const char *mbedtls_test_cli_crt;
+extern const char *mbedtls_test_cli_key;
+extern const char *mbedtls_test_cli_pwd;
+extern const size_t mbedtls_test_cli_crt_len;
+extern const size_t mbedtls_test_cli_key_len;
+extern const size_t mbedtls_test_cli_pwd_len;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* certs.h */
diff --git a/tests/include/test/constant_flow.h b/tests/include/test/constant_flow.h
new file mode 100644
index 0000000..c5658eb
--- /dev/null
+++ b/tests/include/test/constant_flow.h
@@ -0,0 +1,71 @@
+/**
+ * \file constant_flow.h
+ *
+ * \brief This file contains tools to ensure tested code has constant flow.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_CONSTANT_FLOW_H
+#define TEST_CONSTANT_FLOW_H
+
+#include "mbedtls/build_info.h"
+
+/*
+ * This file defines the two macros
+ *
+ * #define TEST_CF_SECRET(ptr, size)
+ * #define TEST_CF_PUBLIC(ptr, size)
+ *
+ * that can be used in tests to mark a memory area as secret (no branch or
+ * memory access should depend on it) or public (default, only needs to be
+ * marked explicitly when it was derived from secret data).
+ *
+ * Arguments:
+ * - ptr: a pointer to the memory area to be marked
+ * - size: the size in bytes of the memory area
+ *
+ * Implementation:
+ * The basic idea is that of ctgrind <https://github.com/agl/ctgrind>: we can
+ * re-use tools that were designed for checking use of uninitialized memory.
+ * This file contains two implementations: one based on MemorySanitizer, the
+ * other on valgrind's memcheck. If none of them is enabled, dummy macros that
+ * do nothing are defined for convenience.
+ *
+ * \note #TEST_CF_SECRET must be called directly from within a .function file,
+ * not indirectly via a macro defined under tests/include or a function
+ * under tests/src. This is because we only run Valgrind for constant
+ * flow on test suites that have greppable annotations inside them (see
+ * `skip_suites_without_constant_flow` in `tests/scripts/all.sh`).
+ */
+
+#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
+#include <sanitizer/msan_interface.h>
+
+/* Use macros to avoid messing up with origin tracking */
+#define TEST_CF_SECRET __msan_allocated_memory
+// void __msan_allocated_memory(const volatile void* data, size_t size);
+#define TEST_CF_PUBLIC __msan_unpoison
+// void __msan_unpoison(const volatile void *a, size_t size);
+
+#elif defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND)
+#include <valgrind/memcheck.h>
+
+#define TEST_CF_SECRET VALGRIND_MAKE_MEM_UNDEFINED
+// VALGRIND_MAKE_MEM_UNDEFINED(_qzz_addr, _qzz_len)
+#define TEST_CF_PUBLIC VALGRIND_MAKE_MEM_DEFINED
+// VALGRIND_MAKE_MEM_DEFINED(_qzz_addr, _qzz_len)
+
+#else /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN ||
+ MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */
+
+#define TEST_CF_SECRET(ptr, size)
+#define TEST_CF_PUBLIC(ptr, size)
+
+#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN ||
+ MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */
+
+#endif /* TEST_CONSTANT_FLOW_H */
diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h
new file mode 100644
index 0000000..a033e39
--- /dev/null
+++ b/tests/include/test/drivers/aead.h
@@ -0,0 +1,121 @@
+/*
+ * Test driver for AEAD driver entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H
+#define PSA_CRYPTO_TEST_DRIVERS_AEAD_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times AEAD driver functions are called. */
+ unsigned long hits_encrypt;
+ unsigned long hits_decrypt;
+ unsigned long hits_encrypt_setup;
+ unsigned long hits_decrypt_setup;
+ unsigned long hits_set_nonce;
+ unsigned long hits_set_lengths;
+ unsigned long hits_update_ad;
+ unsigned long hits_update;
+ unsigned long hits_finish;
+ unsigned long hits_verify;
+ unsigned long hits_abort;
+
+ /* Status returned by the last AEAD driver function call. */
+ psa_status_t driver_status;
+} mbedtls_test_driver_aead_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_AEAD_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }
+static inline mbedtls_test_driver_aead_hooks_t
+mbedtls_test_driver_aead_hooks_init(void)
+{
+ const mbedtls_test_driver_aead_hooks_t v = MBEDTLS_TEST_DRIVER_AEAD_INIT;
+ return v;
+}
+
+extern mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks;
+
+psa_status_t mbedtls_test_transparent_aead_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *plaintext, size_t plaintext_length,
+ uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length);
+
+psa_status_t mbedtls_test_transparent_aead_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *ciphertext, size_t ciphertext_length,
+ uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length);
+
+psa_status_t mbedtls_test_transparent_aead_encrypt_setup(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_aead_decrypt_setup(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_aead_set_nonce(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const uint8_t *nonce,
+ size_t nonce_length);
+
+psa_status_t mbedtls_test_transparent_aead_set_lengths(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ size_t ad_length,
+ size_t plaintext_length);
+
+psa_status_t mbedtls_test_transparent_aead_update_ad(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length);
+
+psa_status_t mbedtls_test_transparent_aead_update(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_aead_finish(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length,
+ uint8_t *tag,
+ size_t tag_size,
+ size_t *tag_length);
+
+psa_status_t mbedtls_test_transparent_aead_verify(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length,
+ const uint8_t *tag,
+ size_t tag_length);
+
+psa_status_t mbedtls_test_transparent_aead_abort(
+ mbedtls_transparent_test_driver_aead_operation_t *operation);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */
diff --git a/tests/include/test/drivers/asymmetric_encryption.h b/tests/include/test/drivers/asymmetric_encryption.h
new file mode 100644
index 0000000..0ac7708
--- /dev/null
+++ b/tests/include/test/drivers/asymmetric_encryption.h
@@ -0,0 +1,67 @@
+/*
+ * Test driver for asymmetric encryption.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H
+#define PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+#include <psa/crypto.h>
+
+typedef struct {
+ /* If non-null, on success, copy this to the output. */
+ void *forced_output;
+ size_t forced_output_length;
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times one of the asymmetric_encryption driver
+ functions is called. */
+ unsigned long hits;
+} mbedtls_test_driver_asymmetric_encryption_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_ASYMMETRIC_ENCRYPTION_INIT { NULL, 0, PSA_SUCCESS, 0 }
+
+static inline mbedtls_test_driver_asymmetric_encryption_hooks_t
+mbedtls_test_driver_asymmetric_encryption_hooks_init(void)
+{
+ const mbedtls_test_driver_asymmetric_encryption_hooks_t v =
+ MBEDTLS_TEST_DRIVER_ASYMMETRIC_ENCRYPTION_INIT;
+ return v;
+}
+
+extern mbedtls_test_driver_asymmetric_encryption_hooks_t
+ mbedtls_test_driver_asymmetric_encryption_hooks;
+
+psa_status_t mbedtls_test_transparent_asymmetric_encrypt(
+ const psa_key_attributes_t *attributes, const uint8_t *key_buffer,
+ size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input,
+ size_t input_length, const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_opaque_asymmetric_encrypt(
+ const psa_key_attributes_t *attributes, const uint8_t *key,
+ size_t key_length, psa_algorithm_t alg, const uint8_t *input,
+ size_t input_length, const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_asymmetric_decrypt(
+ const psa_key_attributes_t *attributes, const uint8_t *key_buffer,
+ size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input,
+ size_t input_length, const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_opaque_asymmetric_decrypt(
+ const psa_key_attributes_t *attributes, const uint8_t *key,
+ size_t key_length, psa_algorithm_t alg, const uint8_t *input,
+ size_t input_length, const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H */
diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h
new file mode 100644
index 0000000..2fe47e4
--- /dev/null
+++ b/tests/include/test/drivers/cipher.h
@@ -0,0 +1,136 @@
+/*
+ * Test driver for cipher functions
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H
+#define PSA_CRYPTO_TEST_DRIVERS_CIPHER_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+#include <psa/crypto.h>
+
+#include "mbedtls/cipher.h"
+
+typedef struct {
+ /* If non-null, on success, copy this to the output. */
+ void *forced_output;
+ size_t forced_output_length;
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ psa_status_t forced_status_encrypt;
+ psa_status_t forced_status_set_iv;
+ /* Count the amount of times one of the cipher driver functions is called. */
+ unsigned long hits;
+ unsigned long hits_encrypt;
+ unsigned long hits_set_iv;
+} mbedtls_test_driver_cipher_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, \
+ PSA_SUCCESS, PSA_SUCCESS, PSA_SUCCESS, \
+ 0, 0, 0 }
+static inline mbedtls_test_driver_cipher_hooks_t
+mbedtls_test_driver_cipher_hooks_init(void)
+{
+ const mbedtls_test_driver_cipher_hooks_t v = MBEDTLS_TEST_DRIVER_CIPHER_INIT;
+ return v;
+}
+
+extern mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks;
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *iv, size_t iv_length,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt_setup(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_cipher_abort(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation);
+
+psa_status_t mbedtls_test_transparent_cipher_set_iv(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length);
+
+psa_status_t mbedtls_test_transparent_cipher_update(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_cipher_finish(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+/*
+ * opaque versions
+ */
+psa_status_t mbedtls_test_opaque_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *iv, size_t iv_length,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_opaque_cipher_encrypt_setup(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt_setup(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_opaque_cipher_abort(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation);
+
+psa_status_t mbedtls_test_opaque_cipher_set_iv(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length);
+
+psa_status_t mbedtls_test_opaque_cipher_update(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_opaque_cipher_finish(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */
diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h
new file mode 100644
index 0000000..ec8bcb6
--- /dev/null
+++ b/tests/include/test/drivers/config_test_driver.h
@@ -0,0 +1,46 @@
+/*
+ * Mbed TLS configuration for PSA test driver libraries. It includes:
+ * . the minimum set of modules needed by the PSA core.
+ * . the Mbed TLS configuration options that may need to be additionally
+ * enabled for the purpose of a specific test.
+ * . the PSA configuration file for the Mbed TLS library and its test drivers.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+#define MBEDTLS_PSA_CRYPTO_C
+#define MBEDTLS_PSA_CRYPTO_CONFIG
+
+/* PSA core mandatory configuration options */
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_AES_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_ENTROPY_FORCE_SHA256
+
+/*
+ * Configuration options that may need to be additionally enabled for the
+ * purpose of a specific set of tests.
+ */
+//#define MBEDTLS_SHA1_C
+//#define MBEDTLS_SHA224_C
+//#define MBEDTLS_SHA384_C
+//#define MBEDTLS_SHA512_C
+//#define MBEDTLS_MD_C
+//#define MBEDTLS_PEM_PARSE_C
+//#define MBEDTLS_BASE64_C
+//#define MBEDTLS_THREADING_C
+//#define MBEDTLS_THREADING_PTHREAD
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h
new file mode 100644
index 0000000..dac07ac
--- /dev/null
+++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h
@@ -0,0 +1,674 @@
+/**
+ * This file is intended to be used to build PSA test driver libraries. It is
+ * intended to be appended by the test build system to the crypto_config.h file
+ * of the Mbed TLS library the test library will be linked to. It mirrors the
+ * PSA_ACCEL_* macros defining the cryptographic operations the test library
+ * supports.
+ */
+
+#include "psa/crypto_legacy.h"
+
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)
+#undef MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CBC_PKCS7)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)
+#undef MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CFB)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CFB)
+#undef MBEDTLS_PSA_ACCEL_ALG_CFB
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CFB 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CMAC)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
+#undef MBEDTLS_PSA_ACCEL_ALG_CMAC
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CTR)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CTR)
+#undef MBEDTLS_PSA_ACCEL_ALG_CTR
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CTR 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_STREAM_CIPHER)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER)
+#undef MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_ECB_NO_PADDING)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
+#undef MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
+#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)
+#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)
+#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_MONTGOMERY_255)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)
+#undef MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_MONTGOMERY_448)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)
+#undef MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_SECP_K1_192)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)
+#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_SECP_K1_224)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)
+#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_SECP_K1_256)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)
+#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_SECP_R1_192)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)
+#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_SECP_R1_224)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)
+#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_SECP_R1_256)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)
+#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_SECP_R1_384)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)
+#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ECC_SECP_R1_521)
+#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
+#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521
+#else
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+#undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_ECDSA)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
+#undef MBEDTLS_PSA_ACCEL_ALG_ECDSA
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_ECDSA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_ECDH)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
+#undef MBEDTLS_PSA_ACCEL_ALG_ECDH
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_ECDH 1
+#endif
+#endif
+
+#if defined(PSA_WANT_DH_RFC7919_2048)
+#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)
+#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_2048
+#else
+#define MBEDTLS_PSA_ACCEL_DH_RFC7919_2048
+#endif
+#endif
+
+#if defined(PSA_WANT_DH_RFC7919_3072)
+#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)
+#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_3072
+#else
+#define MBEDTLS_PSA_ACCEL_DH_RFC7919_3072
+#endif
+#endif
+
+#if defined(PSA_WANT_DH_RFC7919_4096)
+#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)
+#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_4096
+#else
+#define MBEDTLS_PSA_ACCEL_DH_RFC7919_4096
+#endif
+#endif
+
+#if defined(PSA_WANT_DH_RFC7919_6144)
+#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)
+#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_6144
+#else
+#define MBEDTLS_PSA_ACCEL_DH_RFC7919_6144
+#endif
+#endif
+
+#if defined(PSA_WANT_DH_RFC7919_8192)
+#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192)
+#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_8192
+#else
+#define MBEDTLS_PSA_ACCEL_DH_RFC7919_8192
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_FFDH)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_FFDH)
+#undef MBEDTLS_PSA_ACCEL_ALG_FFDH
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_FFDH 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_MD5)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
+#undef MBEDTLS_PSA_ACCEL_ALG_MD5
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_MD5 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_OFB)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_OFB)
+#undef MBEDTLS_PSA_ACCEL_ALG_OFB
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_OFB 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RIPEMD160)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
+#undef MBEDTLS_PSA_ACCEL_ALG_RIPEMD160
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
+#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PSS)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
+#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PSS
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PSS 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_1)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_1
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_1 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_224)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_224
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_224 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_256
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_256 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_384)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_384
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_384 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_512
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_512 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA3_224)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_224
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA3_224 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA3_256)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_256
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA3_256 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA3_384)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_384
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA3_384 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA3_512)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_512
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA3_512 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_XTS)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_XTS)
+#undef MBEDTLS_PSA_ACCEL_ALG_XTS
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_XTS 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
+#undef MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_JPAKE)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)
+#undef MBEDTLS_PSA_ACCEL_ALG_JPAKE
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_JPAKE 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_AES)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ARIA)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1
+#endif
+#endif
+
+
+#if defined(PSA_WANT_ALG_TLS12_PRF)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
+#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
+#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
+#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_GCM)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_GCM)
+#undef MBEDTLS_PSA_ACCEL_ALG_GCM
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_GCM 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CCM)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CCM)
+#undef MBEDTLS_PSA_ACCEL_ALG_CCM
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CCM 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG)
+#undef MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CBC_MAC)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
+#undef MBEDTLS_PSA_ACCEL_ALG_CBC_MAC
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_HMAC)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
+#undef MBEDTLS_PSA_ACCEL_ALG_HMAC
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_HMAC 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_HKDF)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
+#undef MBEDTLS_PSA_ACCEL_ALG_HKDF
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_HKDF 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_HKDF_EXTRACT)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)
+#undef MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_HKDF_EXPAND)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)
+#undef MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_OAEP)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
+#undef MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
+#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_DERIVE)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_HMAC)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_DES)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DES
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RAW_DATA)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1
+#endif
+#endif
diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h
new file mode 100644
index 0000000..ad48c45
--- /dev/null
+++ b/tests/include/test/drivers/hash.h
@@ -0,0 +1,64 @@
+/*
+ * Test driver for hash driver entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H
+#define PSA_CRYPTO_TEST_DRIVERS_HASH_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times hash driver entry points are called. */
+ unsigned long hits;
+ /* Status returned by the last hash driver entry point call. */
+ psa_status_t driver_status;
+} mbedtls_test_driver_hash_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_HASH_INIT { 0, 0, 0 }
+static inline mbedtls_test_driver_hash_hooks_t
+mbedtls_test_driver_hash_hooks_init(void)
+{
+ const mbedtls_test_driver_hash_hooks_t v = MBEDTLS_TEST_DRIVER_HASH_INIT;
+ return v;
+}
+
+extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks;
+
+psa_status_t mbedtls_test_transparent_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *hash, size_t hash_size, size_t *hash_length);
+
+psa_status_t mbedtls_test_transparent_hash_setup(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_hash_clone(
+ const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
+ mbedtls_transparent_test_driver_hash_operation_t *target_operation);
+
+psa_status_t mbedtls_test_transparent_hash_update(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length);
+
+psa_status_t mbedtls_test_transparent_hash_finish(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length);
+
+psa_status_t mbedtls_test_transparent_hash_abort(
+ mbedtls_transparent_test_driver_hash_operation_t *operation);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */
diff --git a/tests/include/test/drivers/key_agreement.h b/tests/include/test/drivers/key_agreement.h
new file mode 100644
index 0000000..ca82b3a
--- /dev/null
+++ b/tests/include/test/drivers/key_agreement.h
@@ -0,0 +1,62 @@
+/*
+ * Test driver for key agreement functions.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H
+#define PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If non-null, on success, copy this to the output. */
+ void *forced_output;
+ size_t forced_output_length;
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times one of the signature driver functions is called. */
+ unsigned long hits;
+} mbedtls_test_driver_key_agreement_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_KEY_AGREEMENT_INIT { NULL, 0, PSA_SUCCESS, 0 }
+static inline mbedtls_test_driver_key_agreement_hooks_t
+mbedtls_test_driver_key_agreement_hooks_init(void)
+{
+ const mbedtls_test_driver_key_agreement_hooks_t
+ v = MBEDTLS_TEST_DRIVER_KEY_AGREEMENT_INIT;
+ return v;
+}
+
+extern mbedtls_test_driver_key_agreement_hooks_t
+ mbedtls_test_driver_key_agreement_hooks;
+
+psa_status_t mbedtls_test_transparent_key_agreement(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ uint8_t *shared_secret,
+ size_t shared_secret_size,
+ size_t *shared_secret_length);
+
+psa_status_t mbedtls_test_opaque_key_agreement(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ uint8_t *shared_secret,
+ size_t shared_secret_size,
+ size_t *shared_secret_length);
+
+#endif /*PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H */
diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h
new file mode 100644
index 0000000..7b5c4c7
--- /dev/null
+++ b/tests/include/test/drivers/key_management.h
@@ -0,0 +1,129 @@
+/*
+ * Test driver for generating and verifying keys.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H
+#define PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT 0
+#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT 1
+
+typedef struct {
+ /* If non-null, on success, copy this to the output. */
+ void *forced_output;
+ size_t forced_output_length;
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times one of the key management driver functions
+ * is called. */
+ unsigned long hits;
+ /* Subset of hits which only counts key operations with EC key */
+ unsigned long hits_export_public_key;
+ /* Location of the last key management driver called to import a key. */
+ psa_key_location_t location;
+} mbedtls_test_driver_key_management_hooks_t;
+
+/* The location is initialized to the invalid value 0x800000. Invalid in the
+ * sense that no PSA specification will assign a meaning to this location
+ * (stated first in version 1.0.1 of the specification) and that it is not
+ * used as a location of an opaque test drivers. */
+#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0, 0x800000 }
+static inline mbedtls_test_driver_key_management_hooks_t
+mbedtls_test_driver_key_management_hooks_init(void)
+{
+ const mbedtls_test_driver_key_management_hooks_t
+ v = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
+ return v;
+}
+
+/*
+ * In order to convert the plain text keys to Opaque, the size of the key is
+ * padded up by PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE in addition to
+ * xor mangling the key. The pad prefix needs to be accounted for while
+ * sizing for the key.
+ */
+#define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX 0xBEEFED00U
+#define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE sizeof( \
+ PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX)
+
+size_t mbedtls_test_opaque_size_function(
+ const psa_key_type_t key_type,
+ const size_t key_bits);
+
+extern mbedtls_test_driver_key_management_hooks_t
+ mbedtls_test_driver_key_management_hooks;
+
+psa_status_t mbedtls_test_transparent_init(void);
+void mbedtls_test_transparent_free(void);
+psa_status_t mbedtls_test_opaque_init(void);
+void mbedtls_test_opaque_free(void);
+
+psa_status_t mbedtls_test_opaque_unwrap_key(
+ const uint8_t *wrapped_key, size_t wrapped_key_length, uint8_t *key_buffer,
+ size_t key_buffer_size, size_t *key_buffer_length);
+
+psa_status_t mbedtls_test_transparent_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length);
+
+psa_status_t mbedtls_test_opaque_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length);
+
+psa_status_t mbedtls_test_opaque_export_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length);
+
+psa_status_t mbedtls_test_transparent_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length);
+
+psa_status_t mbedtls_test_opaque_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length);
+
+psa_status_t mbedtls_test_transparent_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length,
+ size_t *bits);
+
+psa_status_t mbedtls_test_opaque_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length,
+ size_t *bits);
+
+psa_status_t mbedtls_test_opaque_get_builtin_key(
+ psa_drv_slot_number_t slot_number,
+ psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
+
+psa_status_t mbedtls_test_opaque_copy_key(
+ psa_key_attributes_t *attributes,
+ const uint8_t *source_key,
+ size_t source_key_length,
+ uint8_t *target_key_buffer,
+ size_t target_key_buffer_size,
+ size_t *target_key_buffer_length);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */
diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h
new file mode 100644
index 0000000..d92eff9
--- /dev/null
+++ b/tests/include/test/drivers/mac.h
@@ -0,0 +1,125 @@
+/*
+ * Test driver for MAC driver entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H
+#define PSA_CRYPTO_TEST_DRIVERS_MAC_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times MAC driver functions are called. */
+ unsigned long hits;
+ /* Status returned by the last MAC driver function call. */
+ psa_status_t driver_status;
+} mbedtls_test_driver_mac_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_MAC_INIT { 0, 0, 0 }
+static inline mbedtls_test_driver_mac_hooks_t
+mbedtls_test_driver_mac_hooks_init(void)
+{
+ const mbedtls_test_driver_mac_hooks_t v = MBEDTLS_TEST_DRIVER_MAC_INIT;
+ return v;
+}
+
+extern mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks;
+
+psa_status_t mbedtls_test_transparent_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length);
+
+psa_status_t mbedtls_test_transparent_mac_sign_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_mac_verify_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_mac_update(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length);
+
+psa_status_t mbedtls_test_transparent_mac_sign_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length);
+
+psa_status_t mbedtls_test_transparent_mac_verify_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length);
+
+psa_status_t mbedtls_test_transparent_mac_abort(
+ mbedtls_transparent_test_driver_mac_operation_t *operation);
+
+psa_status_t mbedtls_test_opaque_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length);
+
+psa_status_t mbedtls_test_opaque_mac_sign_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_opaque_mac_verify_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_opaque_mac_update(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length);
+
+psa_status_t mbedtls_test_opaque_mac_sign_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length);
+
+psa_status_t mbedtls_test_opaque_mac_verify_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length);
+
+psa_status_t mbedtls_test_opaque_mac_abort(
+ mbedtls_opaque_test_driver_mac_operation_t *operation);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */
diff --git a/tests/include/test/drivers/pake.h b/tests/include/test/drivers/pake.h
new file mode 100644
index 0000000..d292ca0
--- /dev/null
+++ b/tests/include/test/drivers/pake.h
@@ -0,0 +1,75 @@
+/*
+ * Test driver for PAKE driver entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H
+#define PSA_CRYPTO_TEST_DRIVERS_PAKE_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* PAKE driver setup is executed on the first call to
+ pake_output/pake_input (added to distinguish forced statuses). */
+ psa_status_t forced_setup_status;
+ /* Count the amount of times PAKE driver functions are called. */
+ struct {
+ unsigned long total;
+ unsigned long setup;
+ unsigned long input;
+ unsigned long output;
+ unsigned long implicit_key;
+ unsigned long abort;
+ } hits;
+ /* Status returned by the last PAKE driver function call. */
+ psa_status_t driver_status;
+ /* Output returned by pake_output */
+ void *forced_output;
+ size_t forced_output_length;
+} mbedtls_test_driver_pake_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_PAKE_INIT { PSA_SUCCESS, PSA_SUCCESS, { 0, 0, 0, 0, 0, 0 }, PSA_SUCCESS, \
+ NULL, 0 }
+static inline mbedtls_test_driver_pake_hooks_t
+mbedtls_test_driver_pake_hooks_init(void)
+{
+ const mbedtls_test_driver_pake_hooks_t v = MBEDTLS_TEST_DRIVER_PAKE_INIT;
+ return v;
+}
+
+extern mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks;
+
+psa_status_t mbedtls_test_transparent_pake_setup(
+ mbedtls_transparent_test_driver_pake_operation_t *operation,
+ const psa_crypto_driver_pake_inputs_t *inputs);
+
+psa_status_t mbedtls_test_transparent_pake_output(
+ mbedtls_transparent_test_driver_pake_operation_t *operation,
+ psa_crypto_driver_pake_step_t step,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_pake_input(
+ mbedtls_transparent_test_driver_pake_operation_t *operation,
+ psa_crypto_driver_pake_step_t step,
+ const uint8_t *input,
+ size_t input_length);
+
+psa_status_t mbedtls_test_transparent_pake_get_implicit_key(
+ mbedtls_transparent_test_driver_pake_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_pake_abort(
+ mbedtls_transparent_test_driver_pake_operation_t *operation);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_PAKE_H */
diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h
new file mode 100644
index 0000000..8c5703e
--- /dev/null
+++ b/tests/include/test/drivers/signature.h
@@ -0,0 +1,112 @@
+/*
+ * Test driver for signature functions.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H
+#define PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+ /* If non-null, on success, copy this to the output. */
+ void *forced_output;
+ size_t forced_output_length;
+ /* If not PSA_SUCCESS, return this error code instead of processing the
+ * function call. */
+ psa_status_t forced_status;
+ /* Count the amount of times one of the signature driver functions is called. */
+ unsigned long hits;
+} mbedtls_test_driver_signature_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 }
+static inline mbedtls_test_driver_signature_hooks_t
+mbedtls_test_driver_signature_hooks_init(void)
+{
+ const mbedtls_test_driver_signature_hooks_t
+ v = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
+ return v;
+}
+
+extern mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_sign_hooks;
+extern mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_verify_hooks;
+
+psa_status_t mbedtls_test_transparent_signature_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length);
+
+psa_status_t mbedtls_test_opaque_signature_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length);
+
+psa_status_t mbedtls_test_transparent_signature_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length);
+
+psa_status_t mbedtls_test_opaque_signature_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length);
+
+psa_status_t mbedtls_test_transparent_signature_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+psa_status_t mbedtls_test_opaque_signature_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+psa_status_t mbedtls_test_transparent_signature_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length);
+
+psa_status_t mbedtls_test_opaque_signature_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */
diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h
new file mode 100644
index 0000000..74605d6
--- /dev/null
+++ b/tests/include/test/drivers/test_driver.h
@@ -0,0 +1,32 @@
+/*
+ * Umbrella include for all of the test driver functionality
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVER_H
+#define PSA_CRYPTO_TEST_DRIVER_H
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#ifndef PSA_CRYPTO_DRIVER_PRESENT
+#define PSA_CRYPTO_DRIVER_PRESENT
+#endif
+#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
+#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
+#endif
+
+#define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff
+
+#include "test/drivers/aead.h"
+#include "test/drivers/cipher.h"
+#include "test/drivers/hash.h"
+#include "test/drivers/mac.h"
+#include "test/drivers/key_management.h"
+#include "test/drivers/signature.h"
+#include "test/drivers/asymmetric_encryption.h"
+#include "test/drivers/key_agreement.h"
+#include "test/drivers/pake.h"
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVER_H */
diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h
new file mode 100644
index 0000000..e3e331d
--- /dev/null
+++ b/tests/include/test/fake_external_rng_for_test.h
@@ -0,0 +1,40 @@
+/*
+ * Insecure but standalone implementation of mbedtls_psa_external_get_random().
+ * Only for use in tests!
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H
+#define FAKE_EXTERNAL_RNG_FOR_TEST_H
+
+#include "mbedtls/build_info.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** Enable the insecure implementation of mbedtls_psa_external_get_random().
+ *
+ * The insecure implementation of mbedtls_psa_external_get_random() is
+ * disabled by default.
+ *
+ * When MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled and the test
+ * helpers are linked into a program, you must enable this before running any
+ * code that uses the PSA subsystem to generate random data (including internal
+ * random generation for purposes such as blinding when the random generation
+ * is routed through PSA).
+ *
+ * You can enable and disable it at any time, regardless of the state
+ * of the PSA subsystem. You may disable it temporarily to simulate a
+ * depleted entropy source.
+ */
+void mbedtls_test_enable_insecure_external_rng(void);
+
+/** Disable the insecure implementation of mbedtls_psa_external_get_random().
+ *
+ * See mbedtls_test_enable_insecure_external_rng().
+ */
+void mbedtls_test_disable_insecure_external_rng(void);
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#endif /* FAKE_EXTERNAL_RNG_FOR_TEST_H */
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
new file mode 100644
index 0000000..d08100f
--- /dev/null
+++ b/tests/include/test/helpers.h
@@ -0,0 +1,404 @@
+/**
+ * \file helpers.h
+ *
+ * \brief This file contains the prototypes of helper functions for the
+ * purpose of testing.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_HELPERS_H
+#define TEST_HELPERS_H
+
+/* Most fields of publicly available structs are private and are wrapped with
+ * MBEDTLS_PRIVATE macro. This define allows tests to access the private fields
+ * directly (without using the MBEDTLS_PRIVATE wrapper). */
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
+#include "mbedtls/build_info.h"
+
+#if defined(__SANITIZE_ADDRESS__) /* gcc -fsanitize=address */
+# define MBEDTLS_TEST_HAVE_ASAN
+#endif
+#if defined(__SANITIZE_THREAD__) /* gcc -fsanitize-thread */
+# define MBEDTLS_TEST_HAVE_TSAN
+#endif
+
+#if defined(__has_feature)
+# if __has_feature(address_sanitizer) /* clang -fsanitize=address */
+# define MBEDTLS_TEST_HAVE_ASAN
+# endif
+# if __has_feature(memory_sanitizer) /* clang -fsanitize=memory */
+# define MBEDTLS_TEST_HAVE_MSAN
+# endif
+# if __has_feature(thread_sanitizer) /* clang -fsanitize=thread */
+# define MBEDTLS_TEST_HAVE_TSAN
+# endif
+#endif
+
+#include "test/threading_helpers.h"
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+#include "mbedtls/threading.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
+/** The type of test case arguments that contain binary data. */
+typedef struct data_tag {
+ uint8_t *x;
+ uint32_t len;
+} data_t;
+
+typedef enum {
+ MBEDTLS_TEST_RESULT_SUCCESS = 0,
+ MBEDTLS_TEST_RESULT_FAILED,
+ MBEDTLS_TEST_RESULT_SKIPPED
+} mbedtls_test_result_t;
+
+#define MBEDTLS_TEST_LINE_LENGTH 76
+
+typedef struct {
+ mbedtls_test_result_t result;
+ const char *test;
+ const char *filename;
+ int line_no;
+ unsigned long step;
+ char line1[MBEDTLS_TEST_LINE_LENGTH];
+ char line2[MBEDTLS_TEST_LINE_LENGTH];
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ const char *mutex_usage_error;
+#endif
+#if defined(MBEDTLS_BIGNUM_C)
+ unsigned case_uses_negative_0;
+#endif
+}
+mbedtls_test_info_t;
+
+/**
+ * \brief Get the current test result status
+ *
+ * \return The current test result status
+ */
+mbedtls_test_result_t mbedtls_test_get_result(void);
+
+/**
+ * \brief Get the current test name/description
+ *
+ * \return The current test name/description
+ */
+const char *mbedtls_test_get_test(void);
+
+/**
+ * \brief Get the current test filename
+ *
+ * \return The current test filename
+ */
+const char *mbedtls_get_test_filename(void);
+
+/**
+ * \brief Get the current test file line number (for failure / skip)
+ *
+ * \return The current test file line number (for failure / skip)
+ */
+int mbedtls_test_get_line_no(void);
+
+/**
+ * \brief Increment the current test step.
+ *
+ * \note It is not recommended for multiple threads to call this
+ * function concurrently - whilst it is entirely thread safe,
+ * the order of calls to this function can obviously not be
+ * ensured, so unexpected results may occur.
+ */
+void mbedtls_test_increment_step(void);
+
+/**
+ * \brief Get the current test step
+ *
+ * \return The current test step
+ */
+unsigned long mbedtls_test_get_step(void);
+
+/**
+ * \brief Get the current test line buffer 1
+ *
+ * \param line Buffer of minimum size \c MBEDTLS_TEST_LINE_LENGTH,
+ * which will have line buffer 1 copied to it.
+ */
+void mbedtls_test_get_line1(char *line);
+
+/**
+ * \brief Get the current test line buffer 2
+ *
+ * \param line Buffer of minimum size \c MBEDTLS_TEST_LINE_LENGTH,
+ * which will have line buffer 1 copied to it.
+ */
+void mbedtls_test_get_line2(char *line);
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+/**
+ * \brief Get the current mutex usage error message
+ *
+ * \return The current mutex error message (may be NULL if no error)
+ */
+const char *mbedtls_test_get_mutex_usage_error(void);
+
+/**
+ * \brief Set the current mutex usage error message
+ *
+ * \note This will only set the mutex error message if one has not
+ * already been set, or if we are clearing the message (msg is
+ * NULL)
+ *
+ * \param msg Error message to set (can be NULL to clear)
+ */
+void mbedtls_test_set_mutex_usage_error(const char *msg);
+#endif
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+/**
+ * \brief Get whether the current test is a bignum test that uses
+ * negative zero.
+ *
+ * \return non zero if the current test uses bignum negative zero.
+ */
+unsigned mbedtls_test_get_case_uses_negative_0(void);
+
+/**
+ * \brief Indicate that the current test uses bignum negative zero.
+ *
+ * \note This function is called if the current test case had an
+ * input parsed with mbedtls_test_read_mpi() that is a negative
+ * 0 (`"-"`, `"-0"`, `"-00"`, etc., constructing a result with
+ * the sign bit set to -1 and the value being all-limbs-0,
+ * which is not a valid representation in #mbedtls_mpi but is
+ * tested for robustness). *
+ */
+void mbedtls_test_increment_case_uses_negative_0(void);
+#endif
+
+int mbedtls_test_platform_setup(void);
+void mbedtls_test_platform_teardown(void);
+
+/**
+ * \brief Record the current test case as a failure.
+ *
+ * This function can be called directly however it is usually
+ * called via macros such as TEST_ASSERT, TEST_EQUAL,
+ * PSA_ASSERT, etc...
+ *
+ * \note If the test case was already marked as failed, calling
+ * `mbedtls_test_fail( )` again will not overwrite any
+ * previous information about the failure.
+ *
+ * \param test Description of the failure or assertion that failed. This
+ * MUST be a string literal.
+ * \param line_no Line number where the failure originated.
+ * \param filename Filename where the failure originated.
+ */
+void mbedtls_test_fail(const char *test, int line_no, const char *filename);
+
+/**
+ * \brief Record the current test case as skipped.
+ *
+ * This function can be called directly however it is usually
+ * called via the TEST_ASSUME macro.
+ *
+ * \param test Description of the assumption that caused the test case to
+ * be skipped. This MUST be a string literal.
+ * \param line_no Line number where the test case was skipped.
+ * \param filename Filename where the test case was skipped.
+ */
+void mbedtls_test_skip(const char *test, int line_no, const char *filename);
+
+/**
+ * \brief Set the test step number for failure reports.
+ *
+ * Call this function to display "step NNN" in addition to the
+ * line number and file name if a test fails. Typically the
+ * "step number" is the index of a for loop but it can be
+ * whatever you want.
+ *
+ * \note It is not recommended for multiple threads to call this
+ * function concurrently - whilst it is entirely thread safe,
+ * the order of calls to this function can obviously not be
+ * ensured, so unexpected results may occur.
+ *
+ * \param step The step number to report.
+ */
+void mbedtls_test_set_step(unsigned long step);
+
+/**
+ * \brief Reset mbedtls_test_info to a ready/starting state.
+ */
+void mbedtls_test_info_reset(void);
+
+#ifdef MBEDTLS_TEST_MUTEX_USAGE
+/**
+ * \brief Get the test info data mutex.
+ *
+ * \note This is designed only to be used by threading_helpers to
+ * avoid a deadlock, not for general access to this mutex.
+ *
+ * \return The test info data mutex.
+ */
+mbedtls_threading_mutex_t *mbedtls_test_get_info_mutex(void);
+
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
+
+/**
+ * \brief Record the current test case as a failure if two integers
+ * have a different value.
+ *
+ * This function is usually called via the macro
+ * #TEST_EQUAL.
+ *
+ * \param test Description of the failure or assertion that failed. This
+ * MUST be a string literal. This normally has the form
+ * "EXPR1 == EXPR2" where EXPR1 has the value \p value1
+ * and EXPR2 has the value \p value2.
+ * \param line_no Line number where the failure originated.
+ * \param filename Filename where the failure originated.
+ * \param value1 The first value to compare.
+ * \param value2 The second value to compare.
+ *
+ * \return \c 1 if the values are equal, otherwise \c 0.
+ */
+int mbedtls_test_equal(const char *test, int line_no, const char *filename,
+ unsigned long long value1, unsigned long long value2);
+
+/**
+ * \brief Record the current test case as a failure based
+ * on comparing two unsigned integers.
+ *
+ * This function is usually called via the macro
+ * #TEST_LE_U.
+ *
+ * \param test Description of the failure or assertion that failed. This
+ * MUST be a string literal. This normally has the form
+ * "EXPR1 <= EXPR2" where EXPR1 has the value \p value1
+ * and EXPR2 has the value \p value2.
+ * \param line_no Line number where the failure originated.
+ * \param filename Filename where the failure originated.
+ * \param value1 The first value to compare.
+ * \param value2 The second value to compare.
+ *
+ * \return \c 1 if \p value1 <= \p value2, otherwise \c 0.
+ */
+int mbedtls_test_le_u(const char *test, int line_no, const char *filename,
+ unsigned long long value1, unsigned long long value2);
+
+/**
+ * \brief Record the current test case as a failure based
+ * on comparing two signed integers.
+ *
+ * This function is usually called via the macro
+ * #TEST_LE_S.
+ *
+ * \param test Description of the failure or assertion that failed. This
+ * MUST be a string literal. This normally has the form
+ * "EXPR1 <= EXPR2" where EXPR1 has the value \p value1
+ * and EXPR2 has the value \p value2.
+ * \param line_no Line number where the failure originated.
+ * \param filename Filename where the failure originated.
+ * \param value1 The first value to compare.
+ * \param value2 The second value to compare.
+ *
+ * \return \c 1 if \p value1 <= \p value2, otherwise \c 0.
+ */
+int mbedtls_test_le_s(const char *test, int line_no, const char *filename,
+ long long value1, long long value2);
+
+/**
+ * \brief This function decodes the hexadecimal representation of
+ * data.
+ *
+ * \note The output buffer can be the same as the input buffer. For
+ * any other overlapping of the input and output buffers, the
+ * behavior is undefined.
+ *
+ * \param obuf Output buffer.
+ * \param obufmax Size in number of bytes of \p obuf.
+ * \param ibuf Input buffer.
+ * \param len The number of unsigned char written in \p obuf. This must
+ * not be \c NULL.
+ *
+ * \return \c 0 on success.
+ * \return \c -1 if the output buffer is too small or the input string
+ * is not a valid hexadecimal representation.
+ */
+int mbedtls_test_unhexify(unsigned char *obuf, size_t obufmax,
+ const char *ibuf, size_t *len);
+
+void mbedtls_test_hexify(unsigned char *obuf,
+ const unsigned char *ibuf,
+ int len);
+
+/**
+ * \brief Convert hexadecimal digit to an integer.
+ *
+ * \param c The digit to convert (`'0'` to `'9'`, `'A'` to `'F'` or
+ * `'a'` to `'f'`).
+ * \param[out] uc On success, the value of the digit (0 to 15).
+ *
+ * \return 0 on success, -1 if \p c is not a hexadecimal digit.
+ */
+int mbedtls_test_ascii2uc(const char c, unsigned char *uc);
+
+/**
+ * Allocate and zeroize a buffer.
+ *
+ * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
+ *
+ * For convenience, dies if allocation fails.
+ */
+unsigned char *mbedtls_test_zero_alloc(size_t len);
+
+/**
+ * Allocate and fill a buffer from hex data.
+ *
+ * The buffer is sized exactly as needed. This allows to detect buffer
+ * overruns (including overreads) when running the test suite under valgrind.
+ *
+ * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
+ *
+ * For convenience, dies if allocation fails.
+ */
+unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen);
+
+int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b,
+ uint32_t a_len, uint32_t b_len);
+
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#include "test/fake_external_rng_for_test.h"
+#endif
+
+#if defined(MBEDTLS_TEST_HOOKS)
+/**
+ * \brief Check that only a pure high-level error code is being combined with
+ * a pure low-level error code as otherwise the resultant error code
+ * would be corrupted.
+ *
+ * \note Both high-level and low-level error codes cannot be greater than
+ * zero however can be zero. If one error code is zero then the
+ * other error code is returned even if both codes are zero.
+ *
+ * \note If the check fails, fail the test currently being run.
+ */
+void mbedtls_test_err_add_check(int high, int low,
+ const char *file, int line);
+#endif
+
+#endif /* TEST_HELPERS_H */
diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h
new file mode 100644
index 0000000..a73e06f
--- /dev/null
+++ b/tests/include/test/macros.h
@@ -0,0 +1,250 @@
+/**
+ * \file macros.h
+ *
+ * \brief This file contains generic macros for the purpose of testing.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_MACROS_H
+#define TEST_MACROS_H
+
+#include "mbedtls/build_info.h"
+
+#include <stdlib.h>
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+#include "common.h"
+
+/**
+ * \brief This macro tests the expression passed to it as a test step or
+ * individual test in a test case.
+ *
+ * It allows a library function to return a value and return an error
+ * code that can be tested.
+ *
+ * Failing the test means:
+ * - Mark this test case as failed.
+ * - Print a message identifying the failure.
+ * - Jump to the \c exit label.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param TEST The test expression to be tested.
+ */
+#define TEST_ASSERT(TEST) \
+ do { \
+ if (!(TEST)) \
+ { \
+ mbedtls_test_fail( #TEST, __LINE__, __FILE__); \
+ goto exit; \
+ } \
+ } while (0)
+
+/** This macro asserts fails the test with given output message.
+ *
+ * \param MESSAGE The message to be outputed on assertion
+ */
+#define TEST_FAIL(MESSAGE) \
+ do { \
+ mbedtls_test_fail(MESSAGE, __LINE__, __FILE__); \
+ goto exit; \
+ } while (0)
+
+/** Evaluate two integer expressions and fail the test case if they have
+ * different values.
+ *
+ * The two expressions should have the same signedness, otherwise the
+ * comparison is not meaningful if the signed value is negative.
+ *
+ * \param expr1 An integral-typed expression to evaluate.
+ * \param expr2 Another integral-typed expression to evaluate.
+ */
+#define TEST_EQUAL(expr1, expr2) \
+ do { \
+ if (!mbedtls_test_equal( #expr1 " == " #expr2, __LINE__, __FILE__, \
+ (unsigned long long) (expr1), (unsigned long long) (expr2))) \
+ goto exit; \
+ } while (0)
+
+/** Evaluate two unsigned integer expressions and fail the test case
+ * if they are not in increasing order (left <= right).
+ *
+ * \param expr1 An integral-typed expression to evaluate.
+ * \param expr2 Another integral-typed expression to evaluate.
+ */
+#define TEST_LE_U(expr1, expr2) \
+ do { \
+ if (!mbedtls_test_le_u( #expr1 " <= " #expr2, __LINE__, __FILE__, \
+ expr1, expr2)) \
+ goto exit; \
+ } while (0)
+
+/** Evaluate two signed integer expressions and fail the test case
+ * if they are not in increasing order (left <= right).
+ *
+ * \param expr1 An integral-typed expression to evaluate.
+ * \param expr2 Another integral-typed expression to evaluate.
+ */
+#define TEST_LE_S(expr1, expr2) \
+ do { \
+ if (!mbedtls_test_le_s( #expr1 " <= " #expr2, __LINE__, __FILE__, \
+ expr1, expr2)) \
+ goto exit; \
+ } while (0)
+
+/** Allocate memory dynamically and fail the test case if this fails.
+ * The allocated memory will be filled with zeros.
+ *
+ * You must set \p pointer to \c NULL before calling this macro and
+ * put `mbedtls_free(pointer)` in the test's cleanup code.
+ *
+ * If \p item_count is zero, the resulting \p pointer will be \c NULL.
+ * This is usually what we want in tests since API functions are
+ * supposed to accept null pointers when a buffer size is zero.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param pointer An lvalue where the address of the allocated buffer
+ * will be stored.
+ * This expression may be evaluated multiple times.
+ * \param item_count Number of elements to allocate.
+ * This expression may be evaluated multiple times.
+ *
+ */
+#define TEST_CALLOC(pointer, item_count) \
+ do { \
+ TEST_ASSERT((pointer) == NULL); \
+ if ((item_count) != 0) { \
+ (pointer) = mbedtls_calloc((item_count), \
+ sizeof(*(pointer))); \
+ TEST_ASSERT((pointer) != NULL); \
+ } \
+ } while (0)
+
+/** Allocate memory dynamically and fail the test case if this fails.
+ * The allocated memory will be filled with zeros.
+ *
+ * You must set \p pointer to \c NULL before calling this macro and
+ * put `mbedtls_free(pointer)` in the test's cleanup code.
+ *
+ * If \p item_count is zero, the resulting \p pointer will not be \c NULL.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param pointer An lvalue where the address of the allocated buffer
+ * will be stored.
+ * This expression may be evaluated multiple times.
+ * \param item_count Number of elements to allocate.
+ * This expression may be evaluated multiple times.
+ *
+ * Note: if passing size 0, mbedtls_calloc may return NULL. In this case,
+ * we reattempt to allocate with the smallest possible buffer to assure a
+ * non-NULL pointer.
+ */
+#define TEST_CALLOC_NONNULL(pointer, item_count) \
+ do { \
+ TEST_ASSERT((pointer) == NULL); \
+ (pointer) = mbedtls_calloc((item_count), \
+ sizeof(*(pointer))); \
+ if (((pointer) == NULL) && ((item_count) == 0)) { \
+ (pointer) = mbedtls_calloc(1, 1); \
+ } \
+ TEST_ASSERT((pointer) != NULL); \
+ } while (0)
+
+/* For backwards compatibility */
+#define ASSERT_ALLOC(pointer, item_count) TEST_CALLOC(pointer, item_count)
+
+/** Allocate memory dynamically. If the allocation fails, skip the test case.
+ *
+ * This macro behaves like #TEST_CALLOC, except that if the allocation
+ * fails, it marks the test as skipped rather than failed.
+ */
+#define TEST_CALLOC_OR_SKIP(pointer, item_count) \
+ do { \
+ TEST_ASSERT((pointer) == NULL); \
+ if ((item_count) != 0) { \
+ (pointer) = mbedtls_calloc((item_count), \
+ sizeof(*(pointer))); \
+ TEST_ASSUME((pointer) != NULL); \
+ } \
+ } while (0)
+
+/* For backwards compatibility */
+#define ASSERT_ALLOC_WEAK(pointer, item_count) TEST_CALLOC_OR_SKIP(pointer, item_count)
+
+/** Compare two buffers and fail the test case if they differ.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param p1 Pointer to the start of the first buffer.
+ * \param size1 Size of the first buffer in bytes.
+ * This expression may be evaluated multiple times.
+ * \param p2 Pointer to the start of the second buffer.
+ * \param size2 Size of the second buffer in bytes.
+ * This expression may be evaluated multiple times.
+ */
+#define TEST_MEMORY_COMPARE(p1, size1, p2, size2) \
+ do { \
+ TEST_EQUAL((size1), (size2)); \
+ if ((size1) != 0) { \
+ TEST_ASSERT(memcmp((p1), (p2), (size1)) == 0); \
+ } \
+ } while (0)
+
+/* For backwards compatibility */
+#define ASSERT_COMPARE(p1, size1, p2, size2) TEST_MEMORY_COMPARE(p1, size1, p2, size2)
+
+/**
+ * \brief This macro tests the expression passed to it and skips the
+ * running test if it doesn't evaluate to 'true'.
+ *
+ * \param TEST The test expression to be tested.
+ */
+#define TEST_ASSUME(TEST) \
+ do { \
+ if (!(TEST)) \
+ { \
+ mbedtls_test_skip( #TEST, __LINE__, __FILE__); \
+ goto exit; \
+ } \
+ } while (0)
+
+#define TEST_HELPER_ASSERT(a) if (!(a)) \
+ { \
+ mbedtls_fprintf(stderr, "Assertion Failed at %s:%d - %s\n", \
+ __FILE__, __LINE__, #a); \
+ mbedtls_exit(1); \
+ }
+
+/** Return the smaller of two values.
+ *
+ * \param x An integer-valued expression without side effects.
+ * \param y An integer-valued expression without side effects.
+ *
+ * \return The smaller of \p x and \p y.
+ */
+#define MIN(x, y) ((x) < (y) ? (x) : (y))
+
+/** Return the larger of two values.
+ *
+ * \param x An integer-valued expression without side effects.
+ * \param y An integer-valued expression without side effects.
+ *
+ * \return The larger of \p x and \p y.
+ */
+#define MAX(x, y) ((x) > (y) ? (x) : (y))
+
+#endif /* TEST_MACROS_H */
diff --git a/tests/include/test/memory.h b/tests/include/test/memory.h
new file mode 100644
index 0000000..940d9e6
--- /dev/null
+++ b/tests/include/test/memory.h
@@ -0,0 +1,108 @@
+/**
+ * \file memory.h
+ *
+ * \brief Helper macros and functions related to testing memory management.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_MEMORY_H
+#define TEST_MEMORY_H
+
+#include "mbedtls/build_info.h"
+#include "mbedtls/platform.h"
+#include "test/helpers.h"
+
+/** \def MBEDTLS_TEST_MEMORY_CAN_POISON
+ *
+ * This macro is defined if the tests are compiled with a method to mark
+ * memory as poisoned, which can be used to enforce some memory access
+ * policies.
+ *
+ * Support for the C11 thread_local keyword is also required.
+ *
+ * Currently, only Asan (Address Sanitizer) is supported.
+ */
+#if defined(MBEDTLS_TEST_HAVE_ASAN) && \
+ (__STDC_VERSION__ >= 201112L) && \
+ !defined(PSA_CRYPTO_DRIVER_TEST)
+# define MBEDTLS_TEST_MEMORY_CAN_POISON
+#endif
+
+/** \def MBEDTLS_TEST_MEMORY_POISON(buf, size)
+ *
+ * Poison a memory area so that any attempt to read or write from it will
+ * cause a runtime failure.
+ *
+ * Depending on the implementation, this may poison a few bytes beyond the
+ * indicated region, but will never poison a separate object on the heap
+ * or a separate object with more than the alignment of a long long.
+ *
+ * The behavior is undefined if any part of the memory area is invalid.
+ *
+ * This is a no-op in builds without a poisoning method.
+ * See #MBEDTLS_TEST_MEMORY_CAN_POISON.
+ *
+ * \param buf Pointer to the beginning of the memory area to poison.
+ * \param size Size of the memory area in bytes.
+ */
+
+/** \def MBEDTLS_TEST_MEMORY_UNPOISON(buf, size)
+ *
+ * Undo the effect of #MBEDTLS_TEST_MEMORY_POISON.
+ *
+ * The behavior is undefined if any part of the memory area is invalid,
+ * or if the memory area contains a mixture of poisoned and unpoisoned parts.
+ *
+ * This is a no-op in builds without a poisoning method.
+ * See #MBEDTLS_TEST_MEMORY_CAN_POISON.
+ *
+ * \param buf Pointer to the beginning of the memory area to unpoison.
+ * \param size Size of the memory area in bytes.
+ */
+
+#if defined(MBEDTLS_TEST_MEMORY_CAN_POISON)
+
+/** Thread-local variable used to enable memory poisoning. This is set and
+ * unset in the test wrappers so that calls to PSA functions from the library
+ * do not poison memory.
+ */
+extern _Thread_local unsigned int mbedtls_test_memory_poisoning_count;
+
+/** Poison a memory area so that any attempt to read or write from it will
+ * cause a runtime failure.
+ *
+ * The behavior is undefined if any part of the memory area is invalid.
+ */
+void mbedtls_test_memory_poison(const unsigned char *ptr, size_t size);
+#define MBEDTLS_TEST_MEMORY_POISON(ptr, size) \
+ do { \
+ mbedtls_test_memory_poisoning_count++; \
+ mbedtls_test_memory_poison(ptr, size); \
+ } while (0)
+
+/** Undo the effect of mbedtls_test_memory_poison().
+ *
+ * This is a no-op if the given area is entirely valid, unpoisoned memory.
+ *
+ * The behavior is undefined if any part of the memory area is invalid,
+ * or if the memory area contains a mixture of poisoned and unpoisoned parts.
+ */
+void mbedtls_test_memory_unpoison(const unsigned char *ptr, size_t size);
+#define MBEDTLS_TEST_MEMORY_UNPOISON(ptr, size) \
+ do { \
+ mbedtls_test_memory_unpoison(ptr, size); \
+ if (mbedtls_test_memory_poisoning_count != 0) { \
+ mbedtls_test_memory_poisoning_count--; \
+ } \
+ } while (0)
+
+#else /* MBEDTLS_TEST_MEMORY_CAN_POISON */
+#define MBEDTLS_TEST_MEMORY_POISON(ptr, size) ((void) (ptr), (void) (size))
+#define MBEDTLS_TEST_MEMORY_UNPOISON(ptr, size) ((void) (ptr), (void) (size))
+#endif /* MBEDTLS_TEST_MEMORY_CAN_POISON */
+
+#endif /* TEST_MEMORY_H */
diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h
new file mode 100644
index 0000000..7306d8e
--- /dev/null
+++ b/tests/include/test/psa_crypto_helpers.h
@@ -0,0 +1,441 @@
+/*
+ * Helper functions for tests that use the PSA Crypto API.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_HELPERS_H
+#define PSA_CRYPTO_HELPERS_H
+
+#include "test/helpers.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#include "test/psa_helpers.h"
+#include <psa/crypto.h>
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+/** Initialize the PSA Crypto subsystem. */
+#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
+
+/** Shut down the PSA Crypto subsystem and destroy persistent keys.
+ * Expect a clean shutdown, with no slots in use.
+ *
+ * If some key slots are still in use, record the test case as failed,
+ * but continue executing. This macro is suitable (and primarily intended)
+ * for use in the cleanup section of test functions.
+ *
+ * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
+ * creating them.
+ */
+#define PSA_DONE() \
+ do \
+ { \
+ mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \
+ mbedtls_test_psa_purge_key_storage(); \
+ mbedtls_psa_crypto_free(); \
+ } \
+ while (0)
+#else /*MBEDTLS_PSA_CRYPTO_C */
+#define PSA_INIT() ((void) 0)
+#define PSA_DONE() ((void) 0)
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+
+/* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */
+int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id);
+
+/** Destroy persistent keys recorded with #TEST_USES_KEY_ID.
+ */
+void mbedtls_test_psa_purge_key_storage(void);
+
+/** Purge the in-memory cache of persistent keys recorded with
+ * #TEST_USES_KEY_ID.
+ *
+ * Call this function before calling PSA_DONE() if it's ok for
+ * persistent keys to still exist at this point.
+ */
+void mbedtls_test_psa_purge_key_cache(void);
+
+/** \def TEST_USES_KEY_ID
+ *
+ * Call this macro in a test function before potentially creating a
+ * persistent key. Test functions that use this mechanism must call
+ * mbedtls_test_psa_purge_key_storage() in their cleanup code.
+ *
+ * This macro records a persistent key identifier as potentially used in the
+ * current test case. Recorded key identifiers will be cleaned up at the end
+ * of the test case, even on failure.
+ *
+ * This macro has no effect on volatile keys. Therefore, it is safe to call
+ * this macro in a test function that creates either volatile or persistent
+ * keys depending on the test data.
+ *
+ * This macro currently has no effect on special identifiers
+ * used to store implementation-specific files.
+ *
+ * Calling this macro multiple times on the same key identifier in the same
+ * test case has no effect.
+ *
+ * This macro can fail the test case if there isn't enough memory to
+ * record the key id.
+ *
+ * \param key_id The PSA key identifier to record.
+ */
+#define TEST_USES_KEY_ID(key_id) \
+ TEST_ASSERT(mbedtls_test_uses_key_id(key_id))
+
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#define TEST_USES_KEY_ID(key_id) ((void) (key_id))
+#define mbedtls_test_psa_purge_key_storage() ((void) 0)
+#define mbedtls_test_psa_purge_key_cache() ((void) 0)
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+/** Check for things that have not been cleaned up properly in the
+ * PSA subsystem.
+ *
+ * \return NULL if nothing has leaked.
+ * \return A string literal explaining what has not been cleaned up
+ * if applicable.
+ */
+const char *mbedtls_test_helper_is_psa_leaking(void);
+
+/** Check that no PSA Crypto key slots are in use.
+ *
+ * If any slots are in use, mark the current test as failed and jump to
+ * the exit label. This is equivalent to
+ * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )`
+ * but with a more informative message.
+ */
+#define ASSERT_PSA_PRISTINE() \
+ do \
+ { \
+ if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__)) \
+ goto exit; \
+ } \
+ while (0)
+
+/** Shut down the PSA Crypto subsystem, allowing persistent keys to survive.
+ * Expect a clean shutdown, with no slots in use.
+ *
+ * If some key slots are still in use, record the test case as failed and
+ * jump to the `exit` label.
+ */
+#define PSA_SESSION_DONE() \
+ do \
+ { \
+ mbedtls_test_psa_purge_key_cache(); \
+ ASSERT_PSA_PRISTINE(); \
+ mbedtls_psa_crypto_free(); \
+ } \
+ while (0)
+
+
+
+#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
+psa_status_t mbedtls_test_record_status(psa_status_t status,
+ const char *func,
+ const char *file, int line,
+ const char *expr);
+
+/** Return value logging wrapper macro.
+ *
+ * Evaluate \p expr. Write a line recording its value to the log file
+ * #STATUS_LOG_FILE_NAME and return the value. The line is a colon-separated
+ * list of fields:
+ * ```
+ * value of expr:string:__FILE__:__LINE__:expr
+ * ```
+ *
+ * The test code does not call this macro explicitly because that would
+ * be very invasive. Instead, we instrument the source code by defining
+ * a bunch of wrapper macros like
+ * ```
+ * #define psa_crypto_init() RECORD_STATUS("psa_crypto_init", psa_crypto_init())
+ * ```
+ * These macro definitions must be present in `instrument_record_status.h`
+ * when building the test suites.
+ *
+ * \param string A string, normally a function name.
+ * \param expr An expression to evaluate, normally a call of the function
+ * whose name is in \p string. This expression must return
+ * a value of type #psa_status_t.
+ * \return The value of \p expr.
+ */
+#define RECORD_STATUS(string, expr) \
+ mbedtls_test_record_status((expr), string, __FILE__, __LINE__, #expr)
+
+#include "instrument_record_status.h"
+
+#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+
+/** Return extended key usage policies.
+ *
+ * Do a key policy permission extension on key usage policies always involves
+ * permissions of other usage policies
+ * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSAGE).
+ */
+psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags);
+
+/** Check that no PSA Crypto key slots are in use.
+ *
+ * If any slots are in use, mark the current test as failed.
+ *
+ * \return 0 if the key store is empty, 1 otherwise.
+ */
+int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename);
+
+
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform
+ * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
+ * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions
+ * is to read and write from the entropy seed file, which is located
+ * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID.
+ * (These could have been provided as library functions, but for historical
+ * reasons, they weren't, and so each integrator has to provide a copy
+ * of these functions.)
+ *
+ * Provide implementations of these functions for testing. */
+int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len);
+int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len);
+
+
+/** Make sure that the injected entropy is present.
+ *
+ * When MBEDTLS_PSA_INJECT_ENTROPY is enabled, psa_crypto_init()
+ * will fail if the PSA entropy seed is not present.
+ * This function must be called at least once in a test suite or other
+ * program before any call to psa_crypto_init().
+ * It does not need to be called in each test case.
+ *
+ * The test framework calls this function before running any test case.
+ *
+ * The few tests that might remove the entropy file must call this function
+ * in their cleanup.
+ */
+int mbedtls_test_inject_entropy_restore(void);
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+/** Parse binary string and convert it to a long integer
+ */
+uint64_t mbedtls_test_parse_binary_string(data_t *bin_string);
+
+/** Skip a test case if the given key is a 192 bits AES key and the AES
+ * implementation is at least partially provided by an accelerator or
+ * alternative implementation.
+ *
+ * Call this macro in a test case when a cryptographic operation that may
+ * involve an AES operation returns a #PSA_ERROR_NOT_SUPPORTED error code.
+ * The macro call will skip and not fail the test case in case the operation
+ * involves a 192 bits AES key and the AES implementation is at least
+ * partially provided by an accelerator or alternative implementation.
+ *
+ * Hardware AES implementations not supporting 192 bits keys commonly exist.
+ * Consequently, PSA test cases aim at not failing when an AES operation with
+ * a 192 bits key performed by an alternative AES implementation returns
+ * with the #PSA_ERROR_NOT_SUPPORTED error code. The purpose of this macro
+ * is to facilitate this and make the test case code more readable.
+ *
+ * \param key_type Key type
+ * \param key_bits Key length in number of bits.
+ */
+#if defined(MBEDTLS_AES_ALT) || \
+ defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#define MBEDTLS_TEST_HAVE_ALT_AES 1
+#else
+#define MBEDTLS_TEST_HAVE_ALT_AES 0
+#endif
+
+#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_bits) \
+ do \
+ { \
+ if ((MBEDTLS_TEST_HAVE_ALT_AES) && \
+ ((key_type) == PSA_KEY_TYPE_AES) && \
+ (key_bits == 192)) \
+ { \
+ mbedtls_test_skip("AES-192 not supported", __LINE__, __FILE__); \
+ goto exit; \
+ } \
+ } \
+ while (0)
+
+/** Skip a test case if a GCM operation with a nonce length different from
+ * 12 bytes fails and was performed by an accelerator or alternative
+ * implementation.
+ *
+ * Call this macro in a test case when an AEAD cryptography operation that
+ * may involve the GCM mode returns with a #PSA_ERROR_NOT_SUPPORTED error
+ * code. The macro call will skip and not fail the test case in case the
+ * operation involves the GCM mode, a nonce with a length different from
+ * 12 bytes and the GCM mode implementation is an alternative one.
+ *
+ * Hardware GCM implementations not supporting nonce lengths different from
+ * 12 bytes commonly exist, as supporting a non-12-byte nonce requires
+ * additional computations involving the GHASH function.
+ * Consequently, PSA test cases aim at not failing when an AEAD operation in
+ * GCM mode with a nonce length different from 12 bytes is performed by an
+ * alternative GCM implementation and returns with a #PSA_ERROR_NOT_SUPPORTED
+ * error code. The purpose of this macro is to facilitate this check and make
+ * the test case code more readable.
+ *
+ * \param alg The AEAD algorithm.
+ * \param nonce_length The nonce length in number of bytes.
+ */
+#if defined(MBEDTLS_GCM_ALT) || \
+ defined(MBEDTLS_PSA_ACCEL_ALG_GCM)
+#define MBEDTLS_TEST_HAVE_ALT_GCM 1
+#else
+#define MBEDTLS_TEST_HAVE_ALT_GCM 0
+#endif
+
+#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, \
+ nonce_length) \
+ do \
+ { \
+ if ((MBEDTLS_TEST_HAVE_ALT_GCM) && \
+ (PSA_ALG_AEAD_WITH_SHORTENED_TAG((alg), 0) == \
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)) && \
+ ((nonce_length) != 12)) \
+ { \
+ mbedtls_test_skip("GCM with non-12-byte IV is not supported", __LINE__, __FILE__); \
+ goto exit; \
+ } \
+ } \
+ while (0)
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+/** \def USE_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO
+ * or #MBEDTLS_SSL_PROTO_TLS1_3 (In contrast to TLS 1.2 implementation, the
+ * TLS 1.3 one uses PSA independently of the definition of
+ * #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise.
+ *
+ * If the initialization fails, mark the test case as failed and jump to the
+ * \p exit label.
+ */
+/** \def USE_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #USE_PSA_INIT.
+ *
+ * This is like #PSA_DONE except it does nothing under the same conditions as
+ * #USE_PSA_INIT.
+ */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
+#define USE_PSA_INIT() PSA_INIT()
+#define USE_PSA_DONE() PSA_DONE()
+#else /* MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3 */
+/* Define empty macros so that we can use them in the preamble and teardown
+ * of every test function that uses PSA conditionally based on
+ * MBEDTLS_USE_PSA_CRYPTO. */
+#define USE_PSA_INIT() ((void) 0)
+#define USE_PSA_DONE() ((void) 0)
+#endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */
+
+/** \def MD_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if MD uses a driver,
+ * and do nothing otherwise.
+ *
+ * If the initialization fails, mark the test case as failed and jump to the
+ * \p exit label.
+ */
+/** \def MD_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #MD_PSA_INIT.
+ *
+ * This is like #PSA_DONE except it does nothing under the same conditions as
+ * #MD_PSA_INIT.
+ */
+#if defined(MBEDTLS_MD_SOME_PSA)
+#define MD_PSA_INIT() PSA_INIT()
+#define MD_PSA_DONE() PSA_DONE()
+#else /* MBEDTLS_MD_SOME_PSA */
+#define MD_PSA_INIT() ((void) 0)
+#define MD_PSA_DONE() ((void) 0)
+#endif /* MBEDTLS_MD_SOME_PSA */
+
+/** \def BLOCK_CIPHER_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if BLOCK_CIPHER uses a driver,
+ * and do nothing otherwise.
+ *
+ * If the initialization fails, mark the test case as failed and jump to the
+ * \p exit label.
+ */
+/** \def BLOCK_CIPHER_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #BLOCK_CIPHER_PSA_INIT.
+ *
+ * This is like #PSA_DONE except it does nothing under the same conditions as
+ * #BLOCK_CIPHER_PSA_INIT.
+ */
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+#define BLOCK_CIPHER_PSA_INIT() PSA_INIT()
+#define BLOCK_CIPHER_PSA_DONE() PSA_DONE()
+#else /* MBEDTLS_MD_SOME_PSA */
+#define BLOCK_CIPHER_PSA_INIT() ((void) 0)
+#define BLOCK_CIPHER_PSA_DONE() ((void) 0)
+#endif /* MBEDTLS_MD_SOME_PSA */
+
+
+/** \def MD_OR_USE_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if MD uses a driver,
+ * or if #MBEDTLS_USE_PSA_CRYPTO or #MBEDTLS_SSL_PROTO_TLS1_3 is enabled,
+ * and do nothing otherwise.
+ *
+ * If the initialization fails, mark the test case as failed and jump to the
+ * \p exit label.
+ */
+/** \def MD_OR_USE_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #MD_OR_USE_PSA_INIT.
+ *
+ * This is like #PSA_DONE except it does nothing under the same conditions as
+ * #MD_OR_USE_PSA_INIT.
+ */
+#if defined(MBEDTLS_MD_SOME_PSA) || \
+ defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
+#define MD_OR_USE_PSA_INIT() PSA_INIT()
+#define MD_OR_USE_PSA_DONE() PSA_DONE()
+#else
+#define MD_OR_USE_PSA_INIT() ((void) 0)
+#define MD_OR_USE_PSA_DONE() ((void) 0)
+#endif
+
+/** \def AES_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if AES_C is not defined,
+ * so that CTR_DRBG uses PSA implementation to get AES-ECB.
+ *
+ * If the initialization fails, mark the test case as failed and jump to the
+ * \p exit label.
+ */
+/** \def AES_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #AES_PSA_INIT.
+ *
+ * This is like #PSA_DONE except it does nothing under the same conditions as
+ * #AES_PSA_INIT.
+ */
+#if defined(MBEDTLS_AES_C)
+#define AES_PSA_INIT() ((void) 0)
+#define AES_PSA_DONE() ((void) 0)
+#else /* MBEDTLS_AES_C */
+#define AES_PSA_INIT() PSA_INIT()
+#define AES_PSA_DONE() PSA_DONE()
+#endif /* MBEDTLS_AES_C */
+
+#endif /* PSA_CRYPTO_HELPERS_H */
diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h
new file mode 100644
index 0000000..f6be307
--- /dev/null
+++ b/tests/include/test/psa_exercise_key.h
@@ -0,0 +1,286 @@
+/** Code to exercise a PSA key object, i.e. validate that it seems well-formed
+ * and can do what it is supposed to do.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_EXERCISE_KEY_H
+#define PSA_EXERCISE_KEY_H
+
+#include "test/helpers.h"
+#include "test/psa_crypto_helpers.h"
+
+#include <psa/crypto.h>
+
+#if defined(MBEDTLS_PK_C)
+#include <mbedtls/pk.h>
+#endif
+
+/** \def KNOWN_SUPPORTED_HASH_ALG
+ *
+ * A hash algorithm that is known to be supported.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(PSA_WANT_ALG_SHA_256)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
+#elif defined(PSA_WANT_ALG_SHA_384)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384
+#elif defined(PSA_WANT_ALG_SHA_512)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_512
+#elif defined(PSA_WANT_ALG_SHA3_256)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256
+#elif defined(PSA_WANT_ALG_SHA_1)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
+#elif defined(PSA_WANT_ALG_MD5)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
+/* PSA_WANT_ALG_RIPEMD160 omitted. This is necessary for the sake of
+ * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
+ * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
+ * implausible anyway. */
+#else
+#undef KNOWN_SUPPORTED_HASH_ALG
+#endif
+
+/** \def KNOWN_SUPPORTED_BLOCK_CIPHER
+ *
+ * A block cipher that is known to be supported.
+ *
+ * For simplicity's sake, stick to block ciphers with 16-byte blocks.
+ */
+#if defined(PSA_WANT_KEY_TYPE_AES)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES
+#elif defined(PSA_WANT_KEY_TYPE_ARIA)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA
+#elif defined(PSA_WANT_KEY_TYPE_CAMELLIA)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA
+#else
+#undef KNOWN_SUPPORTED_BLOCK_CIPHER
+#endif
+
+/** \def KNOWN_SUPPORTED_MAC_ALG
+ *
+ * A MAC mode that is known to be supported.
+ *
+ * It must either be HMAC with #KNOWN_SUPPORTED_HASH_ALG or
+ * a block cipher-based MAC with #KNOWN_SUPPORTED_BLOCK_CIPHER.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(KNOWN_SUPPORTED_HASH_ALG) && defined(PSA_WANT_ALG_HMAC)
+#define KNOWN_SUPPORTED_MAC_ALG (PSA_ALG_HMAC(KNOWN_SUPPORTED_HASH_ALG))
+#define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C)
+#define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC
+#define KNOWN_SUPPORTED_MAC_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
+#else
+#undef KNOWN_SUPPORTED_MAC_ALG
+#undef KNOWN_SUPPORTED_MAC_KEY_TYPE
+#endif
+
+/** \def KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+ *
+ * A cipher algorithm and key type that are known to be supported.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CTR)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CBC_NO_PADDING)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CFB)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_OFB)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB
+#else
+#undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+#endif
+#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG)
+#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
+#else
+#undef KNOWN_SUPPORTED_CIPHER_ALG
+#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE
+#endif
+
+/** Convenience function to set up a key derivation.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * The inputs \p input1 and \p input2 are, in order:
+ * - HKDF: salt, info.
+ * - TKS 1.2 PRF, TLS 1.2 PSK-to-MS: seed, label.
+ * - PBKDF2: input cost, salt.
+ *
+ * \param operation The operation object to use.
+ * It must be in the initialized state.
+ * \param key The key to use.
+ * \param alg The algorithm to use.
+ * \param input1 The first input to pass.
+ * \param input1_length The length of \p input1 in bytes.
+ * \param input2 The first input to pass.
+ * \param input2_length The length of \p input2 in bytes.
+ * \param capacity The capacity to set.
+ * \param key_destroyable If set to 1, a failure due to the key not existing
+ * or the key being destroyed mid-operation will only
+ * be reported if the error code is unexpected.
+ *
+ * \return \c 1 on success, \c 0 on failure.
+ */
+int mbedtls_test_psa_setup_key_derivation_wrap(
+ psa_key_derivation_operation_t *operation,
+ mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const unsigned char *input1, size_t input1_length,
+ const unsigned char *input2, size_t input2_length,
+ size_t capacity, int key_destroyable);
+
+/** Perform a key agreement using the given key pair against its public key
+ * using psa_raw_key_agreement().
+ *
+ * The result is discarded. The purpose of this function is to smoke-test a key.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * \param alg A key agreement algorithm compatible with \p key.
+ * \param key A key that allows key agreement with \p alg.
+ * \param key_destroyable If set to 1, a failure due to the key not existing
+ * or the key being destroyed mid-operation will only
+ * be reported if the error code is unexpected.
+ *
+ * \return \c 1 on success, \c 0 on failure.
+ */
+psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
+ psa_algorithm_t alg,
+ mbedtls_svc_key_id_t key, int key_destroyable);
+
+/** Perform a key agreement using the given key pair against its public key
+ * using psa_key_derivation_raw_key().
+ *
+ * The result is discarded. The purpose of this function is to smoke-test a key.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * \param operation An operation that has been set up for a key
+ * agreement algorithm that is compatible with
+ * \p key.
+ * \param key A key pair object that is suitable for a key
+ * agreement with \p operation.
+ * \param key_destroyable If set to 1, a failure due to the key not existing
+ * or the key being destroyed mid-operation will only
+ * be reported if the error code is unexpected.
+ *
+ * \return \c 1 on success, \c 0 on failure.
+ */
+psa_status_t mbedtls_test_psa_key_agreement_with_self(
+ psa_key_derivation_operation_t *operation,
+ mbedtls_svc_key_id_t key, int key_destroyable);
+
+/** Perform sanity checks on the given key representation.
+ *
+ * If any of the checks fail, mark the current test case as failed.
+ *
+ * The checks depend on the key type.
+ * - All types: check the export size against maximum-size macros.
+ * - DES: parity bits.
+ * - RSA: check the ASN.1 structure and the size and parity of the integers.
+ * - ECC private or public key: exact representation length.
+ * - Montgomery public key: first byte.
+ *
+ * \param type The key type.
+ * \param bits The key size in bits.
+ * \param exported A buffer containing the key representation.
+ * \param exported_length The length of \p exported in bytes.
+ *
+ * \return \c 1 if all checks passed, \c 0 on failure.
+ */
+int mbedtls_test_psa_exported_key_sanity_check(
+ psa_key_type_t type, size_t bits,
+ const uint8_t *exported, size_t exported_length);
+
+/** Do smoke tests on a key.
+ *
+ * Perform one of each operation indicated by \p alg (decrypt/encrypt,
+ * sign/verify, or derivation) that is permitted according to \p usage.
+ * \p usage and \p alg should correspond to the expected policy on the
+ * key.
+ *
+ * Export the key if permitted by \p usage, and check that the output
+ * looks sensible. If \p usage forbids export, check that
+ * \p psa_export_key correctly rejects the attempt. If the key is
+ * asymmetric, also check \p psa_export_public_key.
+ *
+ * If the key fails the tests, this function calls the test framework's
+ * `mbedtls_test_fail` function and returns false. Otherwise this function
+ * returns true. Therefore it should be used as follows:
+ * ```
+ * if( ! exercise_key( ... ) ) goto exit;
+ * ```
+ * To use this function for multi-threaded tests where the key
+ * may be destroyed at any point: call this function with key_destroyable set
+ * to 1, while another thread calls psa_destroy_key on the same key;
+ * this will test whether destroying the key in use leads to any corruption.
+ *
+ * There cannot be a set of concurrent calls:
+ * `mbedtls_test_psa_exercise_key(ki,...)` such that each ki is a unique
+ * persistent key not loaded into any key slot, and i is greater than the
+ * number of free key slots.
+ * This is because such scenarios can lead to unsupported
+ * `PSA_ERROR_INSUFFICIENT_MEMORY` return codes.
+ *
+ *
+ * \param key The key to exercise. It should be capable of performing
+ * \p alg.
+ * \param usage The usage flags to assume.
+ * \param alg The algorithm to exercise.
+ * \param key_destroyable If set to 1, a failure due to the key not existing
+ * or the key being destroyed mid-operation will only
+ * be reported if the error code is unexpected.
+ *
+ * \retval 0 The key failed the smoke tests.
+ * \retval 1 The key passed the smoke tests.
+ */
+int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable);
+
+psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type,
+ psa_algorithm_t alg);
+
+/** Whether the specified algorithm can be exercised.
+ *
+ * \note This function is solely based on the algorithm and does not
+ * consider potential issues with the compatibility of a key.
+ * The idea is that you already have a key, so you know that the
+ * key type is supported, and you want to exercise the key but
+ * only if the algorithm given in its policy is enabled in the
+ * compile-time configuration.
+ *
+ * \note This function currently only supports signature algorithms
+ * (including wildcards).
+ * TODO: a more general mechanism, which should be automatically
+ * generated and possibly available as a library function?
+ */
+int mbedtls_test_can_exercise_psa_algorithm(psa_algorithm_t alg);
+
+#if defined(MBEDTLS_PK_C)
+/** PK-PSA key consistency test.
+ *
+ * This function tests that the pk context and the PSA key are
+ * consistent. At a minimum:
+ *
+ * - The two objects must contain keys of the same type,
+ * or a key pair and a public key of the matching type.
+ * - The two objects must have the same public key.
+ *
+ * \retval 0 The key failed the consistency tests.
+ * \retval 1 The key passed the consistency tests.
+ */
+int mbedtls_test_key_consistency_psa_pk(mbedtls_svc_key_id_t psa_key,
+ const mbedtls_pk_context *pk);
+#endif /* MBEDTLS_PK_C */
+
+#endif /* PSA_EXERCISE_KEY_H */
diff --git a/tests/include/test/psa_helpers.h b/tests/include/test/psa_helpers.h
new file mode 100644
index 0000000..b617189
--- /dev/null
+++ b/tests/include/test/psa_helpers.h
@@ -0,0 +1,24 @@
+/*
+ * Helper functions for tests that use any PSA API.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_HELPERS_H
+#define PSA_HELPERS_H
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+/** Evaluate an expression and fail the test case if it returns an error.
+ *
+ * \param expr The expression to evaluate. This is typically a call
+ * to a \c psa_xxx function that returns a value of type
+ * #psa_status_t.
+ */
+#define PSA_ASSERT(expr) TEST_EQUAL((expr), PSA_SUCCESS)
+
+#endif /* PSA_HELPERS_H */
diff --git a/tests/include/test/psa_memory_poisoning_wrappers.h b/tests/include/test/psa_memory_poisoning_wrappers.h
new file mode 100644
index 0000000..3f30b65
--- /dev/null
+++ b/tests/include/test/psa_memory_poisoning_wrappers.h
@@ -0,0 +1,40 @@
+/** Support for memory poisoning wrappers for PSA functions.
+ *
+ * The wrappers poison the input and output buffers of each function
+ * before calling it, to ensure that it does not access the buffers
+ * except by calling the approved buffer-copying functions.
+ *
+ * This header declares support functions. The wrappers themselves are
+ * decalred in the automatically generated file `test/psa_test_wrappers.h`.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_MEMORY_POISONING_WRAPPERS_H
+#define PSA_MEMORY_POISONING_WRAPPERS_H
+
+#include "psa/crypto.h"
+
+#include "test/memory.h"
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_TEST_MEMORY_CAN_POISON)
+
+/**
+ * \brief Setup the memory poisoning test hooks used by
+ * psa_crypto_copy_input() and psa_crypto_copy_output() for
+ * memory poisoning.
+ */
+void mbedtls_poison_test_hooks_setup(void);
+
+/**
+ * \brief Teardown the memory poisoning test hooks used by
+ * psa_crypto_copy_input() and psa_crypto_copy_output() for
+ * memory poisoning.
+ */
+void mbedtls_poison_test_hooks_teardown(void);
+
+#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_TEST_MEMORY_CAN_POISON */
+
+#endif /* PSA_MEMORY_POISONING_WRAPPERS_H */
diff --git a/tests/include/test/psa_test_wrappers.h b/tests/include/test/psa_test_wrappers.h
new file mode 100644
index 0000000..ecf926e
--- /dev/null
+++ b/tests/include/test/psa_test_wrappers.h
@@ -0,0 +1,739 @@
+/* Automatically generated by generate_psa_wrappers.py, do not edit! */
+
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_PSA_TEST_WRAPPERS_H
+#define TEST_PSA_TEST_WRAPPERS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <mbedtls/build_info.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \
+ !defined(RECORD_PSA_STATUS_COVERAGE_LOG)
+
+#include <psa/crypto.h>
+
+#include <test/memory.h>
+#include <test/psa_crypto_helpers.h>
+#include <test/psa_test_wrappers.h>
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+psa_status_t mbedtls_test_wrap_mbedtls_psa_inject_entropy(
+ const uint8_t *arg0_seed,
+ size_t arg1_seed_size);
+#define mbedtls_psa_inject_entropy(arg0_seed, arg1_seed_size) \
+ mbedtls_test_wrap_mbedtls_psa_inject_entropy(arg0_seed, arg1_seed_size)
+#endif /* defined(MBEDTLS_PSA_INJECT_ENTROPY) */
+
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+psa_status_t mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key(
+ mbedtls_svc_key_id_t arg0_key_id,
+ psa_key_lifetime_t *arg1_lifetime,
+ psa_drv_slot_number_t *arg2_slot_number);
+#define mbedtls_psa_platform_get_builtin_key(arg0_key_id, arg1_lifetime, arg2_slot_number) \
+ mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key(arg0_key_id, arg1_lifetime, arg2_slot_number)
+#endif /* defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+psa_status_t mbedtls_test_wrap_mbedtls_psa_register_se_key(
+ const psa_key_attributes_t *arg0_attributes);
+#define mbedtls_psa_register_se_key(arg0_attributes) \
+ mbedtls_test_wrap_mbedtls_psa_register_se_key(arg0_attributes)
+#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */
+
+psa_status_t mbedtls_test_wrap_psa_aead_abort(
+ psa_aead_operation_t *arg0_operation);
+#define psa_aead_abort(arg0_operation) \
+ mbedtls_test_wrap_psa_aead_abort(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_aead_decrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_nonce,
+ size_t arg3_nonce_length,
+ const uint8_t *arg4_additional_data,
+ size_t arg5_additional_data_length,
+ const uint8_t *arg6_ciphertext,
+ size_t arg7_ciphertext_length,
+ uint8_t *arg8_plaintext,
+ size_t arg9_plaintext_size,
+ size_t *arg10_plaintext_length);
+#define psa_aead_decrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length) \
+ mbedtls_test_wrap_psa_aead_decrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length)
+
+psa_status_t mbedtls_test_wrap_psa_aead_decrypt_setup(
+ psa_aead_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg);
+#define psa_aead_decrypt_setup(arg0_operation, arg1_key, arg2_alg) \
+ mbedtls_test_wrap_psa_aead_decrypt_setup(arg0_operation, arg1_key, arg2_alg)
+
+psa_status_t mbedtls_test_wrap_psa_aead_encrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_nonce,
+ size_t arg3_nonce_length,
+ const uint8_t *arg4_additional_data,
+ size_t arg5_additional_data_length,
+ const uint8_t *arg6_plaintext,
+ size_t arg7_plaintext_length,
+ uint8_t *arg8_ciphertext,
+ size_t arg9_ciphertext_size,
+ size_t *arg10_ciphertext_length);
+#define psa_aead_encrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length) \
+ mbedtls_test_wrap_psa_aead_encrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length)
+
+psa_status_t mbedtls_test_wrap_psa_aead_encrypt_setup(
+ psa_aead_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg);
+#define psa_aead_encrypt_setup(arg0_operation, arg1_key, arg2_alg) \
+ mbedtls_test_wrap_psa_aead_encrypt_setup(arg0_operation, arg1_key, arg2_alg)
+
+psa_status_t mbedtls_test_wrap_psa_aead_finish(
+ psa_aead_operation_t *arg0_operation,
+ uint8_t *arg1_ciphertext,
+ size_t arg2_ciphertext_size,
+ size_t *arg3_ciphertext_length,
+ uint8_t *arg4_tag,
+ size_t arg5_tag_size,
+ size_t *arg6_tag_length);
+#define psa_aead_finish(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length) \
+ mbedtls_test_wrap_psa_aead_finish(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length)
+
+psa_status_t mbedtls_test_wrap_psa_aead_generate_nonce(
+ psa_aead_operation_t *arg0_operation,
+ uint8_t *arg1_nonce,
+ size_t arg2_nonce_size,
+ size_t *arg3_nonce_length);
+#define psa_aead_generate_nonce(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length) \
+ mbedtls_test_wrap_psa_aead_generate_nonce(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length)
+
+psa_status_t mbedtls_test_wrap_psa_aead_set_lengths(
+ psa_aead_operation_t *arg0_operation,
+ size_t arg1_ad_length,
+ size_t arg2_plaintext_length);
+#define psa_aead_set_lengths(arg0_operation, arg1_ad_length, arg2_plaintext_length) \
+ mbedtls_test_wrap_psa_aead_set_lengths(arg0_operation, arg1_ad_length, arg2_plaintext_length)
+
+psa_status_t mbedtls_test_wrap_psa_aead_set_nonce(
+ psa_aead_operation_t *arg0_operation,
+ const uint8_t *arg1_nonce,
+ size_t arg2_nonce_length);
+#define psa_aead_set_nonce(arg0_operation, arg1_nonce, arg2_nonce_length) \
+ mbedtls_test_wrap_psa_aead_set_nonce(arg0_operation, arg1_nonce, arg2_nonce_length)
+
+psa_status_t mbedtls_test_wrap_psa_aead_update(
+ psa_aead_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length,
+ uint8_t *arg3_output,
+ size_t arg4_output_size,
+ size_t *arg5_output_length);
+#define psa_aead_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) \
+ mbedtls_test_wrap_psa_aead_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_aead_update_ad(
+ psa_aead_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length);
+#define psa_aead_update_ad(arg0_operation, arg1_input, arg2_input_length) \
+ mbedtls_test_wrap_psa_aead_update_ad(arg0_operation, arg1_input, arg2_input_length)
+
+psa_status_t mbedtls_test_wrap_psa_aead_verify(
+ psa_aead_operation_t *arg0_operation,
+ uint8_t *arg1_plaintext,
+ size_t arg2_plaintext_size,
+ size_t *arg3_plaintext_length,
+ const uint8_t *arg4_tag,
+ size_t arg5_tag_length);
+#define psa_aead_verify(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length) \
+ mbedtls_test_wrap_psa_aead_verify(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length)
+
+psa_status_t mbedtls_test_wrap_psa_asymmetric_decrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ const uint8_t *arg4_salt,
+ size_t arg5_salt_length,
+ uint8_t *arg6_output,
+ size_t arg7_output_size,
+ size_t *arg8_output_length);
+#define psa_asymmetric_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) \
+ mbedtls_test_wrap_psa_asymmetric_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_asymmetric_encrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ const uint8_t *arg4_salt,
+ size_t arg5_salt_length,
+ uint8_t *arg6_output,
+ size_t arg7_output_size,
+ size_t *arg8_output_length);
+#define psa_asymmetric_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) \
+ mbedtls_test_wrap_psa_asymmetric_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_abort(
+ psa_cipher_operation_t *arg0_operation);
+#define psa_cipher_abort(arg0_operation) \
+ mbedtls_test_wrap_psa_cipher_abort(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_decrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ uint8_t *arg4_output,
+ size_t arg5_output_size,
+ size_t *arg6_output_length);
+#define psa_cipher_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) \
+ mbedtls_test_wrap_psa_cipher_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_decrypt_setup(
+ psa_cipher_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg);
+#define psa_cipher_decrypt_setup(arg0_operation, arg1_key, arg2_alg) \
+ mbedtls_test_wrap_psa_cipher_decrypt_setup(arg0_operation, arg1_key, arg2_alg)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_encrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ uint8_t *arg4_output,
+ size_t arg5_output_size,
+ size_t *arg6_output_length);
+#define psa_cipher_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) \
+ mbedtls_test_wrap_psa_cipher_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_encrypt_setup(
+ psa_cipher_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg);
+#define psa_cipher_encrypt_setup(arg0_operation, arg1_key, arg2_alg) \
+ mbedtls_test_wrap_psa_cipher_encrypt_setup(arg0_operation, arg1_key, arg2_alg)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_finish(
+ psa_cipher_operation_t *arg0_operation,
+ uint8_t *arg1_output,
+ size_t arg2_output_size,
+ size_t *arg3_output_length);
+#define psa_cipher_finish(arg0_operation, arg1_output, arg2_output_size, arg3_output_length) \
+ mbedtls_test_wrap_psa_cipher_finish(arg0_operation, arg1_output, arg2_output_size, arg3_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_generate_iv(
+ psa_cipher_operation_t *arg0_operation,
+ uint8_t *arg1_iv,
+ size_t arg2_iv_size,
+ size_t *arg3_iv_length);
+#define psa_cipher_generate_iv(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length) \
+ mbedtls_test_wrap_psa_cipher_generate_iv(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_set_iv(
+ psa_cipher_operation_t *arg0_operation,
+ const uint8_t *arg1_iv,
+ size_t arg2_iv_length);
+#define psa_cipher_set_iv(arg0_operation, arg1_iv, arg2_iv_length) \
+ mbedtls_test_wrap_psa_cipher_set_iv(arg0_operation, arg1_iv, arg2_iv_length)
+
+psa_status_t mbedtls_test_wrap_psa_cipher_update(
+ psa_cipher_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length,
+ uint8_t *arg3_output,
+ size_t arg4_output_size,
+ size_t *arg5_output_length);
+#define psa_cipher_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) \
+ mbedtls_test_wrap_psa_cipher_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_copy_key(
+ mbedtls_svc_key_id_t arg0_source_key,
+ const psa_key_attributes_t *arg1_attributes,
+ mbedtls_svc_key_id_t *arg2_target_key);
+#define psa_copy_key(arg0_source_key, arg1_attributes, arg2_target_key) \
+ mbedtls_test_wrap_psa_copy_key(arg0_source_key, arg1_attributes, arg2_target_key)
+
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ psa_pake_cipher_suite_t *arg1_cipher_suite);
+#define psa_crypto_driver_pake_get_cipher_suite(arg0_inputs, arg1_cipher_suite) \
+ mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite(arg0_inputs, arg1_cipher_suite)
+
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ uint8_t *arg1_buffer,
+ size_t arg2_buffer_size,
+ size_t *arg3_buffer_length);
+#define psa_crypto_driver_pake_get_password(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length) \
+ mbedtls_test_wrap_psa_crypto_driver_pake_get_password(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length)
+
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ size_t *arg1_password_len);
+#define psa_crypto_driver_pake_get_password_len(arg0_inputs, arg1_password_len) \
+ mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len(arg0_inputs, arg1_password_len)
+
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ uint8_t *arg1_peer_id,
+ size_t arg2_peer_id_size,
+ size_t *arg3_peer_id_length);
+#define psa_crypto_driver_pake_get_peer(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length) \
+ mbedtls_test_wrap_psa_crypto_driver_pake_get_peer(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length)
+
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ size_t *arg1_peer_len);
+#define psa_crypto_driver_pake_get_peer_len(arg0_inputs, arg1_peer_len) \
+ mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len(arg0_inputs, arg1_peer_len)
+
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ uint8_t *arg1_user_id,
+ size_t arg2_user_id_size,
+ size_t *arg3_user_id_len);
+#define psa_crypto_driver_pake_get_user(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len) \
+ mbedtls_test_wrap_psa_crypto_driver_pake_get_user(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len)
+
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ size_t *arg1_user_len);
+#define psa_crypto_driver_pake_get_user_len(arg0_inputs, arg1_user_len) \
+ mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len(arg0_inputs, arg1_user_len)
+
+psa_status_t mbedtls_test_wrap_psa_crypto_init(void);
+#define psa_crypto_init() \
+ mbedtls_test_wrap_psa_crypto_init()
+
+psa_status_t mbedtls_test_wrap_psa_destroy_key(
+ mbedtls_svc_key_id_t arg0_key);
+#define psa_destroy_key(arg0_key) \
+ mbedtls_test_wrap_psa_destroy_key(arg0_key)
+
+psa_status_t mbedtls_test_wrap_psa_export_key(
+ mbedtls_svc_key_id_t arg0_key,
+ uint8_t *arg1_data,
+ size_t arg2_data_size,
+ size_t *arg3_data_length);
+#define psa_export_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) \
+ mbedtls_test_wrap_psa_export_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length)
+
+psa_status_t mbedtls_test_wrap_psa_export_public_key(
+ mbedtls_svc_key_id_t arg0_key,
+ uint8_t *arg1_data,
+ size_t arg2_data_size,
+ size_t *arg3_data_length);
+#define psa_export_public_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) \
+ mbedtls_test_wrap_psa_export_public_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length)
+
+psa_status_t mbedtls_test_wrap_psa_generate_key(
+ const psa_key_attributes_t *arg0_attributes,
+ mbedtls_svc_key_id_t *arg1_key);
+#define psa_generate_key(arg0_attributes, arg1_key) \
+ mbedtls_test_wrap_psa_generate_key(arg0_attributes, arg1_key)
+
+psa_status_t mbedtls_test_wrap_psa_generate_key_ext(
+ const psa_key_attributes_t *arg0_attributes,
+ const psa_key_production_parameters_t *arg1_params,
+ size_t arg2_params_data_length,
+ mbedtls_svc_key_id_t *arg3_key);
+#define psa_generate_key_ext(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key) \
+ mbedtls_test_wrap_psa_generate_key_ext(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key)
+
+psa_status_t mbedtls_test_wrap_psa_generate_random(
+ uint8_t *arg0_output,
+ size_t arg1_output_size);
+#define psa_generate_random(arg0_output, arg1_output_size) \
+ mbedtls_test_wrap_psa_generate_random(arg0_output, arg1_output_size)
+
+psa_status_t mbedtls_test_wrap_psa_get_key_attributes(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_key_attributes_t *arg1_attributes);
+#define psa_get_key_attributes(arg0_key, arg1_attributes) \
+ mbedtls_test_wrap_psa_get_key_attributes(arg0_key, arg1_attributes)
+
+psa_status_t mbedtls_test_wrap_psa_hash_abort(
+ psa_hash_operation_t *arg0_operation);
+#define psa_hash_abort(arg0_operation) \
+ mbedtls_test_wrap_psa_hash_abort(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_hash_clone(
+ const psa_hash_operation_t *arg0_source_operation,
+ psa_hash_operation_t *arg1_target_operation);
+#define psa_hash_clone(arg0_source_operation, arg1_target_operation) \
+ mbedtls_test_wrap_psa_hash_clone(arg0_source_operation, arg1_target_operation)
+
+psa_status_t mbedtls_test_wrap_psa_hash_compare(
+ psa_algorithm_t arg0_alg,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length,
+ const uint8_t *arg3_hash,
+ size_t arg4_hash_length);
+#define psa_hash_compare(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length) \
+ mbedtls_test_wrap_psa_hash_compare(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length)
+
+psa_status_t mbedtls_test_wrap_psa_hash_compute(
+ psa_algorithm_t arg0_alg,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length,
+ uint8_t *arg3_hash,
+ size_t arg4_hash_size,
+ size_t *arg5_hash_length);
+#define psa_hash_compute(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length) \
+ mbedtls_test_wrap_psa_hash_compute(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length)
+
+psa_status_t mbedtls_test_wrap_psa_hash_finish(
+ psa_hash_operation_t *arg0_operation,
+ uint8_t *arg1_hash,
+ size_t arg2_hash_size,
+ size_t *arg3_hash_length);
+#define psa_hash_finish(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length) \
+ mbedtls_test_wrap_psa_hash_finish(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length)
+
+psa_status_t mbedtls_test_wrap_psa_hash_setup(
+ psa_hash_operation_t *arg0_operation,
+ psa_algorithm_t arg1_alg);
+#define psa_hash_setup(arg0_operation, arg1_alg) \
+ mbedtls_test_wrap_psa_hash_setup(arg0_operation, arg1_alg)
+
+psa_status_t mbedtls_test_wrap_psa_hash_update(
+ psa_hash_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length);
+#define psa_hash_update(arg0_operation, arg1_input, arg2_input_length) \
+ mbedtls_test_wrap_psa_hash_update(arg0_operation, arg1_input, arg2_input_length)
+
+psa_status_t mbedtls_test_wrap_psa_hash_verify(
+ psa_hash_operation_t *arg0_operation,
+ const uint8_t *arg1_hash,
+ size_t arg2_hash_length);
+#define psa_hash_verify(arg0_operation, arg1_hash, arg2_hash_length) \
+ mbedtls_test_wrap_psa_hash_verify(arg0_operation, arg1_hash, arg2_hash_length)
+
+psa_status_t mbedtls_test_wrap_psa_import_key(
+ const psa_key_attributes_t *arg0_attributes,
+ const uint8_t *arg1_data,
+ size_t arg2_data_length,
+ mbedtls_svc_key_id_t *arg3_key);
+#define psa_import_key(arg0_attributes, arg1_data, arg2_data_length, arg3_key) \
+ mbedtls_test_wrap_psa_import_key(arg0_attributes, arg1_data, arg2_data_length, arg3_key)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_abort(
+ psa_key_derivation_operation_t *arg0_operation);
+#define psa_key_derivation_abort(arg0_operation) \
+ mbedtls_test_wrap_psa_key_derivation_abort(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_get_capacity(
+ const psa_key_derivation_operation_t *arg0_operation,
+ size_t *arg1_capacity);
+#define psa_key_derivation_get_capacity(arg0_operation, arg1_capacity) \
+ mbedtls_test_wrap_psa_key_derivation_get_capacity(arg0_operation, arg1_capacity)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_input_bytes(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_key_derivation_step_t arg1_step,
+ const uint8_t *arg2_data,
+ size_t arg3_data_length);
+#define psa_key_derivation_input_bytes(arg0_operation, arg1_step, arg2_data, arg3_data_length) \
+ mbedtls_test_wrap_psa_key_derivation_input_bytes(arg0_operation, arg1_step, arg2_data, arg3_data_length)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_input_integer(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_key_derivation_step_t arg1_step,
+ uint64_t arg2_value);
+#define psa_key_derivation_input_integer(arg0_operation, arg1_step, arg2_value) \
+ mbedtls_test_wrap_psa_key_derivation_input_integer(arg0_operation, arg1_step, arg2_value)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_input_key(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_key_derivation_step_t arg1_step,
+ mbedtls_svc_key_id_t arg2_key);
+#define psa_key_derivation_input_key(arg0_operation, arg1_step, arg2_key) \
+ mbedtls_test_wrap_psa_key_derivation_input_key(arg0_operation, arg1_step, arg2_key)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_key_agreement(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_key_derivation_step_t arg1_step,
+ mbedtls_svc_key_id_t arg2_private_key,
+ const uint8_t *arg3_peer_key,
+ size_t arg4_peer_key_length);
+#define psa_key_derivation_key_agreement(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length) \
+ mbedtls_test_wrap_psa_key_derivation_key_agreement(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_output_bytes(
+ psa_key_derivation_operation_t *arg0_operation,
+ uint8_t *arg1_output,
+ size_t arg2_output_length);
+#define psa_key_derivation_output_bytes(arg0_operation, arg1_output, arg2_output_length) \
+ mbedtls_test_wrap_psa_key_derivation_output_bytes(arg0_operation, arg1_output, arg2_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key(
+ const psa_key_attributes_t *arg0_attributes,
+ psa_key_derivation_operation_t *arg1_operation,
+ mbedtls_svc_key_id_t *arg2_key);
+#define psa_key_derivation_output_key(arg0_attributes, arg1_operation, arg2_key) \
+ mbedtls_test_wrap_psa_key_derivation_output_key(arg0_attributes, arg1_operation, arg2_key)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_ext(
+ const psa_key_attributes_t *arg0_attributes,
+ psa_key_derivation_operation_t *arg1_operation,
+ const psa_key_production_parameters_t *arg2_params,
+ size_t arg3_params_data_length,
+ mbedtls_svc_key_id_t *arg4_key);
+#define psa_key_derivation_output_key_ext(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key) \
+ mbedtls_test_wrap_psa_key_derivation_output_key_ext(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_set_capacity(
+ psa_key_derivation_operation_t *arg0_operation,
+ size_t arg1_capacity);
+#define psa_key_derivation_set_capacity(arg0_operation, arg1_capacity) \
+ mbedtls_test_wrap_psa_key_derivation_set_capacity(arg0_operation, arg1_capacity)
+
+psa_status_t mbedtls_test_wrap_psa_key_derivation_setup(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_algorithm_t arg1_alg);
+#define psa_key_derivation_setup(arg0_operation, arg1_alg) \
+ mbedtls_test_wrap_psa_key_derivation_setup(arg0_operation, arg1_alg)
+
+psa_status_t mbedtls_test_wrap_psa_mac_abort(
+ psa_mac_operation_t *arg0_operation);
+#define psa_mac_abort(arg0_operation) \
+ mbedtls_test_wrap_psa_mac_abort(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_mac_compute(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ uint8_t *arg4_mac,
+ size_t arg5_mac_size,
+ size_t *arg6_mac_length);
+#define psa_mac_compute(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length) \
+ mbedtls_test_wrap_psa_mac_compute(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length)
+
+psa_status_t mbedtls_test_wrap_psa_mac_sign_finish(
+ psa_mac_operation_t *arg0_operation,
+ uint8_t *arg1_mac,
+ size_t arg2_mac_size,
+ size_t *arg3_mac_length);
+#define psa_mac_sign_finish(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length) \
+ mbedtls_test_wrap_psa_mac_sign_finish(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length)
+
+psa_status_t mbedtls_test_wrap_psa_mac_sign_setup(
+ psa_mac_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg);
+#define psa_mac_sign_setup(arg0_operation, arg1_key, arg2_alg) \
+ mbedtls_test_wrap_psa_mac_sign_setup(arg0_operation, arg1_key, arg2_alg)
+
+psa_status_t mbedtls_test_wrap_psa_mac_update(
+ psa_mac_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length);
+#define psa_mac_update(arg0_operation, arg1_input, arg2_input_length) \
+ mbedtls_test_wrap_psa_mac_update(arg0_operation, arg1_input, arg2_input_length)
+
+psa_status_t mbedtls_test_wrap_psa_mac_verify(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ const uint8_t *arg4_mac,
+ size_t arg5_mac_length);
+#define psa_mac_verify(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length) \
+ mbedtls_test_wrap_psa_mac_verify(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length)
+
+psa_status_t mbedtls_test_wrap_psa_mac_verify_finish(
+ psa_mac_operation_t *arg0_operation,
+ const uint8_t *arg1_mac,
+ size_t arg2_mac_length);
+#define psa_mac_verify_finish(arg0_operation, arg1_mac, arg2_mac_length) \
+ mbedtls_test_wrap_psa_mac_verify_finish(arg0_operation, arg1_mac, arg2_mac_length)
+
+psa_status_t mbedtls_test_wrap_psa_mac_verify_setup(
+ psa_mac_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg);
+#define psa_mac_verify_setup(arg0_operation, arg1_key, arg2_alg) \
+ mbedtls_test_wrap_psa_mac_verify_setup(arg0_operation, arg1_key, arg2_alg)
+
+psa_status_t mbedtls_test_wrap_psa_pake_abort(
+ psa_pake_operation_t *arg0_operation);
+#define psa_pake_abort(arg0_operation) \
+ mbedtls_test_wrap_psa_pake_abort(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_pake_get_implicit_key(
+ psa_pake_operation_t *arg0_operation,
+ psa_key_derivation_operation_t *arg1_output);
+#define psa_pake_get_implicit_key(arg0_operation, arg1_output) \
+ mbedtls_test_wrap_psa_pake_get_implicit_key(arg0_operation, arg1_output)
+
+psa_status_t mbedtls_test_wrap_psa_pake_input(
+ psa_pake_operation_t *arg0_operation,
+ psa_pake_step_t arg1_step,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length);
+#define psa_pake_input(arg0_operation, arg1_step, arg2_input, arg3_input_length) \
+ mbedtls_test_wrap_psa_pake_input(arg0_operation, arg1_step, arg2_input, arg3_input_length)
+
+psa_status_t mbedtls_test_wrap_psa_pake_output(
+ psa_pake_operation_t *arg0_operation,
+ psa_pake_step_t arg1_step,
+ uint8_t *arg2_output,
+ size_t arg3_output_size,
+ size_t *arg4_output_length);
+#define psa_pake_output(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length) \
+ mbedtls_test_wrap_psa_pake_output(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_pake_set_password_key(
+ psa_pake_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_password);
+#define psa_pake_set_password_key(arg0_operation, arg1_password) \
+ mbedtls_test_wrap_psa_pake_set_password_key(arg0_operation, arg1_password)
+
+psa_status_t mbedtls_test_wrap_psa_pake_set_peer(
+ psa_pake_operation_t *arg0_operation,
+ const uint8_t *arg1_peer_id,
+ size_t arg2_peer_id_len);
+#define psa_pake_set_peer(arg0_operation, arg1_peer_id, arg2_peer_id_len) \
+ mbedtls_test_wrap_psa_pake_set_peer(arg0_operation, arg1_peer_id, arg2_peer_id_len)
+
+psa_status_t mbedtls_test_wrap_psa_pake_set_role(
+ psa_pake_operation_t *arg0_operation,
+ psa_pake_role_t arg1_role);
+#define psa_pake_set_role(arg0_operation, arg1_role) \
+ mbedtls_test_wrap_psa_pake_set_role(arg0_operation, arg1_role)
+
+psa_status_t mbedtls_test_wrap_psa_pake_set_user(
+ psa_pake_operation_t *arg0_operation,
+ const uint8_t *arg1_user_id,
+ size_t arg2_user_id_len);
+#define psa_pake_set_user(arg0_operation, arg1_user_id, arg2_user_id_len) \
+ mbedtls_test_wrap_psa_pake_set_user(arg0_operation, arg1_user_id, arg2_user_id_len)
+
+psa_status_t mbedtls_test_wrap_psa_pake_setup(
+ psa_pake_operation_t *arg0_operation,
+ const psa_pake_cipher_suite_t *arg1_cipher_suite);
+#define psa_pake_setup(arg0_operation, arg1_cipher_suite) \
+ mbedtls_test_wrap_psa_pake_setup(arg0_operation, arg1_cipher_suite)
+
+psa_status_t mbedtls_test_wrap_psa_purge_key(
+ mbedtls_svc_key_id_t arg0_key);
+#define psa_purge_key(arg0_key) \
+ mbedtls_test_wrap_psa_purge_key(arg0_key)
+
+psa_status_t mbedtls_test_wrap_psa_raw_key_agreement(
+ psa_algorithm_t arg0_alg,
+ mbedtls_svc_key_id_t arg1_private_key,
+ const uint8_t *arg2_peer_key,
+ size_t arg3_peer_key_length,
+ uint8_t *arg4_output,
+ size_t arg5_output_size,
+ size_t *arg6_output_length);
+#define psa_raw_key_agreement(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length) \
+ mbedtls_test_wrap_psa_raw_key_agreement(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length)
+
+psa_status_t mbedtls_test_wrap_psa_sign_hash(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_hash,
+ size_t arg3_hash_length,
+ uint8_t *arg4_signature,
+ size_t arg5_signature_size,
+ size_t *arg6_signature_length);
+#define psa_sign_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length) \
+ mbedtls_test_wrap_psa_sign_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length)
+
+psa_status_t mbedtls_test_wrap_psa_sign_hash_abort(
+ psa_sign_hash_interruptible_operation_t *arg0_operation);
+#define psa_sign_hash_abort(arg0_operation) \
+ mbedtls_test_wrap_psa_sign_hash_abort(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_sign_hash_complete(
+ psa_sign_hash_interruptible_operation_t *arg0_operation,
+ uint8_t *arg1_signature,
+ size_t arg2_signature_size,
+ size_t *arg3_signature_length);
+#define psa_sign_hash_complete(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length) \
+ mbedtls_test_wrap_psa_sign_hash_complete(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length)
+
+psa_status_t mbedtls_test_wrap_psa_sign_hash_start(
+ psa_sign_hash_interruptible_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg,
+ const uint8_t *arg3_hash,
+ size_t arg4_hash_length);
+#define psa_sign_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length) \
+ mbedtls_test_wrap_psa_sign_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length)
+
+psa_status_t mbedtls_test_wrap_psa_sign_message(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ uint8_t *arg4_signature,
+ size_t arg5_signature_size,
+ size_t *arg6_signature_length);
+#define psa_sign_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length) \
+ mbedtls_test_wrap_psa_sign_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length)
+
+psa_status_t mbedtls_test_wrap_psa_verify_hash(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_hash,
+ size_t arg3_hash_length,
+ const uint8_t *arg4_signature,
+ size_t arg5_signature_length);
+#define psa_verify_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length) \
+ mbedtls_test_wrap_psa_verify_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length)
+
+psa_status_t mbedtls_test_wrap_psa_verify_hash_abort(
+ psa_verify_hash_interruptible_operation_t *arg0_operation);
+#define psa_verify_hash_abort(arg0_operation) \
+ mbedtls_test_wrap_psa_verify_hash_abort(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_verify_hash_complete(
+ psa_verify_hash_interruptible_operation_t *arg0_operation);
+#define psa_verify_hash_complete(arg0_operation) \
+ mbedtls_test_wrap_psa_verify_hash_complete(arg0_operation)
+
+psa_status_t mbedtls_test_wrap_psa_verify_hash_start(
+ psa_verify_hash_interruptible_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg,
+ const uint8_t *arg3_hash,
+ size_t arg4_hash_length,
+ const uint8_t *arg5_signature,
+ size_t arg6_signature_length);
+#define psa_verify_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length) \
+ mbedtls_test_wrap_psa_verify_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length)
+
+psa_status_t mbedtls_test_wrap_psa_verify_message(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ const uint8_t *arg4_signature,
+ size_t arg5_signature_length);
+#define psa_verify_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length) \
+ mbedtls_test_wrap_psa_verify_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length)
+
+#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \
+ !defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* TEST_PSA_TEST_WRAPPERS_H */
+
+/* End of automatically generated file. */
diff --git a/tests/include/test/random.h b/tests/include/test/random.h
new file mode 100644
index 0000000..6304e05
--- /dev/null
+++ b/tests/include/test/random.h
@@ -0,0 +1,91 @@
+/**
+ * \file random.h
+ *
+ * \brief This file contains the prototypes of helper functions to generate
+ * random numbers for the purpose of testing.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_RANDOM_H
+#define TEST_RANDOM_H
+
+#include "mbedtls/build_info.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+typedef struct {
+ unsigned char *buf; /* Pointer to a buffer of length bytes. */
+ size_t length;
+ /* If fallback_f_rng is NULL, fail after delivering length bytes. */
+ int (*fallback_f_rng)(void *, unsigned char *, size_t);
+ void *fallback_p_rng;
+} mbedtls_test_rnd_buf_info;
+
+/**
+ * Info structure for the pseudo random function
+ *
+ * Key should be set at the start to a test-unique value.
+ * Do not forget endianness!
+ * State( v0, v1 ) should be set to zero.
+ */
+typedef struct {
+ uint32_t key[16];
+ uint32_t v0, v1;
+} mbedtls_test_rnd_pseudo_info;
+
+/**
+ * This function just returns data from rand().
+ * Although predictable and often similar on multiple
+ * runs, this does not result in identical random on
+ * each run. So do not use this if the results of a
+ * test depend on the random data that is generated.
+ *
+ * rng_state shall be NULL.
+ */
+int mbedtls_test_rnd_std_rand(void *rng_state,
+ unsigned char *output,
+ size_t len);
+
+/**
+ * This function only returns zeros.
+ *
+ * \p rng_state shall be \c NULL.
+ */
+int mbedtls_test_rnd_zero_rand(void *rng_state,
+ unsigned char *output,
+ size_t len);
+
+/**
+ * This function returns random data based on a buffer it receives.
+ *
+ * \p rng_state shall be a pointer to a #mbedtls_test_rnd_buf_info structure.
+ *
+ * The number of bytes released from the buffer on each call to
+ * the random function is specified by \p len.
+ *
+ * After the buffer is empty, this function will call the fallback RNG in the
+ * #mbedtls_test_rnd_buf_info structure if there is one, and
+ * will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise.
+ */
+int mbedtls_test_rnd_buffer_rand(void *rng_state,
+ unsigned char *output,
+ size_t len);
+
+/**
+ * This function returns random based on a pseudo random function.
+ * This means the results should be identical on all systems.
+ * Pseudo random is based on the XTEA encryption algorithm to
+ * generate pseudorandom.
+ *
+ * \p rng_state shall be a pointer to a #mbedtls_test_rnd_pseudo_info structure.
+ */
+int mbedtls_test_rnd_pseudo_rand(void *rng_state,
+ unsigned char *output,
+ size_t len);
+
+#endif /* TEST_RANDOM_H */
diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
new file mode 100644
index 0000000..77f85c4
--- /dev/null
+++ b/tests/include/test/ssl_helpers.h
@@ -0,0 +1,664 @@
+/** \file ssl_helpers.h
+ *
+ * \brief This file contains helper functions to set up a TLS connection.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef SSL_HELPERS_H
+#define SSL_HELPERS_H
+
+#include "mbedtls/build_info.h"
+
+#include <string.h>
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <test/random.h>
+#include <test/psa_crypto_helpers.h>
+
+#if defined(MBEDTLS_SSL_TLS_C)
+#include <ssl_misc.h>
+#include <mbedtls/timing.h>
+#include <mbedtls/debug.h>
+
+#include "test/certs.h"
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+#include "mbedtls/ssl_cache.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
+ psa_to_ssl_errors, \
+ psa_generic_status_to_mbedtls)
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+#if defined(MBEDTLS_SSL_HAVE_AES)
+#if defined(MBEDTLS_SSL_HAVE_GCM)
+#if defined(MBEDTLS_MD_CAN_SHA384)
+#define MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA256)
+#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256
+#endif
+#endif /* MBEDTLS_SSL_HAVE_GCM */
+#if defined(MBEDTLS_SSL_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256)
+#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256
+#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256
+#endif
+#endif /* MBEDTLS_SSL_HAVE_AES */
+#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256)
+#define MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256
+#endif
+
+#if defined(MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384) || \
+ defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256) || \
+ defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256) || \
+ defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256) || \
+ defined(MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256)
+#define MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE
+#endif
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
+#endif
+enum {
+#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
+ tls13_label_ ## name,
+ MBEDTLS_SSL_TLS1_3_LABEL_LIST
+#undef MBEDTLS_SSL_TLS1_3_LABEL
+};
+
+#if defined(MBEDTLS_SSL_ALPN)
+#define MBEDTLS_TEST_MAX_ALPN_LIST_SIZE 10
+#endif
+
+typedef struct mbedtls_test_ssl_log_pattern {
+ const char *pattern;
+ size_t counter;
+} mbedtls_test_ssl_log_pattern;
+
+typedef struct mbedtls_test_handshake_test_options {
+ const char *cipher;
+ uint16_t *group_list;
+ mbedtls_ssl_protocol_version client_min_version;
+ mbedtls_ssl_protocol_version client_max_version;
+ mbedtls_ssl_protocol_version server_min_version;
+ mbedtls_ssl_protocol_version server_max_version;
+ mbedtls_ssl_protocol_version expected_negotiated_version;
+ int expected_handshake_result;
+ int expected_ciphersuite;
+ int pk_alg;
+ int opaque_alg;
+ int opaque_alg2;
+ int opaque_usage;
+ data_t *psk_str;
+ int dtls;
+ int srv_auth_mode;
+ int serialize;
+ int mfl;
+ int cli_msg_len;
+ int srv_msg_len;
+ int expected_cli_fragments;
+ int expected_srv_fragments;
+ int renegotiate;
+ int legacy_renegotiation;
+ void *srv_log_obj;
+ void *cli_log_obj;
+ void (*srv_log_fun)(void *, int, const char *, int, const char *);
+ void (*cli_log_fun)(void *, int, const char *, int, const char *);
+ int resize_buffers;
+ int early_data;
+ int max_early_data_size;
+#if defined(MBEDTLS_SSL_CACHE_C)
+ mbedtls_ssl_cache_context *cache;
+#endif
+#if defined(MBEDTLS_SSL_ALPN)
+ const char *alpn_list[MBEDTLS_TEST_MAX_ALPN_LIST_SIZE];
+#endif
+} mbedtls_test_handshake_test_options;
+
+/*
+ * Buffer structure for custom I/O callbacks.
+ */
+typedef struct mbedtls_test_ssl_buffer {
+ size_t start;
+ size_t content_length;
+ size_t capacity;
+ unsigned char *buffer;
+} mbedtls_test_ssl_buffer;
+
+/*
+ * Context for a message metadata queue (fifo) that is on top of the ring buffer.
+ */
+typedef struct mbedtls_test_ssl_message_queue {
+ size_t *messages;
+ int pos;
+ int num;
+ int capacity;
+} mbedtls_test_ssl_message_queue;
+
+/*
+ * Context for the I/O callbacks simulating network connection.
+ */
+
+#define MBEDTLS_MOCK_SOCKET_CONNECTED 1
+
+typedef struct mbedtls_test_mock_socket {
+ int status;
+ mbedtls_test_ssl_buffer *input;
+ mbedtls_test_ssl_buffer *output;
+ struct mbedtls_test_mock_socket *peer;
+} mbedtls_test_mock_socket;
+
+/* Errors used in the message socket mocks */
+
+#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55
+#define MBEDTLS_TEST_ERROR_SEND_FAILED -66
+#define MBEDTLS_TEST_ERROR_RECV_FAILED -77
+
+/*
+ * Structure used as an addon, or a wrapper, around the mocked sockets.
+ * Contains an input queue, to which the other socket pushes metadata,
+ * and an output queue, to which this one pushes metadata. This context is
+ * considered as an owner of the input queue only, which is initialized and
+ * freed in the respective setup and free calls.
+ */
+typedef struct mbedtls_test_message_socket_context {
+ mbedtls_test_ssl_message_queue *queue_input;
+ mbedtls_test_ssl_message_queue *queue_output;
+ mbedtls_test_mock_socket *socket;
+} mbedtls_test_message_socket_context;
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+
+/*
+ * Structure with endpoint's certificates for SSL communication tests.
+ */
+typedef struct mbedtls_test_ssl_endpoint_certificate {
+ mbedtls_x509_crt *ca_cert;
+ mbedtls_x509_crt *cert;
+ mbedtls_pk_context *pkey;
+} mbedtls_test_ssl_endpoint_certificate;
+
+/*
+ * Endpoint structure for SSL communication tests.
+ */
+typedef struct mbedtls_test_ssl_endpoint {
+ const char *name;
+ mbedtls_ssl_context ssl;
+ mbedtls_ssl_config conf;
+ mbedtls_test_mock_socket socket;
+ mbedtls_test_ssl_endpoint_certificate cert;
+} mbedtls_test_ssl_endpoint;
+
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+
+/*
+ * Random number generator aimed for TLS unitary tests. Its main purpose is to
+ * simplify the set-up of a random number generator for TLS
+ * unitary tests: no need to set up a good entropy source for example.
+ */
+int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len);
+
+/*
+ * This function can be passed to mbedtls to receive output logs from it. In
+ * this case, it will count the instances of a mbedtls_test_ssl_log_pattern
+ * in the received logged messages.
+ */
+void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
+ const char *file, int line,
+ const char *str);
+
+void mbedtls_test_init_handshake_options(
+ mbedtls_test_handshake_test_options *opts);
+
+void mbedtls_test_free_handshake_options(
+ mbedtls_test_handshake_test_options *opts);
+
+/*
+ * Initialises \p buf. After calling this function it is safe to call
+ * `mbedtls_test_ssl_buffer_free()` on \p buf.
+ */
+void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf);
+
+/*
+ * Sets up \p buf. After calling this function it is safe to call
+ * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()`
+ * on \p buf.
+ */
+int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf,
+ size_t capacity);
+
+void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf);
+
+/*
+ * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf.
+ *
+ * \p buf must have been initialized and set up by calling
+ * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
+ *
+ * \retval \p input_len, if the data fits.
+ * \retval 0 <= value < \p input_len, if the data does not fit.
+ * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not
+ * zero and \p input is NULL.
+ */
+int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf,
+ const unsigned char *input, size_t input_len);
+
+/*
+ * Gets \p output_len bytes from the ring buffer \p buf into the
+ * \p output buffer. The output buffer can be NULL, in this case a part of the
+ * ring buffer will be dropped, if the requested length is available.
+ *
+ * \p buf must have been initialized and set up by calling
+ * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
+ *
+ * \retval \p output_len, if the data is available.
+ * \retval 0 <= value < \p output_len, if the data is not available.
+ * \retval -1, if \buf is NULL or it hasn't been set up.
+ */
+int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf,
+ unsigned char *output, size_t output_len);
+
+/*
+ * Errors used in the message transport mock tests
+ */
+ #define MBEDTLS_TEST_ERROR_ARG_NULL -11
+ #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44
+
+/*
+ * Setup and free functions for the message metadata queue.
+ *
+ * \p capacity describes the number of message metadata chunks that can be held
+ * within the queue.
+ *
+ * \retval 0, if a metadata queue of a given length can be allocated.
+ * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed.
+ */
+int mbedtls_test_ssl_message_queue_setup(
+ mbedtls_test_ssl_message_queue *queue, size_t capacity);
+
+void mbedtls_test_ssl_message_queue_free(
+ mbedtls_test_ssl_message_queue *queue);
+
+/*
+ * Push message length information onto the message metadata queue.
+ * This will become the last element to leave it (fifo).
+ *
+ * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
+ * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full.
+ * \retval \p len, if the push was successful.
+ */
+int mbedtls_test_ssl_message_queue_push_info(
+ mbedtls_test_ssl_message_queue *queue, size_t len);
+
+/*
+ * Pop information about the next message length from the queue. This will be
+ * the oldest inserted message length(fifo). \p msg_len can be null, in which
+ * case the data will be popped from the queue but not copied anywhere.
+ *
+ * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
+ * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
+ * \retval message length, if the pop was successful, up to the given
+ \p buf_len.
+ */
+int mbedtls_test_ssl_message_queue_pop_info(
+ mbedtls_test_ssl_message_queue *queue, size_t buf_len);
+
+/*
+ * Setup and teardown functions for mock sockets.
+ */
+void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket);
+
+/*
+ * Closes the socket \p socket.
+ *
+ * \p socket must have been previously initialized by calling
+ * mbedtls_test_mock_socket_init().
+ *
+ * This function frees all allocated resources and both sockets are aware of the
+ * new connection state.
+ *
+ * That is, this function does not simulate half-open TCP connections and the
+ * phenomenon that when closing a UDP connection the peer is not aware of the
+ * connection having been closed.
+ */
+void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket);
+
+/*
+ * Establishes a connection between \p peer1 and \p peer2.
+ *
+ * \p peer1 and \p peer2 must have been previously initialized by calling
+ * mbedtls_test_mock_socket_init().
+ *
+ * The capacities of the internal buffers are set to \p bufsize. Setting this to
+ * the correct value allows for simulation of MTU, sanity testing the mock
+ * implementation and mocking TCP connections with lower memory cost.
+ */
+int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
+ mbedtls_test_mock_socket *peer2,
+ size_t bufsize);
+
+
+/*
+ * Callbacks for simulating blocking I/O over connection-oriented transport.
+ */
+int mbedtls_test_mock_tcp_send_b(void *ctx,
+ const unsigned char *buf, size_t len);
+
+int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len);
+
+/*
+ * Callbacks for simulating non-blocking I/O over connection-oriented transport.
+ */
+int mbedtls_test_mock_tcp_send_nb(void *ctx,
+ const unsigned char *buf, size_t len);
+
+int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len);
+
+void mbedtls_test_message_socket_init(
+ mbedtls_test_message_socket_context *ctx);
+
+/*
+ * Setup a given message socket context including initialization of
+ * input/output queues to a chosen capacity of messages. Also set the
+ * corresponding mock socket.
+ *
+ * \retval 0, if everything succeeds.
+ * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message
+ * queue failed.
+ */
+int mbedtls_test_message_socket_setup(
+ mbedtls_test_ssl_message_queue *queue_input,
+ mbedtls_test_ssl_message_queue *queue_output,
+ size_t queue_capacity,
+ mbedtls_test_mock_socket *socket,
+ mbedtls_test_message_socket_context *ctx);
+
+/*
+ * Close a given message socket context, along with the socket itself. Free the
+ * memory allocated by the input queue.
+ */
+void mbedtls_test_message_socket_close(
+ mbedtls_test_message_socket_context *ctx);
+
+/*
+ * Send one message through a given message socket context.
+ *
+ * \retval \p len, if everything succeeds.
+ * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
+ * elements or the context itself is null.
+ * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if
+ * mbedtls_test_mock_tcp_send_b failed.
+ * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full.
+ *
+ * This function will also return any error from
+ * mbedtls_test_ssl_message_queue_push_info.
+ */
+int mbedtls_test_mock_tcp_send_msg(void *ctx,
+ const unsigned char *buf, size_t len);
+
+/*
+ * Receive one message from a given message socket context and return message
+ * length or an error.
+ *
+ * \retval message length, if everything succeeds.
+ * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
+ * elements or the context itself is null.
+ * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if
+ * mbedtls_test_mock_tcp_recv_b failed.
+ *
+ * This function will also return any error other than
+ * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from test_ssl_message_queue_peek_info.
+ */
+int mbedtls_test_mock_tcp_recv_msg(void *ctx,
+ unsigned char *buf, size_t buf_len);
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+
+/*
+ * Initializes \p ep_cert structure and assigns it to endpoint
+ * represented by \p ep.
+ *
+ * \retval 0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
+ int pk_alg,
+ int opaque_alg, int opaque_alg2,
+ int opaque_usage);
+
+/*
+ * Initializes \p ep structure. It is important to call
+ * `mbedtls_test_ssl_endpoint_free()` after calling this function
+ * even if it fails.
+ *
+ * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or
+ * MBEDTLS_SSL_IS_CLIENT.
+ * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and
+ * MBEDTLS_PK_ECDSA are supported.
+ * \p dtls_context - in case of DTLS - this is the context handling metadata.
+ * \p input_queue - used only in case of DTLS.
+ * \p output_queue - used only in case of DTLS.
+ *
+ * \retval 0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_endpoint_init(
+ mbedtls_test_ssl_endpoint *ep, int endpoint_type,
+ mbedtls_test_handshake_test_options *options,
+ mbedtls_test_message_socket_context *dtls_context,
+ mbedtls_test_ssl_message_queue *input_queue,
+ mbedtls_test_ssl_message_queue *output_queue);
+
+/*
+ * Deinitializes endpoint represented by \p ep.
+ */
+void mbedtls_test_ssl_endpoint_free(
+ mbedtls_test_ssl_endpoint *ep,
+ mbedtls_test_message_socket_context *context);
+
+/*
+ * This function moves ssl handshake from \p ssl to prescribed \p state.
+ * /p second_ssl is used as second endpoint and their sockets have to be
+ * connected before calling this function.
+ *
+ * \retval 0 on success, otherwise error code.
+ */
+int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
+ mbedtls_ssl_context *second_ssl,
+ int state);
+
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+
+/*
+ * Helper function setting up inverse record transformations
+ * using given cipher, hash, EtM mode, authentication tag length,
+ * and version.
+ */
+#define CHK(x) \
+ do \
+ { \
+ if (!(x)) \
+ { \
+ ret = -1; \
+ goto cleanup; \
+ } \
+ } while (0)
+
+#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
+#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX
+#else
+#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+ defined(MBEDTLS_SSL_HAVE_CBC) && defined(MBEDTLS_SSL_HAVE_AES)
+int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
+ const unsigned char *iv,
+ size_t iv_len,
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char *output,
+ size_t *olen);
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC &&
+ MBEDTLS_SSL_HAVE_AES */
+
+int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
+ mbedtls_ssl_transform *t_out,
+ int cipher_type, int hash_id,
+ int etm, int tag_mode,
+ mbedtls_ssl_protocol_version tls_version,
+ size_t cid0_len,
+ size_t cid1_len);
+
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
+/**
+ * \param[in,out] record The record to prepare.
+ * It must contain the data to MAC at offset
+ * `record->data_offset`, of length
+ * `record->data_length`.
+ * On success, write the MAC immediately
+ * after the data and increment
+ * `record->data_length` accordingly.
+ * \param[in,out] transform_out The out transform, typically prepared by
+ * mbedtls_test_ssl_build_transforms().
+ * Its HMAC context may be used. Other than that
+ * it is treated as an input parameter.
+ *
+ * \return 0 on success, an `MBEDTLS_ERR_xxx` error code
+ * or -1 on error.
+ */
+int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record,
+ mbedtls_ssl_transform *transform_out);
+#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
+
+/*
+ * Populate a session structure for serialization tests.
+ * Choose dummy values, mostly non-0 to distinguish from the init default.
+ */
+int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session,
+ int ticket_len,
+ int endpoint_type,
+ const char *crt_file);
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session,
+ int ticket_len,
+ int endpoint_type);
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
+
+/*
+ * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the
+ * message was sent in the correct number of fragments.
+ *
+ * /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both
+ * of them must be initialized and connected
+ * beforehand.
+ * /p msg_len_1 and /p msg_len_2 specify the size of the message to send.
+ * /p expected_fragments_1 and /p expected_fragments_2 determine in how many
+ * fragments the message should be sent.
+ * expected_fragments is 0: can be used for DTLS testing while the message
+ * size is larger than MFL. In that case the message
+ * cannot be fragmented and sent to the second
+ * endpoint.
+ * This value can be used for negative tests.
+ * expected_fragments is 1: can be used for TLS/DTLS testing while the
+ * message size is below MFL
+ * expected_fragments > 1: can be used for TLS testing while the message
+ * size is larger than MFL
+ *
+ * \retval 0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_exchange_data(
+ mbedtls_ssl_context *ssl_1,
+ int msg_len_1, const int expected_fragments_1,
+ mbedtls_ssl_context *ssl_2,
+ int msg_len_2, const int expected_fragments_2);
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+void mbedtls_test_ssl_perform_handshake(
+ mbedtls_test_handshake_test_options *options);
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+/*
+ * Tweak vector lengths in a TLS 1.3 Certificate message
+ *
+ * \param[in] buf Buffer containing the Certificate message to tweak
+ * \param[in]]out] end End of the buffer to parse
+ * \param tweak Tweak identifier (from 1 to the number of tweaks).
+ * \param[out] expected_result Error code expected from the parsing function
+ * \param[out] args Arguments of the MBEDTLS_SSL_CHK_BUF_READ_PTR call that
+ * is expected to fail. All zeroes if no
+ * MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected.
+ */
+int mbedtls_test_tweak_tls13_certificate_msg_vector_len(
+ unsigned char *buf, unsigned char **end, int tweak,
+ int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args);
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+int mbedtls_test_ticket_write(
+ void *p_ticket, const mbedtls_ssl_session *session,
+ unsigned char *start, const unsigned char *end,
+ size_t *tlen, uint32_t *ticket_lifetime);
+
+int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
+ unsigned char *buf, size_t len);
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SRV_C) && \
+ defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+int mbedtls_test_get_tls13_ticket(
+ mbedtls_test_handshake_test_options *client_options,
+ mbedtls_test_handshake_test_options *server_options,
+ mbedtls_ssl_session *session);
+#endif
+
+#define ECJPAKE_TEST_PWD "bla"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \
+ ret = (use_opaque_arg) ? \
+ mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, pwd_slot) : \
+ mbedtls_ssl_set_hs_ecjpake_password(&ssl, pwd_string, pwd_len); \
+ TEST_EQUAL(ret, exp_ret_val)
+#else
+#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \
+ ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, \
+ pwd_string, pwd_len); \
+ TEST_EQUAL(ret, exp_ret_val)
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#define TEST_AVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \
+ TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \
+ group_id_); \
+ TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \
+ tls_id_); \
+ TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \
+ &psa_type, &psa_bits), PSA_SUCCESS); \
+ TEST_EQUAL(psa_family_, PSA_KEY_TYPE_ECC_GET_FAMILY(psa_type)); \
+ TEST_EQUAL(psa_bits_, psa_bits);
+
+#define TEST_UNAVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \
+ TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \
+ MBEDTLS_ECP_DP_NONE); \
+ TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \
+ 0); \
+ TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \
+ &psa_type, &psa_bits), \
+ PSA_ERROR_NOT_SUPPORTED);
+
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#endif /* SSL_HELPERS_H */
diff --git a/tests/include/test/threading_helpers.h b/tests/include/test/threading_helpers.h
new file mode 100644
index 0000000..79bc6c0
--- /dev/null
+++ b/tests/include/test/threading_helpers.h
@@ -0,0 +1,112 @@
+/**
+ * \file threading_helpers.h
+ *
+ * \brief This file contains the prototypes of helper functions for the purpose
+ * of testing threading.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef THREADING_HELPERS_H
+#define THREADING_HELPERS_H
+
+#if defined MBEDTLS_THREADING_C
+
+#include "mbedtls/private_access.h"
+#include "mbedtls/build_info.h"
+
+/* Most fields of publicly available structs are private and are wrapped with
+ * MBEDTLS_PRIVATE macro. This define allows tests to access the private fields
+ * directly (without using the MBEDTLS_PRIVATE wrapper). */
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
+#define MBEDTLS_ERR_THREADING_THREAD_ERROR -0x001F
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+#include <pthread.h>
+#endif /* MBEDTLS_THREADING_PTHREAD */
+
+#if defined(MBEDTLS_THREADING_ALT)
+/* You should define the mbedtls_test_thread_t type in your header */
+#include "threading_alt.h"
+
+/**
+ * \brief Set your alternate threading implementation
+ * function pointers for test threads. If used, this
+ * function must be called once in the main thread
+ * before any other MbedTLS function is called.
+ *
+ * \note These functions are part of the testing API only and
+ * thus not considered part of the public API of
+ * MbedTLS and thus may change without notice.
+ *
+ * \param thread_create The thread create function implementation.
+ * \param thread_join The thread join function implementation.
+
+ */
+void mbedtls_test_thread_set_alt(int (*thread_create)(mbedtls_test_thread_t *thread,
+ void *(*thread_func)(
+ void *),
+ void *thread_data),
+ int (*thread_join)(mbedtls_test_thread_t *thread));
+
+#else /* MBEDTLS_THREADING_ALT*/
+
+typedef struct mbedtls_test_thread_t {
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+ pthread_t MBEDTLS_PRIVATE(thread);
+#else /* MBEDTLS_THREADING_PTHREAD */
+ /* Make sure this struct is always non-empty */
+ unsigned dummy;
+#endif
+
+} mbedtls_test_thread_t;
+
+#endif /* MBEDTLS_THREADING_ALT*/
+
+/**
+ * \brief The function pointers for thread create and thread
+ * join.
+ *
+ * \note These functions are part of the testing API only
+ * and thus not considered part of the public API of
+ * MbedTLS and thus may change without notice.
+ *
+ * \note All these functions are expected to work or
+ * the result will be undefined.
+ */
+extern int (*mbedtls_test_thread_create)(mbedtls_test_thread_t *thread,
+ void *(*thread_func)(void *), void *thread_data);
+extern int (*mbedtls_test_thread_join)(mbedtls_test_thread_t *thread);
+
+#if defined(MBEDTLS_THREADING_PTHREAD) && defined(MBEDTLS_TEST_HOOKS)
+#define MBEDTLS_TEST_MUTEX_USAGE
+#endif
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+/**
+ * Activate the mutex usage verification framework. See threading_helpers.c for
+ * information.
+ */
+void mbedtls_test_mutex_usage_init(void);
+
+/**
+ * Deactivate the mutex usage verification framework. See threading_helpers.c
+ * for information.
+ */
+void mbedtls_test_mutex_usage_end(void);
+
+/**
+ * Call this function after executing a test case to check for mutex usage
+ * errors.
+ */
+void mbedtls_test_mutex_usage_check(void);
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
+
+#endif /* MBEDTLS_THREADING_C */
+
+#endif /* THREADING_HELPERS_H */