Squashed 'lib/mbedtls/external/mbedtls/' content from commit 2ca6c285a0dd
git-subtree-dir: lib/mbedtls/external/mbedtls
git-subtree-split: 2ca6c285a0dd3f33982dd57299012dacab1ff206
diff --git a/tests/src/asn1_helpers.c b/tests/src/asn1_helpers.c
new file mode 100644
index 0000000..c8df199
--- /dev/null
+++ b/tests/src/asn1_helpers.c
@@ -0,0 +1,62 @@
+/** \file asn1_helpers.c
+ *
+ * \brief Helper functions for tests that manipulate ASN.1 data.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+
+#include <mbedtls/asn1.h>
+
+int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end,
+ size_t min_bits, size_t max_bits,
+ int must_be_odd)
+{
+ size_t len;
+ size_t actual_bits;
+ unsigned char msb;
+ TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len,
+ MBEDTLS_ASN1_INTEGER),
+ 0);
+
+ /* Check if the retrieved length doesn't extend the actual buffer's size.
+ * It is assumed here, that end >= p, which validates casting to size_t. */
+ TEST_ASSERT(len <= (size_t) (end - *p));
+
+ /* Tolerate a slight departure from DER encoding:
+ * - 0 may be represented by an empty string or a 1-byte string.
+ * - The sign bit may be used as a value bit. */
+ if ((len == 1 && (*p)[0] == 0) ||
+ (len > 1 && (*p)[0] == 0 && ((*p)[1] & 0x80) != 0)) {
+ ++(*p);
+ --len;
+ }
+ if (min_bits == 0 && len == 0) {
+ return 1;
+ }
+ msb = (*p)[0];
+ TEST_ASSERT(msb != 0);
+ actual_bits = 8 * (len - 1);
+ while (msb != 0) {
+ msb >>= 1;
+ ++actual_bits;
+ }
+ TEST_ASSERT(actual_bits >= min_bits);
+ TEST_ASSERT(actual_bits <= max_bits);
+ if (must_be_odd) {
+ TEST_ASSERT(((*p)[len-1] & 1) != 0);
+ }
+ *p += len;
+ return 1;
+exit:
+ return 0;
+}
+
+#endif /* MBEDTLS_ASN1_PARSE_C */
diff --git a/tests/src/bignum_helpers.c b/tests/src/bignum_helpers.c
new file mode 100644
index 0000000..913f5e3
--- /dev/null
+++ b/tests/src/bignum_helpers.c
@@ -0,0 +1,145 @@
+/**
+ * \file bignum_helpers.c
+ *
+ * \brief This file contains the prototypes of helper functions for
+ * bignum-related testing.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+#include <test/bignum_helpers.h>
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <mbedtls/bignum.h>
+#include <bignum_core.h>
+#include <bignum_mod.h>
+#include <bignum_mod_raw.h>
+
+#include <test/helpers.h>
+#include <test/macros.h>
+
+int mbedtls_test_read_mpi_core(mbedtls_mpi_uint **pX, size_t *plimbs,
+ const char *input)
+{
+ /* Sanity check */
+ if (*pX != NULL) {
+ return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+ }
+
+ size_t hex_len = strlen(input);
+ size_t byte_len = (hex_len + 1) / 2;
+ *plimbs = CHARS_TO_LIMBS(byte_len);
+
+ /* A core bignum is not allowed to be empty. Forbid it as test data,
+ * this way static analyzers have a chance of knowing we don't expect
+ * the bignum functions to support empty inputs. */
+ if (*plimbs == 0) {
+ return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+ }
+
+ *pX = mbedtls_calloc(*plimbs, sizeof(**pX));
+ if (*pX == NULL) {
+ return MBEDTLS_ERR_MPI_ALLOC_FAILED;
+ }
+
+ unsigned char *byte_start = (unsigned char *) *pX;
+ if (byte_len % sizeof(mbedtls_mpi_uint) != 0) {
+ byte_start += sizeof(mbedtls_mpi_uint) - byte_len % sizeof(mbedtls_mpi_uint);
+ }
+ if ((hex_len & 1) != 0) {
+ /* mbedtls_test_unhexify wants an even number of hex digits */
+ TEST_ASSERT(mbedtls_test_ascii2uc(*input, byte_start) == 0);
+ ++byte_start;
+ ++input;
+ --byte_len;
+ }
+ TEST_ASSERT(mbedtls_test_unhexify(byte_start,
+ byte_len,
+ input,
+ &byte_len) == 0);
+
+ mbedtls_mpi_core_bigendian_to_host(*pX, *plimbs);
+ return 0;
+
+exit:
+ mbedtls_free(*pX);
+ return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+}
+
+#if defined(MBEDTLS_ECP_WITH_MPI_UINT)
+int mbedtls_test_read_mpi_modulus(mbedtls_mpi_mod_modulus *N,
+ const char *s,
+ mbedtls_mpi_mod_rep_selector int_rep)
+{
+ mbedtls_mpi_uint *p = NULL;
+ size_t limbs = 0;
+ if (N->limbs != 0) {
+ return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+ }
+ int ret = mbedtls_test_read_mpi_core(&p, &limbs, s);
+ if (ret != 0) {
+ return ret;
+ }
+
+ switch (int_rep) {
+ case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
+ ret = mbedtls_mpi_mod_modulus_setup(N, p, limbs);
+ break;
+ case MBEDTLS_MPI_MOD_REP_OPT_RED:
+ ret = mbedtls_mpi_mod_optred_modulus_setup(N, p, limbs, NULL);
+ break;
+ default:
+ ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+ break;
+ }
+ if (ret != 0) {
+ mbedtls_free(p);
+ }
+ return ret;
+}
+
+void mbedtls_test_mpi_mod_modulus_free_with_limbs(mbedtls_mpi_mod_modulus *N)
+{
+ mbedtls_free((mbedtls_mpi_uint *) N->p);
+ mbedtls_mpi_mod_modulus_free(N);
+}
+#endif /* MBEDTLS_ECP_WITH_MPI_UINT */
+
+int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s)
+{
+ int negative = 0;
+ /* Always set the sign bit to -1 if the input has a minus sign, even for 0.
+ * This creates an invalid representation, which mbedtls_mpi_read_string()
+ * avoids but we want to be able to create that in test data. */
+ if (s[0] == '-') {
+ ++s;
+ negative = 1;
+ }
+ /* mbedtls_mpi_read_string() currently retains leading zeros.
+ * It always allocates at least one limb for the value 0. */
+ if (s[0] == 0) {
+ mbedtls_mpi_free(X);
+ return 0;
+ }
+ int ret = mbedtls_mpi_read_string(X, 16, s);
+ if (ret != 0) {
+ return ret;
+ }
+ if (negative) {
+ if (mbedtls_mpi_cmp_int(X, 0) == 0) {
+ mbedtls_test_increment_case_uses_negative_0();
+ }
+ X->s = -1;
+ }
+ return 0;
+}
+
+#endif /* MBEDTLS_BIGNUM_C */
diff --git a/tests/src/certs.c b/tests/src/certs.c
new file mode 100644
index 0000000..879f088
--- /dev/null
+++ b/tests/src/certs.c
@@ -0,0 +1,480 @@
+/*
+ * X.509 test certificates
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#include <test/certs.h>
+
+#include "mbedtls/build_info.h"
+
+#include "mbedtls/pk.h"
+
+#include "test_certs.h"
+
+/*
+ *
+ * Test certificates and keys as C variables
+ *
+ */
+
+/*
+ * CA
+ */
+
+const char mbedtls_test_ca_crt_ec_pem[] = TEST_CA_CRT_EC_PEM;
+const char mbedtls_test_ca_key_ec_pem[] = TEST_CA_KEY_EC_PEM;
+const char mbedtls_test_ca_pwd_ec_pem[] = TEST_CA_PWD_EC_PEM;
+const char mbedtls_test_ca_key_rsa_pem[] = TEST_CA_KEY_RSA_PEM;
+const char mbedtls_test_ca_pwd_rsa_pem[] = TEST_CA_PWD_RSA_PEM;
+const char mbedtls_test_ca_crt_rsa_sha1_pem[] = TEST_CA_CRT_RSA_SHA1_PEM;
+const char mbedtls_test_ca_crt_rsa_sha256_pem[] = TEST_CA_CRT_RSA_SHA256_PEM;
+
+const unsigned char mbedtls_test_ca_crt_ec_der[] = TEST_CA_CRT_EC_DER;
+const unsigned char mbedtls_test_ca_key_ec_der[] = TEST_CA_KEY_EC_DER;
+const unsigned char mbedtls_test_ca_key_rsa_der[] = TEST_CA_KEY_RSA_DER;
+const unsigned char mbedtls_test_ca_crt_rsa_sha1_der[] =
+ TEST_CA_CRT_RSA_SHA1_DER;
+const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[] =
+ TEST_CA_CRT_RSA_SHA256_DER;
+
+const size_t mbedtls_test_ca_crt_ec_pem_len =
+ sizeof(mbedtls_test_ca_crt_ec_pem);
+const size_t mbedtls_test_ca_key_ec_pem_len =
+ sizeof(mbedtls_test_ca_key_ec_pem);
+const size_t mbedtls_test_ca_pwd_ec_pem_len =
+ sizeof(mbedtls_test_ca_pwd_ec_pem) - 1;
+const size_t mbedtls_test_ca_key_rsa_pem_len =
+ sizeof(mbedtls_test_ca_key_rsa_pem);
+const size_t mbedtls_test_ca_pwd_rsa_pem_len =
+ sizeof(mbedtls_test_ca_pwd_rsa_pem) - 1;
+const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len =
+ sizeof(mbedtls_test_ca_crt_rsa_sha1_pem);
+const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len =
+ sizeof(mbedtls_test_ca_crt_rsa_sha256_pem);
+
+const size_t mbedtls_test_ca_crt_ec_der_len =
+ sizeof(mbedtls_test_ca_crt_ec_der);
+const size_t mbedtls_test_ca_key_ec_der_len =
+ sizeof(mbedtls_test_ca_key_ec_der);
+const size_t mbedtls_test_ca_pwd_ec_der_len = 0;
+const size_t mbedtls_test_ca_key_rsa_der_len =
+ sizeof(mbedtls_test_ca_key_rsa_der);
+const size_t mbedtls_test_ca_pwd_rsa_der_len = 0;
+const size_t mbedtls_test_ca_crt_rsa_sha1_der_len =
+ sizeof(mbedtls_test_ca_crt_rsa_sha1_der);
+const size_t mbedtls_test_ca_crt_rsa_sha256_der_len =
+ sizeof(mbedtls_test_ca_crt_rsa_sha256_der);
+
+/*
+ * Server
+ */
+
+const char mbedtls_test_srv_crt_ec_pem[] = TEST_SRV_CRT_EC_PEM;
+const char mbedtls_test_srv_key_ec_pem[] = TEST_SRV_KEY_EC_PEM;
+const char mbedtls_test_srv_pwd_ec_pem[] = "";
+const char mbedtls_test_srv_key_rsa_pem[] = TEST_SRV_KEY_RSA_PEM;
+const char mbedtls_test_srv_pwd_rsa_pem[] = "";
+const char mbedtls_test_srv_crt_rsa_sha1_pem[] = TEST_SRV_CRT_RSA_SHA1_PEM;
+const char mbedtls_test_srv_crt_rsa_sha256_pem[] = TEST_SRV_CRT_RSA_SHA256_PEM;
+
+const unsigned char mbedtls_test_srv_crt_ec_der[] = TEST_SRV_CRT_EC_DER;
+const unsigned char mbedtls_test_srv_key_ec_der[] = TEST_SRV_KEY_EC_DER;
+const unsigned char mbedtls_test_srv_key_rsa_der[] = TEST_SRV_KEY_RSA_DER;
+const unsigned char mbedtls_test_srv_crt_rsa_sha1_der[] =
+ TEST_SRV_CRT_RSA_SHA1_DER;
+const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[] =
+ TEST_SRV_CRT_RSA_SHA256_DER;
+
+const size_t mbedtls_test_srv_crt_ec_pem_len =
+ sizeof(mbedtls_test_srv_crt_ec_pem);
+const size_t mbedtls_test_srv_key_ec_pem_len =
+ sizeof(mbedtls_test_srv_key_ec_pem);
+const size_t mbedtls_test_srv_pwd_ec_pem_len =
+ sizeof(mbedtls_test_srv_pwd_ec_pem) - 1;
+const size_t mbedtls_test_srv_key_rsa_pem_len =
+ sizeof(mbedtls_test_srv_key_rsa_pem);
+const size_t mbedtls_test_srv_pwd_rsa_pem_len =
+ sizeof(mbedtls_test_srv_pwd_rsa_pem) - 1;
+const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len =
+ sizeof(mbedtls_test_srv_crt_rsa_sha1_pem);
+const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len =
+ sizeof(mbedtls_test_srv_crt_rsa_sha256_pem);
+
+const size_t mbedtls_test_srv_crt_ec_der_len =
+ sizeof(mbedtls_test_srv_crt_ec_der);
+const size_t mbedtls_test_srv_key_ec_der_len =
+ sizeof(mbedtls_test_srv_key_ec_der);
+const size_t mbedtls_test_srv_pwd_ec_der_len = 0;
+const size_t mbedtls_test_srv_key_rsa_der_len =
+ sizeof(mbedtls_test_srv_key_rsa_der);
+const size_t mbedtls_test_srv_pwd_rsa_der_len = 0;
+const size_t mbedtls_test_srv_crt_rsa_sha1_der_len =
+ sizeof(mbedtls_test_srv_crt_rsa_sha1_der);
+const size_t mbedtls_test_srv_crt_rsa_sha256_der_len =
+ sizeof(mbedtls_test_srv_crt_rsa_sha256_der);
+
+/*
+ * Client
+ */
+
+const char mbedtls_test_cli_crt_ec_pem[] = TEST_CLI_CRT_EC_PEM;
+const char mbedtls_test_cli_key_ec_pem[] = TEST_CLI_KEY_EC_PEM;
+const char mbedtls_test_cli_pwd_ec_pem[] = "";
+const char mbedtls_test_cli_key_rsa_pem[] = TEST_CLI_KEY_RSA_PEM;
+const char mbedtls_test_cli_pwd_rsa_pem[] = "";
+const char mbedtls_test_cli_crt_rsa_pem[] = TEST_CLI_CRT_RSA_PEM;
+
+const unsigned char mbedtls_test_cli_crt_ec_der[] = TEST_CLI_CRT_EC_DER;
+const unsigned char mbedtls_test_cli_key_ec_der[] = TEST_CLI_KEY_EC_DER;
+const unsigned char mbedtls_test_cli_key_rsa_der[] = TEST_CLI_KEY_RSA_DER;
+const unsigned char mbedtls_test_cli_crt_rsa_der[] = TEST_CLI_CRT_RSA_DER;
+
+const size_t mbedtls_test_cli_crt_ec_pem_len =
+ sizeof(mbedtls_test_cli_crt_ec_pem);
+const size_t mbedtls_test_cli_key_ec_pem_len =
+ sizeof(mbedtls_test_cli_key_ec_pem);
+const size_t mbedtls_test_cli_pwd_ec_pem_len =
+ sizeof(mbedtls_test_cli_pwd_ec_pem) - 1;
+const size_t mbedtls_test_cli_key_rsa_pem_len =
+ sizeof(mbedtls_test_cli_key_rsa_pem);
+const size_t mbedtls_test_cli_pwd_rsa_pem_len =
+ sizeof(mbedtls_test_cli_pwd_rsa_pem) - 1;
+const size_t mbedtls_test_cli_crt_rsa_pem_len =
+ sizeof(mbedtls_test_cli_crt_rsa_pem);
+
+const size_t mbedtls_test_cli_crt_ec_der_len =
+ sizeof(mbedtls_test_cli_crt_ec_der);
+const size_t mbedtls_test_cli_key_ec_der_len =
+ sizeof(mbedtls_test_cli_key_ec_der);
+const size_t mbedtls_test_cli_key_rsa_der_len =
+ sizeof(mbedtls_test_cli_key_rsa_der);
+const size_t mbedtls_test_cli_crt_rsa_der_len =
+ sizeof(mbedtls_test_cli_crt_rsa_der);
+
+/*
+ *
+ * Definitions of test CRTs without specification of all parameters, choosing
+ * them automatically according to the config. For example, mbedtls_test_ca_crt
+ * is one of mbedtls_test_ca_crt_{rsa|ec}_{sha1|sha256}_{pem|der}.
+ *
+ */
+
+/*
+ * Dispatch between PEM and DER according to config
+ */
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+
+/* PEM encoded test CA certificates and keys */
+
+#define TEST_CA_KEY_RSA TEST_CA_KEY_RSA_PEM
+#define TEST_CA_PWD_RSA TEST_CA_PWD_RSA_PEM
+#define TEST_CA_CRT_RSA_SHA256 TEST_CA_CRT_RSA_SHA256_PEM
+#define TEST_CA_CRT_RSA_SHA1 TEST_CA_CRT_RSA_SHA1_PEM
+#define TEST_CA_KEY_EC TEST_CA_KEY_EC_PEM
+#define TEST_CA_PWD_EC TEST_CA_PWD_EC_PEM
+#define TEST_CA_CRT_EC TEST_CA_CRT_EC_PEM
+
+/* PEM encoded test server certificates and keys */
+
+#define TEST_SRV_KEY_RSA TEST_SRV_KEY_RSA_PEM
+#define TEST_SRV_PWD_RSA ""
+#define TEST_SRV_CRT_RSA_SHA256 TEST_SRV_CRT_RSA_SHA256_PEM
+#define TEST_SRV_CRT_RSA_SHA1 TEST_SRV_CRT_RSA_SHA1_PEM
+#define TEST_SRV_KEY_EC TEST_SRV_KEY_EC_PEM
+#define TEST_SRV_PWD_EC ""
+#define TEST_SRV_CRT_EC TEST_SRV_CRT_EC_PEM
+
+/* PEM encoded test client certificates and keys */
+
+#define TEST_CLI_KEY_RSA TEST_CLI_KEY_RSA_PEM
+#define TEST_CLI_PWD_RSA ""
+#define TEST_CLI_CRT_RSA TEST_CLI_CRT_RSA_PEM
+#define TEST_CLI_KEY_EC TEST_CLI_KEY_EC_PEM
+#define TEST_CLI_PWD_EC ""
+#define TEST_CLI_CRT_EC TEST_CLI_CRT_EC_PEM
+
+#else /* MBEDTLS_PEM_PARSE_C */
+
+/* DER encoded test CA certificates and keys */
+
+#define TEST_CA_KEY_RSA TEST_CA_KEY_RSA_DER
+#define TEST_CA_PWD_RSA ""
+#define TEST_CA_CRT_RSA_SHA256 TEST_CA_CRT_RSA_SHA256_DER
+#define TEST_CA_CRT_RSA_SHA1 TEST_CA_CRT_RSA_SHA1_DER
+#define TEST_CA_KEY_EC TEST_CA_KEY_EC_DER
+#define TEST_CA_PWD_EC ""
+#define TEST_CA_CRT_EC TEST_CA_CRT_EC_DER
+
+/* DER encoded test server certificates and keys */
+
+#define TEST_SRV_KEY_RSA TEST_SRV_KEY_RSA_DER
+#define TEST_SRV_PWD_RSA ""
+#define TEST_SRV_CRT_RSA_SHA256 TEST_SRV_CRT_RSA_SHA256_DER
+#define TEST_SRV_CRT_RSA_SHA1 TEST_SRV_CRT_RSA_SHA1_DER
+#define TEST_SRV_KEY_EC TEST_SRV_KEY_EC_DER
+#define TEST_SRV_PWD_EC ""
+#define TEST_SRV_CRT_EC TEST_SRV_CRT_EC_DER
+
+/* DER encoded test client certificates and keys */
+
+#define TEST_CLI_KEY_RSA TEST_CLI_KEY_RSA_DER
+#define TEST_CLI_PWD_RSA ""
+#define TEST_CLI_CRT_RSA TEST_CLI_CRT_RSA_DER
+#define TEST_CLI_KEY_EC TEST_CLI_KEY_EC_DER
+#define TEST_CLI_PWD_EC ""
+#define TEST_CLI_CRT_EC TEST_CLI_CRT_EC_DER
+
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+const char mbedtls_test_ca_key_rsa[] = TEST_CA_KEY_RSA;
+const char mbedtls_test_ca_pwd_rsa[] = TEST_CA_PWD_RSA;
+const char mbedtls_test_ca_crt_rsa_sha256[] = TEST_CA_CRT_RSA_SHA256;
+const char mbedtls_test_ca_crt_rsa_sha1[] = TEST_CA_CRT_RSA_SHA1;
+const char mbedtls_test_ca_key_ec[] = TEST_CA_KEY_EC;
+const char mbedtls_test_ca_pwd_ec[] = TEST_CA_PWD_EC;
+const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC;
+
+const char mbedtls_test_srv_key_rsa[] = TEST_SRV_KEY_RSA;
+const char mbedtls_test_srv_pwd_rsa[] = TEST_SRV_PWD_RSA;
+const char mbedtls_test_srv_crt_rsa_sha256[] = TEST_SRV_CRT_RSA_SHA256;
+const char mbedtls_test_srv_crt_rsa_sha1[] = TEST_SRV_CRT_RSA_SHA1;
+const char mbedtls_test_srv_key_ec[] = TEST_SRV_KEY_EC;
+const char mbedtls_test_srv_pwd_ec[] = TEST_SRV_PWD_EC;
+const char mbedtls_test_srv_crt_ec[] = TEST_SRV_CRT_EC;
+
+const char mbedtls_test_cli_key_rsa[] = TEST_CLI_KEY_RSA;
+const char mbedtls_test_cli_pwd_rsa[] = TEST_CLI_PWD_RSA;
+const char mbedtls_test_cli_crt_rsa[] = TEST_CLI_CRT_RSA;
+const char mbedtls_test_cli_key_ec[] = TEST_CLI_KEY_EC;
+const char mbedtls_test_cli_pwd_ec[] = TEST_CLI_PWD_EC;
+const char mbedtls_test_cli_crt_ec[] = TEST_CLI_CRT_EC;
+
+const size_t mbedtls_test_ca_key_rsa_len =
+ sizeof(mbedtls_test_ca_key_rsa);
+const size_t mbedtls_test_ca_pwd_rsa_len =
+ sizeof(mbedtls_test_ca_pwd_rsa) - 1;
+const size_t mbedtls_test_ca_crt_rsa_sha256_len =
+ sizeof(mbedtls_test_ca_crt_rsa_sha256);
+const size_t mbedtls_test_ca_crt_rsa_sha1_len =
+ sizeof(mbedtls_test_ca_crt_rsa_sha1);
+const size_t mbedtls_test_ca_key_ec_len =
+ sizeof(mbedtls_test_ca_key_ec);
+const size_t mbedtls_test_ca_pwd_ec_len =
+ sizeof(mbedtls_test_ca_pwd_ec) - 1;
+const size_t mbedtls_test_ca_crt_ec_len =
+ sizeof(mbedtls_test_ca_crt_ec);
+
+const size_t mbedtls_test_srv_key_rsa_len =
+ sizeof(mbedtls_test_srv_key_rsa);
+const size_t mbedtls_test_srv_pwd_rsa_len =
+ sizeof(mbedtls_test_srv_pwd_rsa) -1;
+const size_t mbedtls_test_srv_crt_rsa_sha256_len =
+ sizeof(mbedtls_test_srv_crt_rsa_sha256);
+const size_t mbedtls_test_srv_crt_rsa_sha1_len =
+ sizeof(mbedtls_test_srv_crt_rsa_sha1);
+const size_t mbedtls_test_srv_key_ec_len =
+ sizeof(mbedtls_test_srv_key_ec);
+const size_t mbedtls_test_srv_pwd_ec_len =
+ sizeof(mbedtls_test_srv_pwd_ec) - 1;
+const size_t mbedtls_test_srv_crt_ec_len =
+ sizeof(mbedtls_test_srv_crt_ec);
+
+const size_t mbedtls_test_cli_key_rsa_len =
+ sizeof(mbedtls_test_cli_key_rsa);
+const size_t mbedtls_test_cli_pwd_rsa_len =
+ sizeof(mbedtls_test_cli_pwd_rsa) - 1;
+const size_t mbedtls_test_cli_crt_rsa_len =
+ sizeof(mbedtls_test_cli_crt_rsa);
+const size_t mbedtls_test_cli_key_ec_len =
+ sizeof(mbedtls_test_cli_key_ec);
+const size_t mbedtls_test_cli_pwd_ec_len =
+ sizeof(mbedtls_test_cli_pwd_ec) - 1;
+const size_t mbedtls_test_cli_crt_ec_len =
+ sizeof(mbedtls_test_cli_crt_ec);
+
+/*
+ * Dispatch between SHA-1 and SHA-256
+ */
+
+#if defined(MBEDTLS_MD_CAN_SHA256)
+#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA256
+#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA256
+#else
+#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA1
+#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA1
+#endif /* MBEDTLS_MD_CAN_SHA256 */
+
+const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
+const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA;
+
+const size_t mbedtls_test_ca_crt_rsa_len =
+ sizeof(mbedtls_test_ca_crt_rsa);
+const size_t mbedtls_test_srv_crt_rsa_len =
+ sizeof(mbedtls_test_srv_crt_rsa);
+
+/*
+ * Dispatch between RSA and EC
+ */
+
+#if defined(MBEDTLS_RSA_C)
+
+#define TEST_CA_KEY TEST_CA_KEY_RSA
+#define TEST_CA_PWD TEST_CA_PWD_RSA
+#define TEST_CA_CRT TEST_CA_CRT_RSA
+
+#define TEST_SRV_KEY TEST_SRV_KEY_RSA
+#define TEST_SRV_PWD TEST_SRV_PWD_RSA
+#define TEST_SRV_CRT TEST_SRV_CRT_RSA
+
+#define TEST_CLI_KEY TEST_CLI_KEY_RSA
+#define TEST_CLI_PWD TEST_CLI_PWD_RSA
+#define TEST_CLI_CRT TEST_CLI_CRT_RSA
+
+#else /* no RSA, so assume ECDSA */
+
+#define TEST_CA_KEY TEST_CA_KEY_EC
+#define TEST_CA_PWD TEST_CA_PWD_EC
+#define TEST_CA_CRT TEST_CA_CRT_EC
+
+#define TEST_SRV_KEY TEST_SRV_KEY_EC
+#define TEST_SRV_PWD TEST_SRV_PWD_EC
+#define TEST_SRV_CRT TEST_SRV_CRT_EC
+
+#define TEST_CLI_KEY TEST_CLI_KEY_EC
+#define TEST_CLI_PWD TEST_CLI_PWD_EC
+#define TEST_CLI_CRT TEST_CLI_CRT_EC
+#endif /* MBEDTLS_RSA_C */
+
+/* API stability forces us to declare
+ * mbedtls_test_{ca|srv|cli}_{key|pwd|crt}
+ * as pointers. */
+static const char test_ca_key[] = TEST_CA_KEY;
+static const char test_ca_pwd[] = TEST_CA_PWD;
+static const char test_ca_crt[] = TEST_CA_CRT;
+
+static const char test_srv_key[] = TEST_SRV_KEY;
+static const char test_srv_pwd[] = TEST_SRV_PWD;
+static const char test_srv_crt[] = TEST_SRV_CRT;
+
+static const char test_cli_key[] = TEST_CLI_KEY;
+static const char test_cli_pwd[] = TEST_CLI_PWD;
+static const char test_cli_crt[] = TEST_CLI_CRT;
+
+const char *mbedtls_test_ca_key = test_ca_key;
+const char *mbedtls_test_ca_pwd = test_ca_pwd;
+const char *mbedtls_test_ca_crt = test_ca_crt;
+
+const char *mbedtls_test_srv_key = test_srv_key;
+const char *mbedtls_test_srv_pwd = test_srv_pwd;
+const char *mbedtls_test_srv_crt = test_srv_crt;
+
+const char *mbedtls_test_cli_key = test_cli_key;
+const char *mbedtls_test_cli_pwd = test_cli_pwd;
+const char *mbedtls_test_cli_crt = test_cli_crt;
+
+const size_t mbedtls_test_ca_key_len =
+ sizeof(test_ca_key);
+const size_t mbedtls_test_ca_pwd_len =
+ sizeof(test_ca_pwd) - 1;
+const size_t mbedtls_test_ca_crt_len =
+ sizeof(test_ca_crt);
+
+const size_t mbedtls_test_srv_key_len =
+ sizeof(test_srv_key);
+const size_t mbedtls_test_srv_pwd_len =
+ sizeof(test_srv_pwd) - 1;
+const size_t mbedtls_test_srv_crt_len =
+ sizeof(test_srv_crt);
+
+const size_t mbedtls_test_cli_key_len =
+ sizeof(test_cli_key);
+const size_t mbedtls_test_cli_pwd_len =
+ sizeof(test_cli_pwd) - 1;
+const size_t mbedtls_test_cli_crt_len =
+ sizeof(test_cli_crt);
+
+/*
+ *
+ * Lists of certificates
+ *
+ */
+
+/* List of CAs in PEM or DER, depending on config */
+const char *mbedtls_test_cas[] = {
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1)
+ mbedtls_test_ca_crt_rsa_sha1,
+#endif
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
+ mbedtls_test_ca_crt_rsa_sha256,
+#endif
+#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
+ mbedtls_test_ca_crt_ec,
+#endif
+ NULL
+};
+const size_t mbedtls_test_cas_len[] = {
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1)
+ sizeof(mbedtls_test_ca_crt_rsa_sha1),
+#endif
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
+ sizeof(mbedtls_test_ca_crt_rsa_sha256),
+#endif
+#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
+ sizeof(mbedtls_test_ca_crt_ec),
+#endif
+ 0
+};
+
+/* List of all available CA certificates in DER format */
+const unsigned char *mbedtls_test_cas_der[] = {
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_MD_CAN_SHA256)
+ mbedtls_test_ca_crt_rsa_sha256_der,
+#endif /* MBEDTLS_MD_CAN_SHA256 */
+#if defined(MBEDTLS_MD_CAN_SHA1)
+ mbedtls_test_ca_crt_rsa_sha1_der,
+#endif /* MBEDTLS_MD_CAN_SHA1 */
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
+ mbedtls_test_ca_crt_ec_der,
+#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */
+ NULL
+};
+
+const size_t mbedtls_test_cas_der_len[] = {
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_MD_CAN_SHA256)
+ sizeof(mbedtls_test_ca_crt_rsa_sha256_der),
+#endif /* MBEDTLS_MD_CAN_SHA256 */
+#if defined(MBEDTLS_MD_CAN_SHA1)
+ sizeof(mbedtls_test_ca_crt_rsa_sha1_der),
+#endif /* MBEDTLS_MD_CAN_SHA1 */
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
+ sizeof(mbedtls_test_ca_crt_ec_der),
+#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */
+ 0
+};
+
+/* Concatenation of all available CA certificates in PEM format */
+#if defined(MBEDTLS_PEM_PARSE_C)
+const char mbedtls_test_cas_pem[] =
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_MD_CAN_SHA256)
+ TEST_CA_CRT_RSA_SHA256_PEM
+#endif /* MBEDTLS_MD_CAN_SHA256 */
+#if defined(MBEDTLS_MD_CAN_SHA1)
+ TEST_CA_CRT_RSA_SHA1_PEM
+#endif /* MBEDTLS_MD_CAN_SHA1 */
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
+ TEST_CA_CRT_EC_PEM
+#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */
+ "";
+const size_t mbedtls_test_cas_pem_len = sizeof(mbedtls_test_cas_pem);
+#endif /* MBEDTLS_PEM_PARSE_C */
diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c
new file mode 100644
index 0000000..76ec12a
--- /dev/null
+++ b/tests/src/drivers/hash.c
@@ -0,0 +1,199 @@
+/*
+ * Test driver for hash entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_hash.h"
+
+#include "test/drivers/hash.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_hash.h"
+#endif
+
+mbedtls_test_driver_hash_hooks_t
+ mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT;
+
+psa_status_t mbedtls_test_transparent_hash_compute(
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *hash, size_t hash_size, size_t *hash_length)
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_hash_compute(
+ alg, input, input_length,
+ hash, hash_size, hash_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_compute(
+ alg, input, input_length,
+ hash, hash_size, hash_length);
+#else
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) hash;
+ (void) hash_size;
+ (void) hash_length;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_setup(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_hash_setup(operation, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_setup(operation, alg);
+#else
+ (void) operation;
+ (void) alg;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_clone(
+ const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
+ mbedtls_transparent_test_driver_hash_operation_t *target_operation)
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_hash_clone(source_operation,
+ target_operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_clone(source_operation, target_operation);
+#else
+ (void) source_operation;
+ (void) target_operation;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_update(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_hash_update(
+ operation, input, input_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_update(operation, input, input_length);
+#else
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_finish(
+ mbedtls_transparent_test_driver_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_hash_finish(
+ operation, hash, hash_size, hash_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_finish(operation, hash, hash_size, hash_length);
+#else
+ (void) operation;
+ (void) hash;
+ (void) hash_size;
+ (void) hash_length;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_abort(
+ mbedtls_transparent_test_driver_hash_operation_t *operation)
+{
+ mbedtls_test_driver_hash_hooks.hits++;
+
+ if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_test_driver_hash_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_hash_abort(operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_abort(operation);
+#else
+ (void) operation;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_hash_hooks.driver_status;
+}
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c
new file mode 100644
index 0000000..01fc050
--- /dev/null
+++ b/tests/src/drivers/platform_builtin_keys.c
@@ -0,0 +1,78 @@
+/** \file platform_builtin_keys.c
+ *
+ * \brief Test driver implementation of the builtin key support
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#include <psa/crypto.h>
+#include <psa/crypto_extra.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <test/drivers/test_driver.h>
+#endif
+
+typedef struct {
+ psa_key_id_t builtin_key_id;
+ psa_key_lifetime_t lifetime;
+ psa_drv_slot_number_t slot_number;
+} mbedtls_psa_builtin_key_description_t;
+
+static const mbedtls_psa_builtin_key_description_t builtin_keys[] = {
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ /* For testing, assign the AES builtin key slot to the boundary values.
+ * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT },
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+ { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1,
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+#else
+ { 0, 0, 0 }
+#endif
+};
+
+psa_status_t mbedtls_psa_platform_get_builtin_key(
+ mbedtls_svc_key_id_t key_id,
+ psa_key_lifetime_t *lifetime,
+ psa_drv_slot_number_t *slot_number)
+{
+ psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id);
+ const mbedtls_psa_builtin_key_description_t *builtin_key;
+
+ for (size_t i = 0;
+ i < (sizeof(builtin_keys) / sizeof(builtin_keys[0])); i++) {
+ builtin_key = &builtin_keys[i];
+ if (builtin_key->builtin_key_id == app_key_id) {
+ *lifetime = builtin_key->lifetime;
+ *slot_number = builtin_key->slot_number;
+ return PSA_SUCCESS;
+ }
+ }
+
+ return PSA_ERROR_DOES_NOT_EXIST;
+}
diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c
new file mode 100644
index 0000000..314ce83
--- /dev/null
+++ b/tests/src/drivers/test_driver_aead.c
@@ -0,0 +1,462 @@
+/*
+ * Test driver for AEAD entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_aead.h"
+#include "psa_crypto_core.h"
+
+#include "test/drivers/aead.h"
+
+#include "mbedtls/constant_time.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_aead.h"
+#endif
+
+mbedtls_test_driver_aead_hooks_t
+ mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT;
+
+psa_status_t mbedtls_test_transparent_aead_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *plaintext, size_t plaintext_length,
+ uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
+{
+ mbedtls_test_driver_aead_hooks.hits_encrypt++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_encrypt(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, plaintext_length,
+ ciphertext, ciphertext_size, ciphertext_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_encrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, plaintext_length,
+ ciphertext, ciphertext_size, ciphertext_length);
+#else
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) nonce;
+ (void) nonce_length;
+ (void) additional_data;
+ (void) additional_data_length;
+ (void) plaintext;
+ (void) plaintext_length;
+ (void) ciphertext;
+ (void) ciphertext_size;
+ (void) ciphertext_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *nonce, size_t nonce_length,
+ const uint8_t *additional_data, size_t additional_data_length,
+ const uint8_t *ciphertext, size_t ciphertext_length,
+ uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
+{
+ mbedtls_test_driver_aead_hooks.hits_decrypt++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_decrypt(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ ciphertext, ciphertext_length,
+ plaintext, plaintext_size, plaintext_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_decrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ ciphertext, ciphertext_length,
+ plaintext, plaintext_size, plaintext_length);
+#else
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) nonce;
+ (void) nonce_length;
+ (void) additional_data;
+ (void) additional_data_length;
+ (void) ciphertext;
+ (void) ciphertext_length;
+ (void) plaintext;
+ (void) plaintext_size;
+ (void) plaintext_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_encrypt_setup(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_aead_hooks.hits_encrypt_setup++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_encrypt_setup(operation,
+ (const libtestdriver1_psa_key_attributes_t
+ *) attributes,
+ key_buffer,
+ key_buffer_size, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_encrypt_setup(operation, attributes, key_buffer,
+ key_buffer_size, alg);
+#else
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_decrypt_setup(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_aead_hooks.hits_decrypt_setup++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_decrypt_setup(operation,
+ (const libtestdriver1_psa_key_attributes_t
+ *) attributes,
+ key_buffer, key_buffer_size, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_decrypt_setup(operation, attributes, key_buffer,
+ key_buffer_size, alg);
+#else
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_set_nonce(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const uint8_t *nonce,
+ size_t nonce_length)
+{
+ mbedtls_test_driver_aead_hooks.hits_set_nonce++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_set_nonce(operation, nonce, nonce_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_set_nonce(operation, nonce, nonce_length);
+#else
+ (void) operation;
+ (void) nonce;
+ (void) nonce_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_set_lengths(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ size_t ad_length,
+ size_t plaintext_length)
+{
+ mbedtls_test_driver_aead_hooks.hits_set_lengths++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_set_lengths(operation, ad_length,
+ plaintext_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_set_lengths(operation, ad_length,
+ plaintext_length);
+#else
+ (void) operation;
+ (void) ad_length;
+ (void) plaintext_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_update_ad(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
+{
+ mbedtls_test_driver_aead_hooks.hits_update_ad++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_update_ad(operation, input, input_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_update_ad(operation, input, input_length);
+#else
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_update(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ mbedtls_test_driver_aead_hooks.hits_update++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_update(operation, input,
+ input_length, output,
+ output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_update(operation, input, input_length, output,
+ output_size, output_length);
+#else
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_finish(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length,
+ uint8_t *tag,
+ size_t tag_size,
+ size_t *tag_length)
+{
+ mbedtls_test_driver_aead_hooks.hits_finish++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_finish(operation, ciphertext,
+ ciphertext_size, ciphertext_length,
+ tag, tag_size, tag_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_finish(operation, ciphertext, ciphertext_size,
+ ciphertext_length, tag, tag_size,
+ tag_length);
+#else
+ (void) operation;
+ (void) ciphertext;
+ (void) ciphertext_size;
+ (void) ciphertext_length;
+ (void) tag;
+ (void) tag_size;
+ (void) tag_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_verify(
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length,
+ const uint8_t *tag,
+ size_t tag_length)
+{
+ mbedtls_test_driver_aead_hooks.hits_verify++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+ uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];
+ size_t check_tag_length = 0;
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_finish(operation,
+ plaintext,
+ plaintext_size,
+ plaintext_length,
+ check_tag,
+ sizeof(check_tag),
+ &check_tag_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_finish(operation,
+ plaintext,
+ plaintext_size,
+ plaintext_length,
+ check_tag,
+ sizeof(check_tag),
+ &check_tag_length);
+#else
+ (void) operation;
+ (void) plaintext;
+ (void) plaintext_size;
+ (void) plaintext_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+
+ if (mbedtls_test_driver_aead_hooks.driver_status == PSA_SUCCESS) {
+ if (tag_length != check_tag_length ||
+ mbedtls_ct_memcmp(tag, check_tag, tag_length)
+ != 0) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ PSA_ERROR_INVALID_SIGNATURE;
+ }
+ }
+
+ mbedtls_platform_zeroize(check_tag, sizeof(check_tag));
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_abort(
+ mbedtls_transparent_test_driver_aead_operation_t *operation)
+{
+ mbedtls_test_driver_aead_hooks.hits_abort++;
+
+ if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_test_driver_aead_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_abort(operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ mbedtls_psa_aead_abort(operation);
+#else
+ (void) operation;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c
new file mode 100644
index 0000000..4fc8c9d
--- /dev/null
+++ b/tests/src/drivers/test_driver_asymmetric_encryption.c
@@ -0,0 +1,181 @@
+/*
+ * Test driver for asymmetric encryption.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "mbedtls/rsa.h"
+#include "psa_crypto_rsa.h"
+#include "string.h"
+#include "test/drivers/asymmetric_encryption.h"
+#include "test/drivers/key_management.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_rsa.h"
+#endif
+
+#define PSA_RSA_KEY_PAIR_MAX_SIZE \
+ PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS)
+
+mbedtls_test_driver_asymmetric_encryption_hooks_t mbedtls_test_driver_asymmetric_encryption_hooks =
+ MBEDTLS_TEST_DRIVER_ASYMMETRIC_ENCRYPTION_INIT;
+
+psa_status_t mbedtls_test_transparent_asymmetric_encrypt(
+ const psa_key_attributes_t *attributes, const uint8_t *key_buffer,
+ size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input,
+ size_t input_length, const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ mbedtls_test_driver_asymmetric_encryption_hooks.hits++;
+
+ if (mbedtls_test_driver_asymmetric_encryption_hooks.forced_output != NULL) {
+ if (output_size < mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(output,
+ mbedtls_test_driver_asymmetric_encryption_hooks.forced_output,
+ mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length);
+ *output_length = mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length;
+
+ return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_asymmetric_encryption_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+ return libtestdriver1_mbedtls_psa_asymmetric_encrypt(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, input, input_length, salt, salt_length,
+ output, output_size, output_length);
+#else
+ return mbedtls_psa_asymmetric_encrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg, input, input_length, salt, salt_length,
+ output, output_size, output_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_asymmetric_decrypt(
+ const psa_key_attributes_t *attributes, const uint8_t *key_buffer,
+ size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input,
+ size_t input_length, const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ mbedtls_test_driver_asymmetric_encryption_hooks.hits++;
+
+ if (mbedtls_test_driver_asymmetric_encryption_hooks.forced_output != NULL) {
+ if (output_size < mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(output,
+ mbedtls_test_driver_asymmetric_encryption_hooks.forced_output,
+ mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length);
+ *output_length = mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length;
+
+ return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_asymmetric_encryption_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+ return libtestdriver1_mbedtls_psa_asymmetric_decrypt(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, input, input_length, salt, salt_length,
+ output, output_size, output_length);
+#else
+ return mbedtls_psa_asymmetric_decrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg, input, input_length, salt, salt_length,
+ output, output_size, output_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+/*
+ * opaque versions
+ */
+psa_status_t mbedtls_test_opaque_asymmetric_encrypt(
+ const psa_key_attributes_t *attributes, const uint8_t *key,
+ size_t key_length, psa_algorithm_t alg, const uint8_t *input,
+ size_t input_length, const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ unsigned char unwrapped_key[PSA_RSA_KEY_PAIR_MAX_SIZE];
+ size_t unwrapped_key_length;
+ psa_status_t status;
+
+ status = mbedtls_test_opaque_unwrap_key(key, key_length,
+ unwrapped_key, sizeof(unwrapped_key),
+ &unwrapped_key_length);
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) || defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT))
+ return libtestdriver1_mbedtls_psa_asymmetric_encrypt(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ unwrapped_key, unwrapped_key_length,
+ alg, input, input_length, salt, salt_length,
+ output, output_size, output_length);
+#else
+ return mbedtls_psa_asymmetric_encrypt(
+ attributes, unwrapped_key, unwrapped_key_length,
+ alg, input, input_length, salt, salt_length,
+ output, output_size, output_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_asymmetric_decrypt(
+ const psa_key_attributes_t *attributes, const uint8_t *key,
+ size_t key_length, psa_algorithm_t alg, const uint8_t *input,
+ size_t input_length, const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ unsigned char unwrapped_key[PSA_RSA_KEY_PAIR_MAX_SIZE];
+ size_t unwrapped_key_length;
+ psa_status_t status;
+
+ status = mbedtls_test_opaque_unwrap_key(key, key_length,
+ unwrapped_key, sizeof(unwrapped_key),
+ &unwrapped_key_length);
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) || defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT))
+ return libtestdriver1_mbedtls_psa_asymmetric_decrypt(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ unwrapped_key, unwrapped_key_length,
+ alg, input, input_length, salt, salt_length,
+ output, output_size, output_length);
+#else
+ return mbedtls_psa_asymmetric_decrypt(
+ attributes, unwrapped_key, unwrapped_key_length,
+ alg, input, input_length, salt, salt_length,
+ output, output_size, output_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c
new file mode 100644
index 0000000..2bc751a
--- /dev/null
+++ b/tests/src/drivers/test_driver_cipher.c
@@ -0,0 +1,432 @@
+/*
+ * Test driver for cipher functions.
+ * Currently only supports multi-part operations using AES-CTR.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_cipher.h"
+#include "psa_crypto_core.h"
+#include "mbedtls/cipher.h"
+
+#include "test/drivers/cipher.h"
+
+#include "test/random.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_cipher.h"
+#endif
+
+#include <string.h>
+
+mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks =
+ MBEDTLS_TEST_DRIVER_CIPHER_INIT;
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *iv,
+ size_t iv_length,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+ mbedtls_test_driver_cipher_hooks.hits_encrypt++;
+
+ if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
+ if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length);
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+ if (mbedtls_test_driver_cipher_hooks.forced_status_encrypt != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status_encrypt;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return libtestdriver1_mbedtls_psa_cipher_encrypt(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, iv, iv_length, input, input_length,
+ output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return mbedtls_psa_cipher_encrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg, iv, iv_length, input, input_length,
+ output, output_size, output_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
+ if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length);
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return libtestdriver1_mbedtls_psa_cipher_decrypt(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return mbedtls_psa_cipher_decrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ /* Wiping the entire struct here, instead of member-by-member. This is
+ * useful for the test suite, since it gives a chance of catching memory
+ * corruption errors should the core not have allocated (enough) memory for
+ * our context struct. */
+ memset(operation, 0, sizeof(*operation));
+
+ if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return libtestdriver1_mbedtls_psa_cipher_encrypt_setup(
+ operation,
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key, key_length, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return mbedtls_psa_cipher_encrypt_setup(
+ operation, attributes, key, key_length, alg);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt_setup(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return libtestdriver1_mbedtls_psa_cipher_decrypt_setup(
+ operation,
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key, key_length, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return mbedtls_psa_cipher_decrypt_setup(
+ operation, attributes, key, key_length, alg);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_abort(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ libtestdriver1_mbedtls_psa_cipher_abort(operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ mbedtls_psa_cipher_abort(operation);
+#endif
+
+ /* Wiping the entire struct here, instead of member-by-member. This is
+ * useful for the test suite, since it gives a chance of catching memory
+ * corruption errors should the core not have allocated (enough) memory for
+ * our context struct. */
+ memset(operation, 0, sizeof(*operation));
+
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_set_iv(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const uint8_t *iv,
+ size_t iv_length)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+ mbedtls_test_driver_cipher_hooks.hits_set_iv++;
+
+ if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+ if (mbedtls_test_driver_cipher_hooks.forced_status_set_iv != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status_set_iv;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return libtestdriver1_mbedtls_psa_cipher_set_iv(
+ operation, iv, iv_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return mbedtls_psa_cipher_set_iv(operation, iv, iv_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_update(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
+ if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length);
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return libtestdriver1_mbedtls_psa_cipher_update(
+ operation, input, input_length,
+ output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return mbedtls_psa_cipher_update(
+ operation, input, input_length,
+ output, output_size, output_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_finish(
+ mbedtls_transparent_test_driver_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
+ if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length);
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_cipher_hooks.forced_status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return libtestdriver1_mbedtls_psa_cipher_finish(
+ operation, output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return mbedtls_psa_cipher_finish(
+ operation, output, output_size, output_length);
+#endif
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+/*
+ * opaque versions, to do
+ */
+psa_status_t mbedtls_test_opaque_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *iv, size_t iv_length,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) iv;
+ (void) iv_length;
+ (void) input;
+ (void) input_length;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_encrypt_setup(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg)
+{
+ (void) operation;
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt_setup(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg)
+{
+ (void) operation;
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_abort(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation)
+{
+ (void) operation;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_set_iv(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const uint8_t *iv,
+ size_t iv_length)
+{
+ (void) operation;
+ (void) iv;
+ (void) iv_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_update(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_finish(
+ mbedtls_opaque_test_driver_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ (void) operation;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c
new file mode 100644
index 0000000..8471959
--- /dev/null
+++ b/tests/src/drivers/test_driver_key_agreement.c
@@ -0,0 +1,147 @@
+/*
+ * Test driver for key agreement functions.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_ffdh.h"
+
+#include "test/drivers/key_agreement.h"
+#include "test/drivers/test_driver.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/include/psa/crypto.h"
+#include "libtestdriver1/library/psa_crypto_ecp.h"
+#include "libtestdriver1/library/psa_crypto_ffdh.h"
+#endif
+
+mbedtls_test_driver_key_agreement_hooks_t
+ mbedtls_test_driver_key_agreement_hooks = MBEDTLS_TEST_DRIVER_KEY_AGREEMENT_INIT;
+
+psa_status_t mbedtls_test_transparent_key_agreement(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ uint8_t *shared_secret,
+ size_t shared_secret_size,
+ size_t *shared_secret_length)
+{
+ mbedtls_test_driver_key_agreement_hooks.hits++;
+
+ if (mbedtls_test_driver_key_agreement_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_key_agreement_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_key_agreement_hooks.forced_output != NULL) {
+ if (mbedtls_test_driver_key_agreement_hooks.forced_output_length > shared_secret_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(shared_secret, mbedtls_test_driver_key_agreement_hooks.forced_output,
+ mbedtls_test_driver_key_agreement_hooks.forced_output_length);
+ *shared_secret_length = mbedtls_test_driver_key_agreement_hooks.forced_output_length;
+
+ return PSA_SUCCESS;
+ }
+
+ if (PSA_ALG_IS_ECDH(alg)) {
+#if (defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDH))
+ return libtestdriver1_mbedtls_psa_key_agreement_ecdh(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, peer_key, peer_key_length,
+ shared_secret, shared_secret_size,
+ shared_secret_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
+ return mbedtls_psa_key_agreement_ecdh(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, peer_key, peer_key_length,
+ shared_secret, shared_secret_size,
+ shared_secret_length);
+#else
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) peer_key;
+ (void) peer_key_length;
+ (void) shared_secret;
+ (void) shared_secret_size;
+ (void) shared_secret_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+ if (PSA_ALG_IS_FFDH(alg)) {
+#if (defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_FFDH))
+ return libtestdriver1_mbedtls_psa_ffdh_key_agreement(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ peer_key, peer_key_length,
+ key_buffer, key_buffer_size,
+ shared_secret, shared_secret_size,
+ shared_secret_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_FFDH)
+ return mbedtls_psa_ffdh_key_agreement(
+ attributes,
+ peer_key,
+ peer_key_length,
+ key_buffer,
+ key_buffer_size,
+ shared_secret,
+ shared_secret_size,
+ shared_secret_length);
+#else
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) peer_key;
+ (void) peer_key_length;
+ (void) shared_secret;
+ (void) shared_secret_size;
+ (void) shared_secret_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+#endif
+ } else {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+}
+
+psa_status_t mbedtls_test_opaque_key_agreement(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ uint8_t *shared_secret,
+ size_t shared_secret_size,
+ size_t *shared_secret_length)
+{
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) peer_key;
+ (void) peer_key_length;
+ (void) shared_secret;
+ (void) shared_secret_size;
+ (void) shared_secret_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c
new file mode 100644
index 0000000..866b31e
--- /dev/null
+++ b/tests/src/drivers/test_driver_key_management.c
@@ -0,0 +1,787 @@
+/*
+ * Test driver for generating and verifying keys.
+ * Currently only supports generating and verifying ECC keys.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_rsa.h"
+#include "psa_crypto_ffdh.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/error.h"
+
+#include "test/drivers/key_management.h"
+#include "test/drivers/test_driver.h"
+
+#include "test/random.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_ecp.h"
+#include "libtestdriver1/library/psa_crypto_rsa.h"
+#include "libtestdriver1/library/psa_crypto_ffdh.h"
+#endif
+
+#include <string.h>
+
+mbedtls_test_driver_key_management_hooks_t
+ mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
+
+const uint8_t mbedtls_test_driver_aes_key[16] =
+{ 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
+ 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
+const uint8_t mbedtls_test_driver_ecdsa_key[32] =
+{ 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
+ 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
+ 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
+ 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
+const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
+{ 0x04,
+ 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
+ 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
+ 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
+ 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
+ 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
+ 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
+ 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
+ 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
+
+psa_status_t mbedtls_test_transparent_init(void)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+ status = libtestdriver1_psa_crypto_init();
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+#endif
+
+ (void) status;
+ return PSA_SUCCESS;
+}
+
+void mbedtls_test_transparent_free(void)
+{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+ libtestdriver1_mbedtls_psa_crypto_free();
+#endif
+
+ return;
+}
+
+psa_status_t mbedtls_test_opaque_init(void)
+{
+ return PSA_SUCCESS;
+}
+
+void mbedtls_test_opaque_free(void)
+{
+ return;
+}
+
+/*
+ * This macro returns the base size for the key context when SE does not
+ * support storage. It is the size of the metadata that gets added to the
+ * wrapped key. In its test functionality the metadata is just some padded
+ * prefixing to the key.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \
+ PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE
+
+
+size_t mbedtls_test_opaque_size_function(
+ const psa_key_type_t key_type,
+ const size_t key_bits)
+{
+ size_t key_buffer_size = 0;
+
+ key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits);
+ if (key_buffer_size == 0) {
+ return 0;
+ }
+ /* Include spacing for base size overhead over the key size
+ * */
+ key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
+ return key_buffer_size;
+}
+
+static size_t mbedtls_test_opaque_get_base_size()
+{
+ return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
+}
+
+/*
+ * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the
+ * clear key. It expects the clear and wrap buffers to be passed in.
+ * key_length is the size of the clear key to be wrapped.
+ * wrapped_key_buffer_size is the size of the output buffer wrap_key.
+ * The argument wrapped_key_buffer_length is filled with the wrapped
+ * key_size on success.
+ * */
+static psa_status_t mbedtls_test_opaque_wrap_key(
+ const uint8_t *key,
+ size_t key_length,
+ uint8_t *wrapped_key_buffer,
+ size_t wrapped_key_buffer_size,
+ size_t *wrapped_key_buffer_length)
+{
+ size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
+ uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX;
+
+ if (key_length + opaque_key_base_size > wrapped_key_buffer_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ /* Write in the opaque pad prefix */
+ memcpy(wrapped_key_buffer, &prefix, opaque_key_base_size);
+ wrapped_key_buffer += opaque_key_base_size;
+ *wrapped_key_buffer_length = key_length + opaque_key_base_size;
+
+ while (key_length--) {
+ wrapped_key_buffer[key_length] = key[key_length] ^ 0xFF;
+ }
+ return PSA_SUCCESS;
+}
+
+/*
+ * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix
+ * and unwraps the wrapped key. It expects the clear and wrap buffers to be
+ * passed in.
+ * wrapped_key_length is the size of the wrapped key,
+ * key_buffer_size is the size of the output buffer clear_key.
+ * The argument key_buffer_length is filled with the unwrapped(clear)
+ * key_size on success.
+ * */
+psa_status_t mbedtls_test_opaque_unwrap_key(
+ const uint8_t *wrapped_key,
+ size_t wrapped_key_length,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length)
+{
+ /* Remove the pad prefix from the wrapped key */
+ size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
+ size_t clear_key_size;
+
+ /* Check for underflow */
+ if (wrapped_key_length < opaque_key_base_size) {
+ return PSA_ERROR_DATA_CORRUPT;
+ }
+ clear_key_size = wrapped_key_length - opaque_key_base_size;
+
+ wrapped_key += opaque_key_base_size;
+ if (clear_key_size > key_buffer_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ *key_buffer_length = clear_key_size;
+ while (clear_key_size--) {
+ key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF;
+ }
+ return PSA_SUCCESS;
+}
+
+psa_status_t mbedtls_test_transparent_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length)
+{
+ ++mbedtls_test_driver_key_management_hooks.hits;
+
+ if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_key_management_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) {
+ if (mbedtls_test_driver_key_management_hooks.forced_output_length >
+ key_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+ memcpy(key, mbedtls_test_driver_key_management_hooks.forced_output,
+ mbedtls_test_driver_key_management_hooks.forced_output_length);
+ *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
+ return PSA_SUCCESS;
+ }
+
+ if (PSA_KEY_TYPE_IS_ECC(psa_get_key_type(attributes))
+ && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
+ return libtestdriver1_mbedtls_psa_ecp_generate_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key, key_size, key_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
+ return mbedtls_psa_ecp_generate_key(
+ attributes, key, key_size, key_length);
+#endif
+ } else if (psa_get_key_type(attributes) == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
+ return libtestdriver1_mbedtls_psa_rsa_generate_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ NULL, 0, /* We don't support custom e in the test driver yet */
+ key, key_size, key_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
+ return mbedtls_psa_rsa_generate_key(
+ attributes,
+ NULL, 0, /* We don't support custom e in the test driver yet */
+ key, key_size, key_length);
+#endif
+ } else if (PSA_KEY_TYPE_IS_DH(psa_get_key_type(attributes))
+ && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE)
+ return libtestdriver1_mbedtls_psa_ffdh_generate_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key, key_size, key_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR)
+ return mbedtls_psa_ffdh_generate_key(
+ attributes, key, key_size, key_length);
+#endif
+ }
+
+ (void) attributes;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_size;
+ (void) key_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length,
+ size_t *bits)
+{
+ psa_key_type_t type = psa_get_key_type(attributes);
+
+ ++mbedtls_test_driver_key_management_hooks.hits;
+ mbedtls_test_driver_key_management_hooks.location = PSA_KEY_LOCATION_LOCAL_STORAGE;
+
+ if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_key_management_hooks.forced_status;
+ }
+
+ if (PSA_KEY_TYPE_IS_ECC(type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY))
+ return libtestdriver1_mbedtls_psa_ecp_import_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ return mbedtls_psa_ecp_import_key(
+ attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits);
+#endif
+ } else if (PSA_KEY_TYPE_IS_RSA(type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY))
+ return libtestdriver1_mbedtls_psa_rsa_import_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ return mbedtls_psa_rsa_import_key(
+ attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits);
+#endif
+ } else if (PSA_KEY_TYPE_IS_DH(type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY))
+ return libtestdriver1_mbedtls_psa_ffdh_import_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ return mbedtls_psa_ffdh_import_key(
+ attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits);
+#endif
+ }
+ (void) data;
+ (void) data_length;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) key_buffer_length;
+ (void) bits;
+ (void) type;
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+
+psa_status_t mbedtls_test_opaque_import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length,
+ size_t *bits)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t type = psa_get_key_type(attributes);
+ /* This buffer will be used as an intermediate placeholder for
+ * the clear key till we wrap it */
+ uint8_t *key_buffer_temp;
+
+ ++mbedtls_test_driver_key_management_hooks.hits;
+ mbedtls_test_driver_key_management_hooks.location = PSA_CRYPTO_TEST_DRIVER_LOCATION;
+
+ if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_key_management_hooks.forced_status;
+ }
+
+ key_buffer_temp = mbedtls_calloc(1, key_buffer_size);
+ if (key_buffer_temp == NULL) {
+ return PSA_ERROR_INSUFFICIENT_MEMORY;
+ }
+
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) {
+ *bits = PSA_BYTES_TO_BITS(data_length);
+
+ status = psa_validate_unstructured_key_bit_size(type,
+ *bits);
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+
+ if (data_length > key_buffer_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ /* Copy the key material accounting for opaque key padding. */
+ memcpy(key_buffer_temp, data, data_length);
+ *key_buffer_length = data_length;
+ } else if (PSA_KEY_TYPE_IS_ECC(type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY))
+ status = libtestdriver1_mbedtls_psa_ecp_import_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ data, data_length,
+ key_buffer_temp, key_buffer_size,
+ key_buffer_length, bits);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ status = mbedtls_psa_ecp_import_key(
+ attributes,
+ data, data_length,
+ key_buffer_temp, key_buffer_size,
+ key_buffer_length, bits);
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+ } else if (PSA_KEY_TYPE_IS_RSA(type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY))
+ status = libtestdriver1_mbedtls_psa_rsa_import_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ data, data_length,
+ key_buffer_temp, key_buffer_size,
+ key_buffer_length, bits);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ status = mbedtls_psa_rsa_import_key(
+ attributes,
+ data, data_length,
+ key_buffer_temp, key_buffer_size,
+ key_buffer_length, bits);
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+ } else {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ status = mbedtls_test_opaque_wrap_key(key_buffer_temp, *key_buffer_length,
+ key_buffer, key_buffer_size, key_buffer_length);
+exit:
+ mbedtls_free(key_buffer_temp);
+ return status;
+}
+
+psa_status_t mbedtls_test_opaque_export_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length)
+{
+ if (key_length == sizeof(psa_drv_slot_number_t)) {
+ /* Assume this is a builtin key based on the key material length. */
+ psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key);
+
+ switch (slot_number) {
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+ /* This is the ECDSA slot. Verify the key's attributes before
+ * returning the private key. */
+ if (psa_get_key_type(attributes) !=
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+ if (psa_get_key_bits(attributes) != 256) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+ if (psa_get_key_algorithm(attributes) !=
+ PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+ if ((psa_get_key_usage_flags(attributes) &
+ PSA_KEY_USAGE_EXPORT) == 0) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+
+ if (data_size < sizeof(mbedtls_test_driver_ecdsa_key)) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(data, mbedtls_test_driver_ecdsa_key,
+ sizeof(mbedtls_test_driver_ecdsa_key));
+ *data_length = sizeof(mbedtls_test_driver_ecdsa_key);
+ return PSA_SUCCESS;
+
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
+ /* This is the AES slot. Verify the key's attributes before
+ * returning the key. */
+ if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+ if (psa_get_key_bits(attributes) != 128) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+ if (psa_get_key_algorithm(attributes) != PSA_ALG_CTR) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+ if ((psa_get_key_usage_flags(attributes) &
+ PSA_KEY_USAGE_EXPORT) == 0) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+
+ if (data_size < sizeof(mbedtls_test_driver_aes_key)) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(data, mbedtls_test_driver_aes_key,
+ sizeof(mbedtls_test_driver_aes_key));
+ *data_length = sizeof(mbedtls_test_driver_aes_key);
+ return PSA_SUCCESS;
+
+ default:
+ return PSA_ERROR_DOES_NOT_EXIST;
+ }
+ } else {
+ /* This buffer will be used as an intermediate placeholder for
+ * the opaque key till we unwrap the key into key_buffer */
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t type = psa_get_key_type(attributes);
+
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type) ||
+ PSA_KEY_TYPE_IS_RSA(type) ||
+ PSA_KEY_TYPE_IS_ECC(type)) {
+ status = mbedtls_test_opaque_unwrap_key(key, key_length,
+ data, data_size, data_length);
+ return status;
+ }
+ }
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length)
+{
+ ++mbedtls_test_driver_key_management_hooks.hits;
+ ++mbedtls_test_driver_key_management_hooks.hits_export_public_key;
+
+ if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_key_management_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) {
+ if (mbedtls_test_driver_key_management_hooks.forced_output_length >
+ data_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+ memcpy(data, mbedtls_test_driver_key_management_hooks.forced_output,
+ mbedtls_test_driver_key_management_hooks.forced_output_length);
+ *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
+ return PSA_SUCCESS;
+ }
+
+ psa_key_type_t key_type = psa_get_key_type(attributes);
+
+ if (PSA_KEY_TYPE_IS_ECC(key_type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY))
+ return libtestdriver1_mbedtls_psa_ecp_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ return mbedtls_psa_ecp_export_public_key(
+ attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length);
+#endif
+ } else if (PSA_KEY_TYPE_IS_RSA(key_type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY))
+ return libtestdriver1_mbedtls_psa_rsa_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ return mbedtls_psa_rsa_export_public_key(
+ attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length);
+#endif
+ } else if (PSA_KEY_TYPE_IS_DH(key_type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY))
+ return libtestdriver1_mbedtls_psa_ffdh_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY)
+ return mbedtls_psa_ffdh_export_public_key(
+ attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length);
+#endif
+ }
+
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) key_type;
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_export_public_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ uint8_t *data, size_t data_size, size_t *data_length)
+{
+ if (key_length != sizeof(psa_drv_slot_number_t)) {
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t key_type = psa_get_key_type(attributes);
+ uint8_t *key_buffer_temp;
+
+ key_buffer_temp = mbedtls_calloc(1, key_length);
+ if (key_buffer_temp == NULL) {
+ return PSA_ERROR_INSUFFICIENT_MEMORY;
+ }
+
+ if (PSA_KEY_TYPE_IS_ECC(key_type)) {
+ status = mbedtls_test_opaque_unwrap_key(key, key_length,
+ key_buffer_temp, key_length, data_length);
+ if (status == PSA_SUCCESS) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY))
+ status = libtestdriver1_mbedtls_psa_ecp_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer_temp, *data_length,
+ data, data_size, data_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ status = mbedtls_psa_ecp_export_public_key(
+ attributes,
+ key_buffer_temp, *data_length,
+ data, data_size, data_length);
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+ } else if (PSA_KEY_TYPE_IS_RSA(key_type)) {
+ status = mbedtls_test_opaque_unwrap_key(key, key_length,
+ key_buffer_temp, key_length, data_length);
+ if (status == PSA_SUCCESS) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY))
+ status = libtestdriver1_mbedtls_psa_rsa_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer_temp, *data_length,
+ data, data_size, data_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ status = mbedtls_psa_rsa_export_public_key(
+ attributes,
+ key_buffer_temp, *data_length,
+ data, data_size, data_length);
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+ } else {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ (void) key;
+ (void) key_type;
+ }
+ mbedtls_free(key_buffer_temp);
+ return status;
+ }
+
+ /* Assume this is a builtin key based on the key material length. */
+ psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key);
+ switch (slot_number) {
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+ /* This is the ECDSA slot. Verify the key's attributes before
+ * returning the public key. */
+ if (psa_get_key_type(attributes) !=
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+ if (psa_get_key_bits(attributes) != 256) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+ if (psa_get_key_algorithm(attributes) !=
+ PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
+
+ if (data_size < sizeof(mbedtls_test_driver_ecdsa_pubkey)) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(data, mbedtls_test_driver_ecdsa_pubkey,
+ sizeof(mbedtls_test_driver_ecdsa_pubkey));
+ *data_length = sizeof(mbedtls_test_driver_ecdsa_pubkey);
+ return PSA_SUCCESS;
+
+ default:
+ return PSA_ERROR_DOES_NOT_EXIST;
+ }
+}
+
+/* The opaque test driver exposes two built-in keys when builtin key support is
+ * compiled in.
+ * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
+ * key which allows CTR mode.
+ * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
+ * private key which allows ECDSA sign & verify.
+ * The key buffer format for these is the raw format of psa_drv_slot_number_t
+ * (i.e. for an actual driver this would mean 'builtin_key_size' =
+ * sizeof(psa_drv_slot_number_t)).
+ */
+psa_status_t mbedtls_test_opaque_get_builtin_key(
+ psa_drv_slot_number_t slot_number,
+ psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
+{
+ switch (slot_number) {
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
+ psa_set_key_type(attributes, PSA_KEY_TYPE_AES);
+ psa_set_key_bits(attributes, 128);
+ psa_set_key_usage_flags(
+ attributes,
+ PSA_KEY_USAGE_ENCRYPT |
+ PSA_KEY_USAGE_DECRYPT |
+ PSA_KEY_USAGE_EXPORT);
+ psa_set_key_algorithm(attributes, PSA_ALG_CTR);
+
+ if (key_buffer_size < sizeof(psa_drv_slot_number_t)) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ *((psa_drv_slot_number_t *) key_buffer) =
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
+ *key_buffer_length = sizeof(psa_drv_slot_number_t);
+ return PSA_SUCCESS;
+ case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+ psa_set_key_type(
+ attributes,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
+ psa_set_key_bits(attributes, 256);
+ psa_set_key_usage_flags(
+ attributes,
+ PSA_KEY_USAGE_SIGN_HASH |
+ PSA_KEY_USAGE_VERIFY_HASH |
+ PSA_KEY_USAGE_EXPORT);
+ psa_set_key_algorithm(
+ attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH));
+
+ if (key_buffer_size < sizeof(psa_drv_slot_number_t)) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ *((psa_drv_slot_number_t *) key_buffer) =
+ PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
+ *key_buffer_length = sizeof(psa_drv_slot_number_t);
+ return PSA_SUCCESS;
+ default:
+ return PSA_ERROR_DOES_NOT_EXIST;
+ }
+}
+
+psa_status_t mbedtls_test_opaque_copy_key(
+ psa_key_attributes_t *attributes,
+ const uint8_t *source_key, size_t source_key_length,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
+{
+ /* This is a case where the opaque test driver emulates an SE without storage.
+ * With that all key context is stored in the wrapped buffer.
+ * So no additional house keeping is necessary to reference count the
+ * copied keys. This could change when the opaque test driver is extended
+ * to support SE with storage, or to emulate an SE without storage but
+ * still holding some slot references */
+ if (source_key_length > key_buffer_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(key_buffer, source_key, source_key_length);
+ *key_buffer_length = source_key_length;
+ (void) attributes;
+ return PSA_SUCCESS;
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c
new file mode 100644
index 0000000..9f8120b
--- /dev/null
+++ b/tests/src/drivers/test_driver_mac.c
@@ -0,0 +1,422 @@
+/*
+ * Test driver for MAC entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_mac.h"
+
+#include "test/drivers/mac.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_mac.h"
+#endif
+
+mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks =
+ MBEDTLS_TEST_DRIVER_MAC_INIT;
+
+psa_status_t mbedtls_test_transparent_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_mac_compute(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_compute(
+ attributes, key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length);
+#else
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_sign_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_mac_sign_setup(
+ operation,
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_sign_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg);
+#else
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_verify_setup(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_mac_verify_setup(
+ operation,
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_verify_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg);
+#else
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_update(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_mac_update(
+ operation, input, input_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_update(
+ operation, input, input_length);
+#else
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_sign_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_mac_sign_finish(
+ operation, mac, mac_size, mac_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_sign_finish(
+ operation, mac, mac_size, mac_length);
+#else
+ (void) operation;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_verify_finish(
+ mbedtls_transparent_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_mac_verify_finish(
+ operation, mac, mac_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_verify_finish(
+ operation, mac, mac_length);
+#else
+ (void) operation;
+ (void) mac;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_abort(
+ mbedtls_transparent_test_driver_mac_operation_t *operation)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_mac_abort(operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_abort(operation);
+#else
+ (void) operation;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_sign_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_verify_setup(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_update(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_sign_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+ (void) operation;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_verify_finish(
+ mbedtls_opaque_test_driver_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+ (void) operation;
+ (void) mac;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_abort(
+ mbedtls_opaque_test_driver_mac_operation_t *operation)
+{
+ mbedtls_test_driver_mac_hooks.hits++;
+
+ if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_test_driver_mac_hooks.forced_status;
+ } else {
+ (void) operation;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c
new file mode 100644
index 0000000..a0b6c1c
--- /dev/null
+++ b/tests/src/drivers/test_driver_pake.c
@@ -0,0 +1,202 @@
+/*
+ * Test driver for MAC entry points.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_pake.h"
+
+#include "test/drivers/pake.h"
+#include "string.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_pake.h"
+#endif
+
+mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks =
+ MBEDTLS_TEST_DRIVER_PAKE_INIT;
+
+
+psa_status_t mbedtls_test_transparent_pake_setup(
+ mbedtls_transparent_test_driver_pake_operation_t *operation,
+ const psa_crypto_driver_pake_inputs_t *inputs)
+{
+ mbedtls_test_driver_pake_hooks.hits.total++;
+ mbedtls_test_driver_pake_hooks.hits.setup++;
+
+ if (mbedtls_test_driver_pake_hooks.forced_setup_status != PSA_SUCCESS) {
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_test_driver_pake_hooks.forced_setup_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_pake_setup(
+ operation, (const libtestdriver1_psa_crypto_driver_pake_inputs_t *) inputs);
+#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_psa_pake_setup(
+ operation, inputs);
+#else
+ (void) operation;
+ (void) inputs;
+ mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_pake_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_pake_output(
+ mbedtls_transparent_test_driver_pake_operation_t *operation,
+ psa_crypto_driver_pake_step_t step,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ mbedtls_test_driver_pake_hooks.hits.total++;
+ mbedtls_test_driver_pake_hooks.hits.output++;
+
+ if (mbedtls_test_driver_pake_hooks.forced_output != NULL) {
+ if (output_size < mbedtls_test_driver_pake_hooks.forced_output_length) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(output,
+ mbedtls_test_driver_pake_hooks.forced_output,
+ mbedtls_test_driver_pake_hooks.forced_output_length);
+ *output_length = mbedtls_test_driver_pake_hooks.forced_output_length;
+
+ return mbedtls_test_driver_pake_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_test_driver_pake_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_pake_output(
+ operation, (libtestdriver1_psa_crypto_driver_pake_step_t) step,
+ output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_psa_pake_output(
+ operation, step, output, output_size, output_length);
+#else
+ (void) operation;
+ (void) step;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_pake_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_pake_input(
+ mbedtls_transparent_test_driver_pake_operation_t *operation,
+ psa_crypto_driver_pake_step_t step,
+ const uint8_t *input,
+ size_t input_length)
+{
+ mbedtls_test_driver_pake_hooks.hits.total++;
+ mbedtls_test_driver_pake_hooks.hits.input++;
+
+ if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_test_driver_pake_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_pake_input(
+ operation, (libtestdriver1_psa_crypto_driver_pake_step_t) step,
+ input, input_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_psa_pake_input(
+ operation, step, input, input_length);
+#else
+ (void) operation;
+ (void) step;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_pake_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_pake_get_implicit_key(
+ mbedtls_transparent_test_driver_pake_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ mbedtls_test_driver_pake_hooks.hits.total++;
+ mbedtls_test_driver_pake_hooks.hits.implicit_key++;
+
+ if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_test_driver_pake_hooks.forced_status;
+ } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_pake_get_implicit_key(
+ operation, output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_psa_pake_get_implicit_key(
+ operation, output, output_size, output_length);
+#else
+ (void) operation;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
+
+ return mbedtls_test_driver_pake_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_pake_abort(
+ mbedtls_transparent_test_driver_pake_operation_t *operation)
+{
+ mbedtls_test_driver_pake_hooks.hits.total++;
+ mbedtls_test_driver_pake_hooks.hits.abort++;
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_pake_abort(
+ operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_psa_pake_abort(
+ operation);
+#else
+ (void) operation;
+ mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+
+
+ if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS &&
+ mbedtls_test_driver_pake_hooks.driver_status == PSA_SUCCESS) {
+ mbedtls_test_driver_pake_hooks.driver_status =
+ mbedtls_test_driver_pake_hooks.forced_status;
+ }
+
+
+ return mbedtls_test_driver_pake_hooks.driver_status;
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c
new file mode 100644
index 0000000..4fca5d1
--- /dev/null
+++ b/tests/src/drivers/test_driver_signature.c
@@ -0,0 +1,404 @@
+/*
+ * Test driver for signature functions.
+ * Currently supports signing and verifying precalculated hashes, using
+ * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_hash.h"
+#include "psa_crypto_rsa.h"
+#include "mbedtls/ecp.h"
+
+#include "test/drivers/hash.h"
+#include "test/drivers/signature.h"
+#include "test/drivers/hash.h"
+
+#include "mbedtls/ecdsa.h"
+
+#include "test/random.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_ecp.h"
+#include "libtestdriver1/library/psa_crypto_hash.h"
+#include "libtestdriver1/library/psa_crypto_rsa.h"
+#endif
+
+#include <string.h>
+
+mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
+mbedtls_test_driver_signature_hooks_t
+ mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
+
+psa_status_t sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length)
+{
+ if (attributes->type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+ if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
+ PSA_ALG_IS_RSA_PSS(alg)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS))
+ return libtestdriver1_mbedtls_psa_rsa_sign_hash(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+ return mbedtls_psa_rsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length);
+#endif
+ } else {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+ } else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) {
+ if (PSA_ALG_IS_ECDSA(alg)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA))
+ return libtestdriver1_mbedtls_psa_ecdsa_sign_hash(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+ return mbedtls_psa_ecdsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length);
+#endif
+ } else {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+ }
+
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) hash;
+ (void) hash_length;
+ (void) signature;
+ (void) signature_size;
+ (void) signature_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length)
+{
+ if (PSA_KEY_TYPE_IS_RSA(attributes->type)) {
+ if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
+ PSA_ALG_IS_RSA_PSS(alg)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS))
+ return libtestdriver1_mbedtls_psa_rsa_verify_hash(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+ return mbedtls_psa_rsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length);
+#endif
+ } else {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+ } else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) {
+ if (PSA_ALG_IS_ECDSA(alg)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA))
+ return libtestdriver1_mbedtls_psa_ecdsa_verify_hash(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+ return mbedtls_psa_ecdsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length);
+#endif
+ } else {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+ }
+
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) hash;
+ (void) hash_length;
+ (void) signature;
+ (void) signature_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_signature_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t hash_length;
+ uint8_t hash[PSA_HASH_MAX_SIZE];
+
+ ++mbedtls_test_driver_signature_sign_hooks.hits;
+
+ if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_signature_sign_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
+ if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
+ memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
+ mbedtls_test_driver_signature_sign_hooks.forced_output_length);
+ *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
+
+ return PSA_SUCCESS;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ status = libtestdriver1_mbedtls_psa_hash_compute(
+ PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
+ hash, sizeof(hash), &hash_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ status = mbedtls_psa_hash_compute(
+ PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
+ hash, sizeof(hash), &hash_length);
+#else
+ (void) input;
+ (void) input_length;
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+
+ return sign_hash(attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length);
+}
+
+psa_status_t mbedtls_test_opaque_signature_sign_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) signature;
+ (void) signature_size;
+ (void) signature_length;
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_signature_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t hash_length;
+ uint8_t hash[PSA_HASH_MAX_SIZE];
+
+ ++mbedtls_test_driver_signature_verify_hooks.hits;
+
+ if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_signature_verify_hooks.forced_status;
+ }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ status = libtestdriver1_mbedtls_psa_hash_compute(
+ PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
+ hash, sizeof(hash), &hash_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ status = mbedtls_psa_hash_compute(
+ PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
+ hash, sizeof(hash), &hash_length);
+#else
+ (void) input;
+ (void) input_length;
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+
+ return verify_hash(attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length);
+}
+
+psa_status_t mbedtls_test_opaque_signature_verify_message(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) signature;
+ (void) signature_length;
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_signature_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+ ++mbedtls_test_driver_signature_sign_hooks.hits;
+
+ if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_signature_sign_hooks.forced_status;
+ }
+
+ if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
+ if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+ memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
+ mbedtls_test_driver_signature_sign_hooks.forced_output_length);
+ *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
+ return PSA_SUCCESS;
+ }
+
+ return sign_hash(attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length);
+}
+
+psa_status_t mbedtls_test_opaque_signature_sign_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) hash;
+ (void) hash_length;
+ (void) signature;
+ (void) signature_size;
+ (void) signature_length;
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_signature_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length)
+{
+ ++mbedtls_test_driver_signature_verify_hooks.hits;
+
+ if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) {
+ return mbedtls_test_driver_signature_verify_hooks.forced_status;
+ }
+
+ return verify_hash(attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length);
+}
+
+psa_status_t mbedtls_test_opaque_signature_verify_hash(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key, size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length)
+{
+ (void) attributes;
+ (void) key;
+ (void) key_length;
+ (void) alg;
+ (void) hash;
+ (void) hash_length;
+ (void) signature;
+ (void) signature_length;
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/fake_external_rng_for_test.c b/tests/src/fake_external_rng_for_test.c
new file mode 100644
index 0000000..c0bfde5
--- /dev/null
+++ b/tests/src/fake_external_rng_for_test.c
@@ -0,0 +1,45 @@
+/** \file fake_external_rng_for_test.c
+ *
+ * \brief Helper functions to test PSA crypto functionality.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/fake_external_rng_for_test.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#include <test/random.h>
+#include <psa/crypto.h>
+
+static int test_insecure_external_rng_enabled = 0;
+
+void mbedtls_test_enable_insecure_external_rng(void)
+{
+ test_insecure_external_rng_enabled = 1;
+}
+
+void mbedtls_test_disable_insecure_external_rng(void)
+{
+ test_insecure_external_rng_enabled = 0;
+}
+
+psa_status_t mbedtls_psa_external_get_random(
+ mbedtls_psa_external_random_context_t *context,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ (void) context;
+
+ if (!test_insecure_external_rng_enabled) {
+ return PSA_ERROR_INSUFFICIENT_ENTROPY;
+ }
+
+ /* This implementation is for test purposes only!
+ * Use the libc non-cryptographic random generator. */
+ mbedtls_test_rnd_std_rand(NULL, output, output_size);
+ *output_length = output_size;
+ return PSA_SUCCESS;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
diff --git a/tests/src/helpers.c b/tests/src/helpers.c
new file mode 100644
index 0000000..065d17d
--- /dev/null
+++ b/tests/src/helpers.c
@@ -0,0 +1,708 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/constant_flow.h>
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <string.h>
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+#include <psa/crypto.h>
+#include <test/psa_crypto_helpers.h>
+#endif
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C)
+#include <test/psa_memory_poisoning_wrappers.h>
+#endif
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+/*----------------------------------------------------------------------------*/
+/* Static global variables */
+
+#if defined(MBEDTLS_PLATFORM_C)
+static mbedtls_platform_context platform_ctx;
+#endif
+
+static mbedtls_test_info_t mbedtls_test_info;
+
+#ifdef MBEDTLS_THREADING_C
+mbedtls_threading_mutex_t mbedtls_test_info_mutex;
+#endif /* MBEDTLS_THREADING_C */
+
+/*----------------------------------------------------------------------------*/
+/* Mbedtls Test Info accessors
+ *
+ * NOTE - there are two types of accessors here: public accessors and internal
+ * accessors. The public accessors have prototypes in helpers.h and lock
+ * mbedtls_test_info_mutex (if mutexes are enabled). The _internal accessors,
+ * which are expected to be used from this module *only*, do not lock the mutex.
+ * These are designed to be called from within public functions which already
+ * hold the mutex. The main reason for this difference is the need to set
+ * multiple test data values atomically (without releasing the mutex) to prevent
+ * race conditions. */
+
+mbedtls_test_result_t mbedtls_test_get_result(void)
+{
+ mbedtls_test_result_t result;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ result = mbedtls_test_info.result;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return result;
+}
+
+static void mbedtls_test_set_result_internal(mbedtls_test_result_t result, const char *test,
+ int line_no, const char *filename)
+{
+ /* Internal function only - mbedtls_test_info_mutex should be held prior
+ * to calling this function. */
+
+ mbedtls_test_info.result = result;
+ mbedtls_test_info.test = test;
+ mbedtls_test_info.line_no = line_no;
+ mbedtls_test_info.filename = filename;
+}
+
+const char *mbedtls_test_get_test(void)
+{
+ const char *test;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ test = mbedtls_test_info.test;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return test;
+}
+const char *mbedtls_get_test_filename(void)
+{
+ const char *filename;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ /* It should be ok just to pass back the pointer here, as it is going to
+ * be a pointer into non changing data. */
+ filename = mbedtls_test_info.filename;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return filename;
+}
+
+int mbedtls_test_get_line_no(void)
+{
+ int line_no;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ line_no = mbedtls_test_info.line_no;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return line_no;
+}
+
+void mbedtls_test_increment_step(void)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ ++mbedtls_test_info.step;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+
+unsigned long mbedtls_test_get_step(void)
+{
+ unsigned long step;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ step = mbedtls_test_info.step;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return step;
+}
+
+static void mbedtls_test_reset_step_internal(void)
+{
+ /* Internal function only - mbedtls_test_info_mutex should be held prior
+ * to calling this function. */
+
+ mbedtls_test_info.step = (unsigned long) (-1);
+}
+
+void mbedtls_test_set_step(unsigned long step)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ mbedtls_test_info.step = step;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+
+void mbedtls_test_get_line1(char *line)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ memcpy(line, mbedtls_test_info.line1, MBEDTLS_TEST_LINE_LENGTH);
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+
+static void mbedtls_test_set_line1_internal(const char *line)
+{
+ /* Internal function only - mbedtls_test_info_mutex should be held prior
+ * to calling this function. */
+
+ if (line == NULL) {
+ memset(mbedtls_test_info.line1, 0, MBEDTLS_TEST_LINE_LENGTH);
+ } else {
+ memcpy(mbedtls_test_info.line1, line, MBEDTLS_TEST_LINE_LENGTH);
+ }
+}
+
+void mbedtls_test_get_line2(char *line)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ memcpy(line, mbedtls_test_info.line2, MBEDTLS_TEST_LINE_LENGTH);
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+
+static void mbedtls_test_set_line2_internal(const char *line)
+{
+ /* Internal function only - mbedtls_test_info_mutex should be held prior
+ * to calling this function. */
+
+ if (line == NULL) {
+ memset(mbedtls_test_info.line2, 0, MBEDTLS_TEST_LINE_LENGTH);
+ } else {
+ memcpy(mbedtls_test_info.line2, line, MBEDTLS_TEST_LINE_LENGTH);
+ }
+}
+
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+const char *mbedtls_test_get_mutex_usage_error(void)
+{
+ const char *usage_error;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ usage_error = mbedtls_test_info.mutex_usage_error;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return usage_error;
+}
+
+void mbedtls_test_set_mutex_usage_error(const char *msg)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ if (mbedtls_test_info.mutex_usage_error == NULL || msg == NULL) {
+ mbedtls_test_info.mutex_usage_error = msg;
+ }
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+#endif // #if defined(MBEDTLS_TEST_MUTEX_USAGE)
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+unsigned mbedtls_test_get_case_uses_negative_0(void)
+{
+ unsigned test_case_uses_negative_0 = 0;
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+ test_case_uses_negative_0 = mbedtls_test_info.case_uses_negative_0;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return test_case_uses_negative_0;
+}
+
+static void mbedtls_test_set_case_uses_negative_0_internal(unsigned uses)
+{
+ /* Internal function only - mbedtls_test_info_mutex should be held prior
+ * to calling this function. */
+
+ mbedtls_test_info.case_uses_negative_0 = uses;
+}
+
+void mbedtls_test_increment_case_uses_negative_0(void)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ ++mbedtls_test_info.case_uses_negative_0;
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+#ifdef MBEDTLS_TEST_MUTEX_USAGE
+mbedtls_threading_mutex_t *mbedtls_test_get_info_mutex(void)
+{
+ return &mbedtls_test_info_mutex;
+}
+
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
+
+/*----------------------------------------------------------------------------*/
+/* Helper Functions */
+
+int mbedtls_test_platform_setup(void)
+{
+ int ret = 0;
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) \
+ && !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) \
+ && defined(MBEDTLS_TEST_MEMORY_CAN_POISON)
+ mbedtls_poison_test_hooks_setup();
+#endif
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+ /* Make sure that injected entropy is present. Otherwise
+ * psa_crypto_init() will fail. This is not necessary for test suites
+ * that don't use PSA, but it's harmless (except for leaving a file
+ * behind). */
+ ret = mbedtls_test_inject_entropy_restore();
+ if (ret != 0) {
+ return ret;
+ }
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+ ret = mbedtls_platform_setup(&platform_ctx);
+#endif /* MBEDTLS_PLATFORM_C */
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_init(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return ret;
+}
+
+void mbedtls_test_platform_teardown(void)
+{
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) \
+ && !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) \
+ && defined(MBEDTLS_TEST_MEMORY_CAN_POISON)
+ mbedtls_poison_test_hooks_teardown();
+#endif
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_free(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+#if defined(MBEDTLS_PLATFORM_C)
+ mbedtls_platform_teardown(&platform_ctx);
+#endif /* MBEDTLS_PLATFORM_C */
+}
+
+int mbedtls_test_ascii2uc(const char c, unsigned char *uc)
+{
+ if ((c >= '0') && (c <= '9')) {
+ *uc = c - '0';
+ } else if ((c >= 'a') && (c <= 'f')) {
+ *uc = c - 'a' + 10;
+ } else if ((c >= 'A') && (c <= 'F')) {
+ *uc = c - 'A' + 10;
+ } else {
+ return -1;
+ }
+
+ return 0;
+}
+
+static void mbedtls_test_fail_internal(const char *test, int line_no, const char *filename)
+{
+ /* Internal function only - mbedtls_test_info_mutex should be held prior
+ * to calling this function. */
+
+ /* Don't use accessor, we already hold mutex. */
+ if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) {
+ /* If we have already recorded the test as having failed then don't
+ * overwrite any previous information about the failure. */
+ mbedtls_test_set_result_internal(MBEDTLS_TEST_RESULT_FAILED, test, line_no, filename);
+ }
+}
+
+void mbedtls_test_fail(const char *test, int line_no, const char *filename)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ mbedtls_test_fail_internal(test, line_no, filename);
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+
+void mbedtls_test_skip(const char *test, int line_no, const char *filename)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ mbedtls_test_set_result_internal(MBEDTLS_TEST_RESULT_SKIPPED, test, line_no, filename);
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+
+void mbedtls_test_info_reset(void)
+{
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ mbedtls_test_set_result_internal(MBEDTLS_TEST_RESULT_SUCCESS, 0, 0, 0);
+ mbedtls_test_reset_step_internal();
+ mbedtls_test_set_line1_internal(NULL);
+ mbedtls_test_set_line2_internal(NULL);
+
+#if defined(MBEDTLS_BIGNUM_C)
+ mbedtls_test_set_case_uses_negative_0_internal(0);
+#endif
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+}
+
+int mbedtls_test_equal(const char *test, int line_no, const char *filename,
+ unsigned long long value1, unsigned long long value2)
+{
+ TEST_CF_PUBLIC(&value1, sizeof(value1));
+ TEST_CF_PUBLIC(&value2, sizeof(value2));
+
+ if (value1 == value2) {
+ return 1;
+ }
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ /* Don't use accessor, as we already hold mutex. */
+ if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) {
+ /* If we've already recorded the test as having failed then don't
+ * overwrite any previous information about the failure. */
+
+ char buf[MBEDTLS_TEST_LINE_LENGTH];
+ mbedtls_test_fail_internal(test, line_no, filename);
+ (void) mbedtls_snprintf(buf, sizeof(buf),
+ "lhs = 0x%016llx = %lld",
+ value1, (long long) value1);
+ mbedtls_test_set_line1_internal(buf);
+ (void) mbedtls_snprintf(buf, sizeof(buf),
+ "rhs = 0x%016llx = %lld",
+ value2, (long long) value2);
+ mbedtls_test_set_line2_internal(buf);
+ }
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return 0;
+}
+
+int mbedtls_test_le_u(const char *test, int line_no, const char *filename,
+ unsigned long long value1, unsigned long long value2)
+{
+ TEST_CF_PUBLIC(&value1, sizeof(value1));
+ TEST_CF_PUBLIC(&value2, sizeof(value2));
+
+ if (value1 <= value2) {
+ return 1;
+ }
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ /* Don't use accessor, we already hold mutex. */
+ if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) {
+ /* If we've already recorded the test as having failed then don't
+ * overwrite any previous information about the failure. */
+
+ char buf[MBEDTLS_TEST_LINE_LENGTH];
+ mbedtls_test_fail_internal(test, line_no, filename);
+ (void) mbedtls_snprintf(buf, sizeof(buf),
+ "lhs = 0x%016llx = %llu",
+ value1, value1);
+ mbedtls_test_set_line1_internal(buf);
+ (void) mbedtls_snprintf(buf, sizeof(buf),
+ "rhs = 0x%016llx = %llu",
+ value2, value2);
+ mbedtls_test_set_line2_internal(buf);
+ }
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return 0;
+}
+
+int mbedtls_test_le_s(const char *test, int line_no, const char *filename,
+ long long value1, long long value2)
+{
+ TEST_CF_PUBLIC(&value1, sizeof(value1));
+ TEST_CF_PUBLIC(&value2, sizeof(value2));
+
+ if (value1 <= value2) {
+ return 1;
+ }
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_lock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ /* Don't use accessor, we already hold mutex. */
+ if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) {
+ /* If we've already recorded the test as having failed then don't
+ * overwrite any previous information about the failure. */
+
+ char buf[MBEDTLS_TEST_LINE_LENGTH];
+ mbedtls_test_fail_internal(test, line_no, filename);
+ (void) mbedtls_snprintf(buf, sizeof(buf),
+ "lhs = 0x%016llx = %lld",
+ (unsigned long long) value1, value1);
+ mbedtls_test_set_line1_internal(buf);
+ (void) mbedtls_snprintf(buf, sizeof(buf),
+ "rhs = 0x%016llx = %lld",
+ (unsigned long long) value2, value2);
+ mbedtls_test_set_line2_internal(buf);
+ }
+
+#ifdef MBEDTLS_THREADING_C
+ mbedtls_mutex_unlock(&mbedtls_test_info_mutex);
+#endif /* MBEDTLS_THREADING_C */
+
+ return 0;
+}
+
+int mbedtls_test_unhexify(unsigned char *obuf,
+ size_t obufmax,
+ const char *ibuf,
+ size_t *len)
+{
+ unsigned char uc, uc2;
+
+ *len = strlen(ibuf);
+
+ /* Must be even number of bytes. */
+ if ((*len) & 1) {
+ return -1;
+ }
+ *len /= 2;
+
+ if ((*len) > obufmax) {
+ return -1;
+ }
+
+ while (*ibuf != 0) {
+ if (mbedtls_test_ascii2uc(*(ibuf++), &uc) != 0) {
+ return -1;
+ }
+
+ if (mbedtls_test_ascii2uc(*(ibuf++), &uc2) != 0) {
+ return -1;
+ }
+
+ *(obuf++) = (uc << 4) | uc2;
+ }
+
+ return 0;
+}
+
+void mbedtls_test_hexify(unsigned char *obuf,
+ const unsigned char *ibuf,
+ int len)
+{
+ unsigned char l, h;
+
+ while (len != 0) {
+ h = *ibuf / 16;
+ l = *ibuf % 16;
+
+ if (h < 10) {
+ *obuf++ = '0' + h;
+ } else {
+ *obuf++ = 'a' + h - 10;
+ }
+
+ if (l < 10) {
+ *obuf++ = '0' + l;
+ } else {
+ *obuf++ = 'a' + l - 10;
+ }
+
+ ++ibuf;
+ len--;
+ }
+}
+
+unsigned char *mbedtls_test_zero_alloc(size_t len)
+{
+ void *p;
+ size_t actual_len = (len != 0) ? len : 1;
+
+ p = mbedtls_calloc(1, actual_len);
+ TEST_HELPER_ASSERT(p != NULL);
+
+ memset(p, 0x00, actual_len);
+
+ return p;
+}
+
+unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen)
+{
+ unsigned char *obuf;
+ size_t len;
+
+ *olen = strlen(ibuf) / 2;
+
+ if (*olen == 0) {
+ return mbedtls_test_zero_alloc(*olen);
+ }
+
+ obuf = mbedtls_calloc(1, *olen);
+ TEST_HELPER_ASSERT(obuf != NULL);
+ TEST_HELPER_ASSERT(mbedtls_test_unhexify(obuf, *olen, ibuf, &len) == 0);
+
+ return obuf;
+}
+
+int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b,
+ uint32_t a_len, uint32_t b_len)
+{
+ int ret = 0;
+ uint32_t i = 0;
+
+ if (a_len != b_len) {
+ return -1;
+ }
+
+ for (i = 0; i < a_len; i++) {
+ if (a[i] != b[i]) {
+ ret = -1;
+ break;
+ }
+ }
+ return ret;
+}
+
+#if defined(MBEDTLS_TEST_HOOKS)
+void mbedtls_test_err_add_check(int high, int low,
+ const char *file, int line)
+{
+ /* Error codes are always negative (a value of zero is a success) however
+ * their positive opposites can be easier to understand. The following
+ * examples given in comments have been made positive for ease of
+ * understanding. The structure of an error code is such:
+ *
+ * shhhhhhhhlllllll
+ *
+ * s = sign bit.
+ * h = high level error code (includes high level module ID (bits 12..14)
+ * and module-dependent error code (bits 7..11)).
+ * l = low level error code.
+ */
+ if (high > -0x1000 && high != 0) {
+ /* high < 0001000000000000
+ * No high level module ID bits are set.
+ */
+ mbedtls_test_fail("'high' is not a high-level error code",
+ line, file);
+ } else if (high < -0x7F80) {
+ /* high > 0111111110000000
+ * Error code is greater than the largest allowed high level module ID.
+ */
+ mbedtls_test_fail("'high' error code is greater than 15 bits",
+ line, file);
+ } else if ((high & 0x7F) != 0) {
+ /* high & 0000000001111111
+ * Error code contains low level error code bits.
+ */
+ mbedtls_test_fail("'high' contains a low-level error code",
+ line, file);
+ } else if (low < -0x007F) {
+ /* low > 0000000001111111
+ * Error code contains high or module level error code bits.
+ */
+ mbedtls_test_fail("'low' error code is greater than 7 bits",
+ line, file);
+ } else if (low > 0) {
+ mbedtls_test_fail("'low' error code is greater than zero",
+ line, file);
+ }
+}
+#endif /* MBEDTLS_TEST_HOOKS */
diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c
new file mode 100644
index 0000000..e1ea2b5
--- /dev/null
+++ b/tests/src/psa_crypto_helpers.c
@@ -0,0 +1,207 @@
+/** \file psa_crypto_helpers.c
+ *
+ * \brief Helper functions to test PSA crypto functionality.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <psa_crypto_slot_management.h>
+#include <test/psa_crypto_helpers.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+
+#include <psa_crypto_storage.h>
+
+static mbedtls_svc_key_id_t key_ids_used_in_test[9];
+static size_t num_key_ids_used;
+
+int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id)
+{
+ size_t i;
+ if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id) >
+ PSA_MAX_PERSISTENT_KEY_IDENTIFIER) {
+ /* Don't touch key id values that designate non-key files. */
+ return 1;
+ }
+ for (i = 0; i < num_key_ids_used; i++) {
+ if (mbedtls_svc_key_id_equal(key_id, key_ids_used_in_test[i])) {
+ return 1;
+ }
+ }
+ if (num_key_ids_used == ARRAY_LENGTH(key_ids_used_in_test)) {
+ return 0;
+ }
+ key_ids_used_in_test[num_key_ids_used] = key_id;
+ ++num_key_ids_used;
+ return 1;
+}
+
+void mbedtls_test_psa_purge_key_storage(void)
+{
+ size_t i;
+ for (i = 0; i < num_key_ids_used; i++) {
+ psa_destroy_persistent_key(key_ids_used_in_test[i]);
+ }
+ num_key_ids_used = 0;
+}
+
+void mbedtls_test_psa_purge_key_cache(void)
+{
+ size_t i;
+ for (i = 0; i < num_key_ids_used; i++) {
+ psa_purge_key(key_ids_used_in_test[i]);
+ }
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+const char *mbedtls_test_helper_is_psa_leaking(void)
+{
+ mbedtls_psa_stats_t stats;
+
+ mbedtls_psa_get_stats(&stats);
+
+#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) && \
+ !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ /* When AES_C is not defined and PSA does not have an external RNG,
+ * then CTR_DRBG uses PSA to perform AES-ECB. In this scenario 1 key
+ * slot is used internally from PSA to hold the AES key and it should
+ * not be taken into account when evaluating remaining open slots. */
+ if (stats.volatile_slots > 1) {
+ return "A volatile slot has not been closed properly.";
+ }
+#else
+ if (stats.volatile_slots != 0) {
+ return "A volatile slot has not been closed properly.";
+ }
+#endif
+ if (stats.persistent_slots != 0) {
+ return "A persistent slot has not been closed properly.";
+ }
+ if (stats.external_slots != 0) {
+ return "An external slot has not been closed properly.";
+ }
+ if (stats.half_filled_slots != 0) {
+ return "A half-filled slot has not been cleared properly.";
+ }
+ if (stats.locked_slots != 0) {
+ return "Some slots are still marked as locked.";
+ }
+
+ return NULL;
+}
+
+#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
+/** Name of the file where return statuses are logged by #RECORD_STATUS. */
+#define STATUS_LOG_FILE_NAME "statuses.log"
+
+psa_status_t mbedtls_test_record_status(psa_status_t status,
+ const char *func,
+ const char *file, int line,
+ const char *expr)
+{
+ /* We open the log file on first use.
+ * We never close the log file, so the record_status feature is not
+ * compatible with resource leak detectors such as Asan.
+ */
+ static FILE *log;
+ if (log == NULL) {
+ log = fopen(STATUS_LOG_FILE_NAME, "a");
+ }
+ fprintf(log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr);
+ return status;
+}
+#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+
+psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
+{
+ psa_key_usage_t updated_usage = usage_flags;
+
+ if (usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
+ updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE;
+ }
+
+ if (usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
+ updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+ }
+
+ return updated_usage;
+}
+
+int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename)
+{
+ const char *msg = mbedtls_test_helper_is_psa_leaking();
+ if (msg == NULL) {
+ return 0;
+ } else {
+ mbedtls_test_fail(msg, line_no, filename);
+ return 1;
+ }
+}
+
+uint64_t mbedtls_test_parse_binary_string(data_t *bin_string)
+{
+ uint64_t result = 0;
+ TEST_LE_U(bin_string->len, 8);
+ for (size_t i = 0; i < bin_string->len; i++) {
+ result = result << 8 | bin_string->x[i];
+ }
+exit:
+ return result; /* returns 0 if len > 8 */
+}
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+
+#include <mbedtls/entropy.h>
+#include <psa_crypto_its.h>
+
+int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len)
+{
+ size_t actual_len = 0;
+ psa_status_t status = psa_its_get(PSA_CRYPTO_ITS_RANDOM_SEED_UID,
+ 0, len, buf, &actual_len);
+ if (status != 0) {
+ return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+ }
+ if (actual_len != len) {
+ return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+ }
+ return 0;
+}
+
+int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len)
+{
+ psa_status_t status = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID,
+ len, buf, 0);
+ if (status != 0) {
+ return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+ }
+ return 0;
+}
+
+int mbedtls_test_inject_entropy_restore(void)
+{
+ unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+ for (size_t i = 0; i < sizeof(buf); i++) {
+ buf[i] = (unsigned char) i;
+ }
+ psa_status_t status = mbedtls_psa_inject_entropy(buf, sizeof(buf));
+ /* It's ok if the file was just created, or if it already exists. */
+ if (status != PSA_SUCCESS && status != PSA_ERROR_NOT_PERMITTED) {
+ return status;
+ }
+ return PSA_SUCCESS;
+}
+
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/tests/src/psa_crypto_stubs.c b/tests/src/psa_crypto_stubs.c
new file mode 100644
index 0000000..81d7f4b
--- /dev/null
+++ b/tests/src/psa_crypto_stubs.c
@@ -0,0 +1,75 @@
+/** \file psa_crypto_stubs.c
+ *
+ * \brief Stub functions when MBEDTLS_PSA_CRYPTO_CLIENT is enabled but
+ * MBEDTLS_PSA_CRYPTO_C is disabled.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <psa/crypto.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
+
+psa_status_t psa_generate_random(uint8_t *output,
+ size_t output_size)
+{
+ (void) output;
+ (void) output_size;
+
+ return PSA_ERROR_COMMUNICATION_FAILURE;
+}
+
+psa_status_t psa_export_key(mbedtls_svc_key_id_t key,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length)
+{
+ (void) key;
+ (void) data;
+ (void) data_size;
+ (void) data_length;
+ return PSA_ERROR_COMMUNICATION_FAILURE;
+}
+
+psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length)
+{
+ (void) key;
+ (void) data;
+ (void) data_size;
+ (void) data_length;
+ return PSA_ERROR_COMMUNICATION_FAILURE;
+}
+
+psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key,
+ psa_key_attributes_t *attributes)
+{
+ (void) key;
+ (void) attributes;
+ return PSA_ERROR_COMMUNICATION_FAILURE;
+}
+
+psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
+{
+ (void) operation;
+ return PSA_ERROR_COMMUNICATION_FAILURE;
+}
+
+psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ mbedtls_svc_key_id_t *key)
+{
+ (void) attributes;
+ (void) data;
+ (void) data_length;
+ (void) key;
+ return PSA_ERROR_COMMUNICATION_FAILURE;
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */
diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c
new file mode 100644
index 0000000..937bd45
--- /dev/null
+++ b/tests/src/psa_exercise_key.c
@@ -0,0 +1,1335 @@
+/** Code to exercise a PSA key object, i.e. validate that it seems well-formed
+ * and can do what it is supposed to do.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <test/psa_exercise_key.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <mbedtls/asn1.h>
+#include <psa/crypto.h>
+
+#include <test/asn1_helpers.h>
+#include <psa_crypto_slot_management.h>
+#include <test/psa_crypto_helpers.h>
+
+#if defined(MBEDTLS_PK_C)
+#include <pk_internal.h>
+#endif
+#if defined(MBEDTLS_ECP_C)
+#include <mbedtls/ecp.h>
+#endif
+#if defined(MBEDTLS_RSA_C)
+#include <rsa_internal.h>
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+static int lifetime_is_dynamic_secure_element(psa_key_lifetime_t lifetime)
+{
+ return PSA_KEY_LIFETIME_GET_LOCATION(lifetime) !=
+ PSA_KEY_LOCATION_LOCAL_STORAGE;
+}
+#endif
+
+static int check_key_attributes_sanity(mbedtls_svc_key_id_t key,
+ int key_destroyable)
+{
+ int ok = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_lifetime_t lifetime;
+ mbedtls_svc_key_id_t id;
+ psa_key_type_t type;
+ size_t bits;
+ psa_status_t status = psa_get_key_attributes(key, &attributes);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ psa_reset_key_attributes(&attributes);
+ return 1;
+ }
+ PSA_ASSERT(status);
+ lifetime = psa_get_key_lifetime(&attributes);
+ id = psa_get_key_id(&attributes);
+ type = psa_get_key_type(&attributes);
+ bits = psa_get_key_bits(&attributes);
+
+ /* Persistence */
+ if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+ TEST_ASSERT(
+ (PSA_KEY_ID_VOLATILE_MIN <=
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) &&
+ (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <=
+ PSA_KEY_ID_VOLATILE_MAX));
+ } else {
+ TEST_ASSERT(
+ (PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) &&
+ (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <= PSA_KEY_ID_USER_MAX));
+ }
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ /* MBEDTLS_PSA_CRYPTO_SE_C does not support thread safety. */
+ if (key_destroyable == 0) {
+ /* randomly-generated 64-bit constant, should never appear in test data */
+ psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21;
+ status = psa_get_key_slot_number(&attributes, &slot_number);
+ if (lifetime_is_dynamic_secure_element(lifetime)) {
+ /* Mbed TLS currently always exposes the slot number to
+ * applications. This is not mandated by the PSA specification
+ * and may change in future versions. */
+ TEST_EQUAL(status, 0);
+ TEST_ASSERT(slot_number != 0xec94d4a5058a1a21);
+ } else {
+ TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT);
+ }
+ }
+#endif
+
+ /* Type and size */
+ TEST_ASSERT(type != 0);
+ TEST_ASSERT(bits != 0);
+ TEST_ASSERT(bits <= PSA_MAX_KEY_BITS);
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) {
+ TEST_ASSERT(bits % 8 == 0);
+ }
+
+ /* MAX macros concerning specific key types */
+ if (PSA_KEY_TYPE_IS_ECC(type)) {
+ TEST_ASSERT(bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS);
+ } else if (PSA_KEY_TYPE_IS_RSA(type)) {
+ TEST_ASSERT(bits <= PSA_VENDOR_RSA_MAX_KEY_BITS);
+ }
+ TEST_ASSERT(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE);
+
+ ok = 1;
+
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes(&attributes);
+
+ return ok;
+}
+
+static int exercise_mac_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ const unsigned char input[] = "foo";
+ unsigned char mac[PSA_MAC_MAX_SIZE] = { 0 };
+ size_t mac_length = sizeof(mac);
+ psa_status_t status = PSA_SUCCESS;
+ /* Convert wildcard algorithm to exercisable algorithm */
+ if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) {
+ alg = PSA_ALG_TRUNCATED_MAC(alg, PSA_MAC_TRUNCATED_LENGTH(alg));
+ }
+
+ if (usage & PSA_KEY_USAGE_SIGN_HASH) {
+ status = psa_mac_sign_setup(&operation, key, alg);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ PSA_ASSERT(psa_mac_abort(&operation));
+ return 1;
+ }
+ PSA_ASSERT(status);
+ PSA_ASSERT(psa_mac_update(&operation,
+ input, sizeof(input)));
+ PSA_ASSERT(psa_mac_sign_finish(&operation,
+ mac, sizeof(mac),
+ &mac_length));
+ }
+
+ if (usage & PSA_KEY_USAGE_VERIFY_HASH) {
+ psa_status_t verify_status =
+ (usage & PSA_KEY_USAGE_SIGN_HASH ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE);
+ status = psa_mac_verify_setup(&operation, key, alg);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ PSA_ASSERT(psa_mac_abort(&operation));
+ return 1;
+ }
+ PSA_ASSERT(status);
+ PSA_ASSERT(psa_mac_update(&operation,
+ input, sizeof(input)));
+ TEST_EQUAL(psa_mac_verify_finish(&operation, mac, mac_length),
+ verify_status);
+ }
+
+ return 1;
+
+exit:
+ psa_mac_abort(&operation);
+ return 0;
+}
+
+static int exercise_cipher_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ unsigned char iv[PSA_CIPHER_IV_MAX_SIZE] = { 0 };
+ size_t iv_length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_type_t key_type;
+ const unsigned char plaintext[16] = "Hello, world...";
+ unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof(ciphertext);
+ unsigned char decrypted[sizeof(ciphertext)];
+ size_t part_length;
+ psa_status_t status = PSA_SUCCESS;
+
+ PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+ key_type = psa_get_key_type(&attributes);
+ iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg);
+
+ if (usage & PSA_KEY_USAGE_ENCRYPT) {
+ status = psa_cipher_encrypt_setup(&operation, key, alg);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ PSA_ASSERT(psa_cipher_abort(&operation));
+ return 1;
+ }
+ PSA_ASSERT(status);
+ if (iv_length != 0) {
+ PSA_ASSERT(psa_cipher_generate_iv(&operation,
+ iv, sizeof(iv),
+ &iv_length));
+ }
+ PSA_ASSERT(psa_cipher_update(&operation,
+ plaintext, sizeof(plaintext),
+ ciphertext, sizeof(ciphertext),
+ &ciphertext_length));
+ PSA_ASSERT(psa_cipher_finish(&operation,
+ ciphertext + ciphertext_length,
+ sizeof(ciphertext) - ciphertext_length,
+ &part_length));
+ ciphertext_length += part_length;
+ }
+
+ if (usage & PSA_KEY_USAGE_DECRYPT) {
+ int maybe_invalid_padding = 0;
+ if (!(usage & PSA_KEY_USAGE_ENCRYPT)) {
+ maybe_invalid_padding = !PSA_ALG_IS_STREAM_CIPHER(alg);
+ }
+ status = psa_cipher_decrypt_setup(&operation, key, alg);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ PSA_ASSERT(psa_cipher_abort(&operation));
+ return 1;
+ }
+ PSA_ASSERT(status);
+ if (iv_length != 0) {
+ PSA_ASSERT(psa_cipher_set_iv(&operation,
+ iv, iv_length));
+ }
+ PSA_ASSERT(psa_cipher_update(&operation,
+ ciphertext, ciphertext_length,
+ decrypted, sizeof(decrypted),
+ &part_length));
+ status = psa_cipher_finish(&operation,
+ decrypted + part_length,
+ sizeof(decrypted) - part_length,
+ &part_length);
+ /* For a stream cipher, all inputs are valid. For a block cipher,
+ * if the input is some arbitrary data rather than an actual
+ ciphertext, a padding error is likely. */
+ if (maybe_invalid_padding) {
+ TEST_ASSERT(status == PSA_SUCCESS ||
+ status == PSA_ERROR_INVALID_PADDING);
+ } else {
+ PSA_ASSERT(status);
+ }
+ }
+
+ return 1;
+
+exit:
+ psa_cipher_abort(&operation);
+ psa_reset_key_attributes(&attributes);
+ return 0;
+}
+
+static int exercise_aead_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ unsigned char nonce[PSA_AEAD_NONCE_MAX_SIZE] = { 0 };
+ size_t nonce_length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_type_t key_type;
+ unsigned char plaintext[16] = "Hello, world...";
+ unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof(ciphertext);
+ size_t plaintext_length = sizeof(ciphertext);
+ psa_status_t status = PSA_SUCCESS;
+
+ /* Convert wildcard algorithm to exercisable algorithm */
+ if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) {
+ alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, PSA_ALG_AEAD_GET_TAG_LENGTH(alg));
+ }
+
+ PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+ key_type = psa_get_key_type(&attributes);
+ nonce_length = PSA_AEAD_NONCE_LENGTH(key_type, alg);
+
+ if (usage & PSA_KEY_USAGE_ENCRYPT) {
+ status = psa_aead_encrypt(key, alg,
+ nonce, nonce_length,
+ NULL, 0,
+ plaintext, sizeof(plaintext),
+ ciphertext, sizeof(ciphertext),
+ &ciphertext_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ }
+
+ if (usage & PSA_KEY_USAGE_DECRYPT) {
+ psa_status_t verify_status =
+ (usage & PSA_KEY_USAGE_ENCRYPT ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE);
+ status = psa_aead_decrypt(key, alg,
+ nonce, nonce_length,
+ NULL, 0,
+ ciphertext, ciphertext_length,
+ plaintext, sizeof(plaintext),
+ &plaintext_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ TEST_ASSERT(status == verify_status);
+ }
+
+ return 1;
+
+exit:
+ psa_reset_key_attributes(&attributes);
+ return 0;
+}
+
+static int can_sign_or_verify_message(psa_key_usage_t usage,
+ psa_algorithm_t alg)
+{
+ /* Sign-the-unspecified-hash algorithms can only be used with
+ * {sign,verify}_hash, not with {sign,verify}_message. */
+ if (alg == PSA_ALG_ECDSA_ANY || alg == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) {
+ return 0;
+ }
+ return usage & (PSA_KEY_USAGE_SIGN_MESSAGE |
+ PSA_KEY_USAGE_VERIFY_MESSAGE);
+}
+
+static int exercise_signature_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ /* If the policy allows signing with any hash, just pick one. */
+ psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg);
+ if (PSA_ALG_IS_SIGN_HASH(alg) && hash_alg == PSA_ALG_ANY_HASH &&
+ usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH |
+ PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE)) {
+#if defined(KNOWN_SUPPORTED_HASH_ALG)
+ hash_alg = KNOWN_SUPPORTED_HASH_ALG;
+ alg ^= PSA_ALG_ANY_HASH ^ hash_alg;
+#else
+ TEST_FAIL("No hash algorithm for hash-and-sign testing");
+#endif
+ }
+ psa_status_t status = PSA_SUCCESS;
+
+ if (usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH) &&
+ PSA_ALG_IS_SIGN_HASH(alg)) {
+ unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 };
+ size_t payload_length = 16;
+ unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 };
+ size_t signature_length = sizeof(signature);
+
+ /* Some algorithms require the payload to have the size of
+ * the hash encoded in the algorithm. Use this input size
+ * even for algorithms that allow other input sizes. */
+ if (hash_alg != 0) {
+ payload_length = PSA_HASH_LENGTH(hash_alg);
+ }
+
+ if (usage & PSA_KEY_USAGE_SIGN_HASH) {
+ status = psa_sign_hash(key, alg,
+ payload, payload_length,
+ signature, sizeof(signature),
+ &signature_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ }
+
+ if (usage & PSA_KEY_USAGE_VERIFY_HASH) {
+ psa_status_t verify_status =
+ (usage & PSA_KEY_USAGE_SIGN_HASH ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE);
+ status = psa_verify_hash(key, alg,
+ payload, payload_length,
+ signature, signature_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ TEST_ASSERT(status == verify_status);
+ }
+ }
+
+ if (can_sign_or_verify_message(usage, alg)) {
+ unsigned char message[256] = "Hello, world...";
+ unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 };
+ size_t message_length = 16;
+ size_t signature_length = sizeof(signature);
+
+ if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) {
+ status = psa_sign_message(key, alg,
+ message, message_length,
+ signature, sizeof(signature),
+ &signature_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ }
+
+ if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) {
+ psa_status_t verify_status =
+ (usage & PSA_KEY_USAGE_SIGN_MESSAGE ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE);
+ status = psa_verify_message(key, alg,
+ message, message_length,
+ signature, signature_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ TEST_ASSERT(status == verify_status);
+ }
+ }
+
+ return 1;
+
+exit:
+ return 0;
+}
+
+static int exercise_asymmetric_encryption_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ unsigned char plaintext[PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE] =
+ "Hello, world...";
+ unsigned char ciphertext[PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE] =
+ "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof(ciphertext);
+ size_t plaintext_length = 16;
+ psa_status_t status = PSA_SUCCESS;
+ if (usage & PSA_KEY_USAGE_ENCRYPT) {
+ status = psa_asymmetric_encrypt(key, alg,
+ plaintext, plaintext_length,
+ NULL, 0,
+ ciphertext, sizeof(ciphertext),
+ &ciphertext_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ }
+
+ if (usage & PSA_KEY_USAGE_DECRYPT) {
+ status = psa_asymmetric_decrypt(key, alg,
+ ciphertext, ciphertext_length,
+ NULL, 0,
+ plaintext, sizeof(plaintext),
+ &plaintext_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ TEST_ASSERT(status == PSA_SUCCESS ||
+ ((usage & PSA_KEY_USAGE_ENCRYPT) == 0 &&
+ (status == PSA_ERROR_INVALID_ARGUMENT ||
+ status == PSA_ERROR_INVALID_PADDING)));
+ }
+
+ return 1;
+
+exit:
+ return 0;
+}
+
+int mbedtls_test_psa_setup_key_derivation_wrap(
+ psa_key_derivation_operation_t *operation,
+ mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const unsigned char *input1, size_t input1_length,
+ const unsigned char *input2, size_t input2_length,
+ size_t capacity, int key_destroyable)
+{
+ PSA_ASSERT(psa_key_derivation_setup(operation, alg));
+ psa_status_t status = PSA_SUCCESS;
+ if (PSA_ALG_IS_HKDF(alg)) {
+ PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+ PSA_KEY_DERIVATION_INPUT_SALT,
+ input1, input1_length));
+ status = psa_key_derivation_input_key(operation,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+ key);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+ PSA_KEY_DERIVATION_INPUT_INFO,
+ input2,
+ input2_length));
+ } else if (PSA_ALG_IS_HKDF_EXTRACT(alg)) {
+ PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+ PSA_KEY_DERIVATION_INPUT_SALT,
+ input1, input1_length));
+ status = psa_key_derivation_input_key(operation,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+ key);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ } else if (PSA_ALG_IS_HKDF_EXPAND(alg)) {
+ status = psa_key_derivation_input_key(operation,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+ key);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+ PSA_KEY_DERIVATION_INPUT_INFO,
+ input2,
+ input2_length));
+ } else if (PSA_ALG_IS_TLS12_PRF(alg) ||
+ PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) {
+ PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+ PSA_KEY_DERIVATION_INPUT_SEED,
+ input1, input1_length));
+ status = psa_key_derivation_input_key(operation,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+ key);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+ PSA_KEY_DERIVATION_INPUT_LABEL,
+ input2, input2_length));
+ } else if (PSA_ALG_IS_PBKDF2(alg)) {
+ PSA_ASSERT(psa_key_derivation_input_integer(operation,
+ PSA_KEY_DERIVATION_INPUT_COST,
+ 1U));
+ PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+ PSA_KEY_DERIVATION_INPUT_SALT,
+ input2,
+ input2_length));
+ status = psa_key_derivation_input_key(operation,
+ PSA_KEY_DERIVATION_INPUT_PASSWORD,
+ key);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ return 1;
+ }
+ PSA_ASSERT(status);
+ } else if (alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
+ PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+ input1, input1_length));
+ } else {
+ TEST_FAIL("Key derivation algorithm not supported");
+ }
+
+ if (capacity != SIZE_MAX) {
+ PSA_ASSERT(psa_key_derivation_set_capacity(operation, capacity));
+ }
+
+ return 1;
+
+exit:
+ return 0;
+}
+
+
+static int exercise_key_derivation_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+ unsigned char input1[] = "Input 1";
+ size_t input1_length = sizeof(input1);
+ unsigned char input2[] = "Input 2";
+ size_t input2_length = sizeof(input2);
+ unsigned char output[1];
+ size_t capacity = sizeof(output);
+
+ if (usage & PSA_KEY_USAGE_DERIVE) {
+ if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg,
+ input1, input1_length,
+ input2, input2_length,
+ capacity, key_destroyable)) {
+ goto exit;
+ }
+
+ psa_status_t status = psa_key_derivation_output_bytes(&operation,
+ output,
+ capacity);
+ if (key_destroyable && status == PSA_ERROR_BAD_STATE) {
+ /* The key has been destroyed. */
+ PSA_ASSERT(psa_key_derivation_abort(&operation));
+ } else {
+ PSA_ASSERT(status);
+ PSA_ASSERT(psa_key_derivation_abort(&operation));
+ }
+ }
+
+ return 1;
+
+exit:
+ return 0;
+}
+
+/* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+psa_status_t mbedtls_test_psa_key_agreement_with_self(
+ psa_key_derivation_operation_t *operation,
+ mbedtls_svc_key_id_t key, int key_destroyable)
+{
+ psa_key_type_t private_key_type;
+ psa_key_type_t public_key_type;
+ size_t key_bits;
+ uint8_t *public_key = NULL;
+ size_t public_key_length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ psa_status_t status = psa_get_key_attributes(key, &attributes);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ psa_reset_key_attributes(&attributes);
+ return PSA_SUCCESS;
+ }
+ PSA_ASSERT(status);
+
+ private_key_type = psa_get_key_type(&attributes);
+ key_bits = psa_get_key_bits(&attributes);
+ public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type);
+ public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits);
+ TEST_CALLOC(public_key, public_key_length);
+ status = psa_export_public_key(key, public_key, public_key_length,
+ &public_key_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ status = PSA_SUCCESS;
+ goto exit;
+ }
+ PSA_ASSERT(status);
+
+ status = psa_key_derivation_key_agreement(
+ operation, PSA_KEY_DERIVATION_INPUT_SECRET, key,
+ public_key, public_key_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ status = PSA_SUCCESS;
+ goto exit;
+ }
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes(&attributes);
+
+ mbedtls_free(public_key);
+ return status;
+}
+
+/* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
+ psa_algorithm_t alg,
+ mbedtls_svc_key_id_t key,
+ int key_destroyable)
+{
+ psa_key_type_t private_key_type;
+ psa_key_type_t public_key_type;
+ size_t key_bits;
+ uint8_t *public_key = NULL;
+ size_t public_key_length;
+ uint8_t output[1024];
+ size_t output_length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ psa_status_t status = psa_get_key_attributes(key, &attributes);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ psa_reset_key_attributes(&attributes);
+ return PSA_SUCCESS;
+ }
+ PSA_ASSERT(status);
+
+ private_key_type = psa_get_key_type(&attributes);
+ key_bits = psa_get_key_bits(&attributes);
+ public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type);
+ public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits);
+ TEST_CALLOC(public_key, public_key_length);
+ status = psa_export_public_key(key,
+ public_key, public_key_length,
+ &public_key_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ status = PSA_SUCCESS;
+ goto exit;
+ }
+ PSA_ASSERT(status);
+
+ status = psa_raw_key_agreement(alg, key,
+ public_key, public_key_length,
+ output, sizeof(output), &output_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ status = PSA_SUCCESS;
+ goto exit;
+ }
+ if (status == PSA_SUCCESS) {
+ TEST_ASSERT(output_length <=
+ PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(private_key_type,
+ key_bits));
+ TEST_ASSERT(output_length <=
+ PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE);
+ }
+
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes(&attributes);
+
+ mbedtls_free(public_key);
+ return status;
+}
+
+static int exercise_raw_key_agreement_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ int ok = 0;
+
+ if (usage & PSA_KEY_USAGE_DERIVE) {
+ /* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+ PSA_ASSERT(mbedtls_test_psa_raw_key_agreement_with_self(alg, key,
+ key_destroyable));
+ }
+ ok = 1;
+
+exit:
+ return ok;
+}
+
+static int exercise_key_agreement_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+ unsigned char input[1] = { 0 };
+ unsigned char output[1];
+ int ok = 0;
+ psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg);
+ psa_status_t expected_key_agreement_status = PSA_SUCCESS;
+
+ if (usage & PSA_KEY_USAGE_DERIVE) {
+ /* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+ PSA_ASSERT(psa_key_derivation_setup(&operation, alg));
+ if (PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
+ PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+ PSA_ASSERT(psa_key_derivation_input_bytes(
+ &operation, PSA_KEY_DERIVATION_INPUT_SEED,
+ input, sizeof(input)));
+ }
+
+ if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) {
+ PSA_ASSERT(psa_key_derivation_input_bytes(
+ &operation, PSA_KEY_DERIVATION_INPUT_SALT,
+ input, sizeof(input)));
+ }
+
+ /* For HKDF_EXPAND input secret may fail as secret size may not match
+ to expected PRK size. In practice it means that key bits must match
+ hash length. Otherwise test should fail with INVALID_ARGUMENT. */
+ if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) {
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_status_t status = psa_get_key_attributes(key, &attributes);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ ok = 1;
+ }
+ PSA_ASSERT(status);
+ size_t key_bits = psa_get_key_bits(&attributes);
+ psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg);
+
+ if (PSA_BITS_TO_BYTES(key_bits) != PSA_HASH_LENGTH(hash_alg)) {
+ expected_key_agreement_status = PSA_ERROR_INVALID_ARGUMENT;
+ }
+ }
+
+ TEST_EQUAL(mbedtls_test_psa_key_agreement_with_self(&operation, key,
+ key_destroyable),
+ expected_key_agreement_status);
+
+ if (expected_key_agreement_status != PSA_SUCCESS) {
+ return 1;
+ }
+
+ if (PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
+ PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+ PSA_ASSERT(psa_key_derivation_input_bytes(
+ &operation, PSA_KEY_DERIVATION_INPUT_LABEL,
+ input, sizeof(input)));
+ } else if (PSA_ALG_IS_HKDF(kdf_alg) || PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) {
+ PSA_ASSERT(psa_key_derivation_input_bytes(
+ &operation, PSA_KEY_DERIVATION_INPUT_INFO,
+ input, sizeof(input)));
+ }
+ PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+ output,
+ sizeof(output)));
+ PSA_ASSERT(psa_key_derivation_abort(&operation));
+ }
+ ok = 1;
+
+exit:
+ return ok;
+}
+
+int mbedtls_test_psa_exported_key_sanity_check(
+ psa_key_type_t type, size_t bits,
+ const uint8_t *exported, size_t exported_length)
+{
+ TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits));
+
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) {
+ TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits));
+ } else
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+ if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+ uint8_t *p = (uint8_t *) exported;
+ const uint8_t *end = exported + exported_length;
+ size_t len;
+ /* RSAPrivateKey ::= SEQUENCE {
+ * version INTEGER, -- must be 0
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER, -- e
+ * privateExponent INTEGER, -- d
+ * prime1 INTEGER, -- p
+ * prime2 INTEGER, -- q
+ * exponent1 INTEGER, -- d mod (p-1)
+ * exponent2 INTEGER, -- d mod (q-1)
+ * coefficient INTEGER, -- (inverse of q) mod p
+ * }
+ */
+ TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len,
+ MBEDTLS_ASN1_SEQUENCE |
+ MBEDTLS_ASN1_CONSTRUCTED), 0);
+ TEST_EQUAL(len, end - p);
+ if (!mbedtls_test_asn1_skip_integer(&p, end, 0, 0, 0)) {
+ goto exit;
+ }
+ if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) {
+ goto exit;
+ }
+ if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) {
+ goto exit;
+ }
+ /* Require d to be at least half the size of n. */
+ if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits, 1)) {
+ goto exit;
+ }
+ /* Require p and q to be at most half the size of n, rounded up. */
+ if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) {
+ goto exit;
+ }
+ if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) {
+ goto exit;
+ }
+ if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) {
+ goto exit;
+ }
+ if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) {
+ goto exit;
+ }
+ if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) {
+ goto exit;
+ }
+ TEST_EQUAL(p - end, 0);
+
+ TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE);
+ } else
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
+ /* Just the secret value */
+ TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits));
+
+ TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE);
+ } else
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+ if (type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) {
+ uint8_t *p = (uint8_t *) exported;
+ const uint8_t *end = exported + exported_length;
+ size_t len;
+ /* RSAPublicKey ::= SEQUENCE {
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER } -- e
+ */
+ TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len,
+ MBEDTLS_ASN1_SEQUENCE |
+ MBEDTLS_ASN1_CONSTRUCTED),
+ 0);
+ TEST_EQUAL(len, end - p);
+ if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) {
+ goto exit;
+ }
+ if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) {
+ goto exit;
+ }
+ TEST_EQUAL(p - end, 0);
+
+
+ TEST_ASSERT(exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits));
+ TEST_ASSERT(exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_MAX_SIZE);
+ } else
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+ if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) {
+
+ TEST_ASSERT(exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits));
+ TEST_ASSERT(exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_MAX_SIZE);
+
+ if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_MONTGOMERY) {
+ /* The representation of an ECC Montgomery public key is
+ * the raw compressed point */
+ TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length);
+ } else if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_TWISTED_EDWARDS) {
+ /* The representation of an ECC Edwards public key is
+ * the raw compressed point */
+ TEST_EQUAL(PSA_BITS_TO_BYTES(bits + 1), exported_length);
+ } else {
+ /* The representation of an ECC Weierstrass public key is:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - where m is the bit size associated with the curve.
+ */
+ TEST_EQUAL(1 + 2 * PSA_BITS_TO_BYTES(bits), exported_length);
+ TEST_EQUAL(exported[0], 4);
+ }
+ } else
+ if (PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) || PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)) {
+ TEST_ASSERT(exported_length ==
+ PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits));
+ TEST_ASSERT(exported_length <=
+ PSA_EXPORT_PUBLIC_KEY_MAX_SIZE);
+ } else {
+ (void) exported;
+ TEST_FAIL("Sanity check not implemented for this key type");
+ }
+
+#if defined(MBEDTLS_DES_C)
+ if (type == PSA_KEY_TYPE_DES) {
+ /* Check the parity bits. */
+ unsigned i;
+ for (i = 0; i < bits / 8; i++) {
+ unsigned bit_count = 0;
+ unsigned m;
+ for (m = 1; m <= 0x100; m <<= 1) {
+ if (exported[i] & m) {
+ ++bit_count;
+ }
+ }
+ TEST_ASSERT(bit_count % 2 != 0);
+ }
+ }
+#endif
+
+ return 1;
+
+exit:
+ return 0;
+}
+
+static int exercise_export_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ int key_destroyable)
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ uint8_t *exported = NULL;
+ size_t exported_size = 0;
+ size_t exported_length = 0;
+ int ok = 0;
+
+ psa_status_t status = psa_get_key_attributes(key, &attributes);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ psa_reset_key_attributes(&attributes);
+ return 1;
+ }
+ PSA_ASSERT(status);
+
+ exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
+ psa_get_key_type(&attributes),
+ psa_get_key_bits(&attributes));
+ TEST_CALLOC(exported, exported_size);
+
+ status = psa_export_key(key, exported, exported_size, &exported_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ ok = 1;
+ goto exit;
+ } else if ((usage & PSA_KEY_USAGE_EXPORT) == 0 &&
+ !PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(&attributes))) {
+ TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+ ok = 1;
+ goto exit;
+ }
+ PSA_ASSERT(status);
+ ok = mbedtls_test_psa_exported_key_sanity_check(
+ psa_get_key_type(&attributes), psa_get_key_bits(&attributes),
+ exported, exported_length);
+
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes(&attributes);
+
+ mbedtls_free(exported);
+ return ok;
+}
+
+static int exercise_export_public_key(mbedtls_svc_key_id_t key,
+ int key_destroyable)
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_type_t public_type;
+ uint8_t *exported = NULL;
+ size_t exported_size = 0;
+ size_t exported_length = 0;
+ int ok = 0;
+
+ psa_status_t status = psa_get_key_attributes(key, &attributes);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ psa_reset_key_attributes(&attributes);
+ return 1;
+ }
+ PSA_ASSERT(status);
+ if (!PSA_KEY_TYPE_IS_ASYMMETRIC(psa_get_key_type(&attributes))) {
+ exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
+ psa_get_key_type(&attributes),
+ psa_get_key_bits(&attributes));
+ TEST_CALLOC(exported, exported_size);
+
+ status = psa_export_public_key(key, exported,
+ exported_size, &exported_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ ok = 1;
+ goto exit;
+ }
+ TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT);
+ ok = 1;
+ goto exit;
+ }
+
+ public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(
+ psa_get_key_type(&attributes));
+ exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type,
+ psa_get_key_bits(&attributes));
+ TEST_CALLOC(exported, exported_size);
+
+ status = psa_export_public_key(key, exported,
+ exported_size, &exported_length);
+ if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
+ /* The key has been destroyed. */
+ ok = 1;
+ goto exit;
+ }
+ PSA_ASSERT(status);
+ ok = mbedtls_test_psa_exported_key_sanity_check(
+ public_type, psa_get_key_bits(&attributes),
+ exported, exported_length);
+
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes(&attributes);
+
+ mbedtls_free(exported);
+ return ok;
+}
+
+int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ int key_destroyable)
+{
+ int ok = 0;
+
+ if (!check_key_attributes_sanity(key, key_destroyable)) {
+ return 0;
+ }
+
+ if (alg == 0) {
+ ok = 1; /* If no algorithm, do nothing (used for raw data "keys"). */
+ } else if (PSA_ALG_IS_MAC(alg)) {
+ ok = exercise_mac_key(key, usage, alg, key_destroyable);
+ } else if (PSA_ALG_IS_CIPHER(alg)) {
+ ok = exercise_cipher_key(key, usage, alg, key_destroyable);
+ } else if (PSA_ALG_IS_AEAD(alg)) {
+ ok = exercise_aead_key(key, usage, alg, key_destroyable);
+ } else if (PSA_ALG_IS_SIGN(alg)) {
+ ok = exercise_signature_key(key, usage, alg, key_destroyable);
+ } else if (PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) {
+ ok = exercise_asymmetric_encryption_key(key, usage, alg,
+ key_destroyable);
+ } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) {
+ ok = exercise_key_derivation_key(key, usage, alg, key_destroyable);
+ } else if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) {
+ ok = exercise_raw_key_agreement_key(key, usage, alg, key_destroyable);
+ } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) {
+ ok = exercise_key_agreement_key(key, usage, alg, key_destroyable);
+ } else {
+ TEST_FAIL("No code to exercise this category of algorithm");
+ }
+
+ ok = ok && exercise_export_key(key,
+ usage,
+ key_destroyable);
+ ok = ok && exercise_export_public_key(key,
+ key_destroyable);
+
+exit:
+ return ok;
+}
+
+psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type,
+ psa_algorithm_t alg)
+{
+ if (PSA_ALG_IS_MAC(alg) || PSA_ALG_IS_SIGN(alg)) {
+ if (PSA_ALG_IS_SIGN_HASH(alg)) {
+ if (PSA_ALG_SIGN_GET_HASH(alg)) {
+ return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ?
+ PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE :
+ PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH |
+ PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE;
+ }
+ } else if (PSA_ALG_IS_SIGN_MESSAGE(alg)) {
+ return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ?
+ PSA_KEY_USAGE_VERIFY_MESSAGE :
+ PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE;
+ }
+
+ return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ?
+ PSA_KEY_USAGE_VERIFY_HASH :
+ PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH;
+ } else if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg) ||
+ PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) {
+ return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ?
+ PSA_KEY_USAGE_ENCRYPT :
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
+ } else if (PSA_ALG_IS_KEY_DERIVATION(alg) ||
+ PSA_ALG_IS_KEY_AGREEMENT(alg)) {
+ return PSA_KEY_USAGE_DERIVE;
+ } else {
+ return 0;
+ }
+
+}
+
+int mbedtls_test_can_exercise_psa_algorithm(psa_algorithm_t alg)
+{
+ /* Reject algorithms that we know are not supported. Default to
+ * attempting exercise, so that if an algorithm is missing from this
+ * function, the result will be a test failure and not silently
+ * omitting exercise. */
+#if !defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
+ if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) {
+ return 0;
+ }
+#endif
+#if !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+ if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) {
+ return 0;
+ }
+#endif
+#if !defined(PSA_WANT_ALG_RSA_PSS)
+ if (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg)) {
+ return 0;
+ }
+#endif
+#if !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT)
+ if (PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) {
+ return 0;
+ }
+#endif
+#if !defined(PSA_WANT_ALG_ECDSA)
+ if (PSA_ALG_IS_ECDSA(alg)) {
+ return 0;
+ }
+#endif
+#if !defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
+ if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) {
+ return 0;
+ }
+#endif
+#if !defined(PSA_WANT_ALG_ECDH)
+ if (PSA_ALG_IS_ECDH(alg)) {
+ return 0;
+ }
+#endif
+ (void) alg;
+ return 1;
+}
+
+#if defined(MBEDTLS_PK_C)
+int mbedtls_test_key_consistency_psa_pk(mbedtls_svc_key_id_t psa_key,
+ const mbedtls_pk_context *pk)
+{
+ psa_key_attributes_t psa_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_attributes_t pk_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ int ok = 0;
+
+ PSA_ASSERT(psa_get_key_attributes(psa_key, &psa_attributes));
+ psa_key_type_t psa_type = psa_get_key_type(&psa_attributes);
+ mbedtls_pk_type_t pk_type = mbedtls_pk_get_type(pk);
+
+ TEST_ASSERT(PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_type) ||
+ PSA_KEY_TYPE_IS_KEY_PAIR(psa_type));
+ TEST_EQUAL(psa_get_key_bits(&psa_attributes), mbedtls_pk_get_bitlen(pk));
+
+ uint8_t pk_public_buffer[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+ const uint8_t *pk_public = NULL;
+ size_t pk_public_length = 0;
+
+ switch (pk_type) {
+#if defined(MBEDTLS_RSA_C)
+ case MBEDTLS_PK_RSA:
+ TEST_ASSERT(PSA_KEY_TYPE_IS_RSA(psa_type));
+ const mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk);
+ uint8_t *const end = pk_public_buffer + sizeof(pk_public_buffer);
+ uint8_t *cursor = end;
+ TEST_LE_U(1, mbedtls_rsa_write_pubkey(rsa,
+ pk_public_buffer, &cursor));
+ pk_public = cursor;
+ pk_public_length = end - pk_public;
+ break;
+#endif
+
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+ case MBEDTLS_PK_ECKEY:
+ case MBEDTLS_PK_ECKEY_DH:
+ case MBEDTLS_PK_ECDSA:
+ TEST_ASSERT(PSA_KEY_TYPE_IS_ECC(psa_type));
+ TEST_EQUAL(PSA_KEY_TYPE_ECC_GET_FAMILY(psa_type), pk->ec_family);
+ pk_public = pk->pub_raw;
+ pk_public_length = pk->pub_raw_len;
+ break;
+#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
+
+#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+ case MBEDTLS_PK_ECKEY:
+ case MBEDTLS_PK_ECKEY_DH:
+ case MBEDTLS_PK_ECDSA:
+ TEST_ASSERT(PSA_KEY_TYPE_IS_ECC(psa_get_key_type(&psa_attributes)));
+ const mbedtls_ecp_keypair *ec = mbedtls_pk_ec_ro(*pk);
+ TEST_EQUAL(mbedtls_ecp_write_public_key(
+ ec, MBEDTLS_ECP_PF_UNCOMPRESSED, &pk_public_length,
+ pk_public_buffer, sizeof(pk_public_buffer)), 0);
+ pk_public = pk_public_buffer;
+ break;
+#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_PK_USE_PSA_EC_DATA */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ case MBEDTLS_PK_OPAQUE:
+ PSA_ASSERT(psa_get_key_attributes(pk->priv_id, &pk_attributes));
+ psa_key_type_t pk_psa_type = psa_get_key_type(&pk_attributes);
+ TEST_EQUAL(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(psa_type),
+ PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(pk_psa_type));
+ PSA_ASSERT(psa_export_public_key(psa_key,
+ pk_public_buffer,
+ sizeof(pk_public_buffer),
+ &pk_public_length));
+ pk_public = pk_public_buffer;
+ break;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ default:
+ TEST_FAIL("pk type not supported");
+ }
+
+ uint8_t psa_public[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+ size_t psa_public_length = 0;
+ PSA_ASSERT(psa_export_public_key(psa_key,
+ psa_public, sizeof(psa_public),
+ &psa_public_length));
+ TEST_MEMORY_COMPARE(pk_public, pk_public_length,
+ psa_public, psa_public_length);
+
+ ok = 1;
+
+exit:
+ psa_reset_key_attributes(&psa_attributes);
+ psa_reset_key_attributes(&pk_attributes);
+ return ok;
+}
+#endif /* MBEDTLS_PK_C */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/tests/src/psa_memory_poisoning_wrappers.c b/tests/src/psa_memory_poisoning_wrappers.c
new file mode 100644
index 0000000..05cba18
--- /dev/null
+++ b/tests/src/psa_memory_poisoning_wrappers.c
@@ -0,0 +1,31 @@
+/** Helper functions for memory poisoning in tests.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#include "test/memory.h"
+
+#include "psa_crypto_invasive.h"
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) \
+ && defined(MBEDTLS_TEST_MEMORY_CAN_POISON)
+
+void mbedtls_poison_test_hooks_setup(void)
+{
+ psa_input_pre_copy_hook = mbedtls_test_memory_unpoison;
+ psa_input_post_copy_hook = mbedtls_test_memory_poison;
+ psa_output_pre_copy_hook = mbedtls_test_memory_unpoison;
+ psa_output_post_copy_hook = mbedtls_test_memory_poison;
+}
+
+void mbedtls_poison_test_hooks_teardown(void)
+{
+ psa_input_pre_copy_hook = NULL;
+ psa_input_post_copy_hook = NULL;
+ psa_output_pre_copy_hook = NULL;
+ psa_output_post_copy_hook = NULL;
+}
+
+#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_PSA_CRYPTO_C &&
+ MBEDTLS_TEST_MEMORY_CAN_POISON */
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
new file mode 100644
index 0000000..809f1cd
--- /dev/null
+++ b/tests/src/psa_test_wrappers.c
@@ -0,0 +1,1321 @@
+/* Automatically generated by generate_psa_wrappers.py, do not edit! */
+
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <mbedtls/build_info.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \
+ !defined(RECORD_PSA_STATUS_COVERAGE_LOG)
+
+#include <psa/crypto.h>
+
+#include <test/memory.h>
+#include <test/psa_crypto_helpers.h>
+#include <test/psa_test_wrappers.h>
+
+/* Wrapper for mbedtls_psa_inject_entropy */
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+psa_status_t mbedtls_test_wrap_mbedtls_psa_inject_entropy(
+ const uint8_t *arg0_seed,
+ size_t arg1_seed_size)
+{
+ psa_status_t status = (mbedtls_psa_inject_entropy)(arg0_seed, arg1_seed_size);
+ return status;
+}
+#endif /* defined(MBEDTLS_PSA_INJECT_ENTROPY) */
+
+/* Wrapper for mbedtls_psa_platform_get_builtin_key */
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+psa_status_t mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key(
+ mbedtls_svc_key_id_t arg0_key_id,
+ psa_key_lifetime_t *arg1_lifetime,
+ psa_drv_slot_number_t *arg2_slot_number)
+{
+ psa_status_t status = (mbedtls_psa_platform_get_builtin_key)(arg0_key_id, arg1_lifetime, arg2_slot_number);
+ return status;
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) */
+
+/* Wrapper for mbedtls_psa_register_se_key */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+psa_status_t mbedtls_test_wrap_mbedtls_psa_register_se_key(
+ const psa_key_attributes_t *arg0_attributes)
+{
+ psa_status_t status = (mbedtls_psa_register_se_key)(arg0_attributes);
+ return status;
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */
+
+/* Wrapper for psa_aead_abort */
+psa_status_t mbedtls_test_wrap_psa_aead_abort(
+ psa_aead_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_aead_abort)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_aead_decrypt */
+psa_status_t mbedtls_test_wrap_psa_aead_decrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_nonce,
+ size_t arg3_nonce_length,
+ const uint8_t *arg4_additional_data,
+ size_t arg5_additional_data_length,
+ const uint8_t *arg6_ciphertext,
+ size_t arg7_ciphertext_length,
+ uint8_t *arg8_plaintext,
+ size_t arg9_plaintext_size,
+ size_t *arg10_plaintext_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg6_ciphertext, arg7_ciphertext_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg8_plaintext, arg9_plaintext_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_aead_decrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg6_ciphertext, arg7_ciphertext_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg8_plaintext, arg9_plaintext_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_aead_decrypt_setup */
+psa_status_t mbedtls_test_wrap_psa_aead_decrypt_setup(
+ psa_aead_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg)
+{
+ psa_status_t status = (psa_aead_decrypt_setup)(arg0_operation, arg1_key, arg2_alg);
+ return status;
+}
+
+/* Wrapper for psa_aead_encrypt */
+psa_status_t mbedtls_test_wrap_psa_aead_encrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_nonce,
+ size_t arg3_nonce_length,
+ const uint8_t *arg4_additional_data,
+ size_t arg5_additional_data_length,
+ const uint8_t *arg6_plaintext,
+ size_t arg7_plaintext_length,
+ uint8_t *arg8_ciphertext,
+ size_t arg9_ciphertext_size,
+ size_t *arg10_ciphertext_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg6_plaintext, arg7_plaintext_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg8_ciphertext, arg9_ciphertext_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_aead_encrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg6_plaintext, arg7_plaintext_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg8_ciphertext, arg9_ciphertext_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_aead_encrypt_setup */
+psa_status_t mbedtls_test_wrap_psa_aead_encrypt_setup(
+ psa_aead_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg)
+{
+ psa_status_t status = (psa_aead_encrypt_setup)(arg0_operation, arg1_key, arg2_alg);
+ return status;
+}
+
+/* Wrapper for psa_aead_finish */
+psa_status_t mbedtls_test_wrap_psa_aead_finish(
+ psa_aead_operation_t *arg0_operation,
+ uint8_t *arg1_ciphertext,
+ size_t arg2_ciphertext_size,
+ size_t *arg3_ciphertext_length,
+ uint8_t *arg4_tag,
+ size_t arg5_tag_size,
+ size_t *arg6_tag_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_ciphertext, arg2_ciphertext_size);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_tag, arg5_tag_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_aead_finish)(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_ciphertext, arg2_ciphertext_size);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_tag, arg5_tag_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_aead_generate_nonce */
+psa_status_t mbedtls_test_wrap_psa_aead_generate_nonce(
+ psa_aead_operation_t *arg0_operation,
+ uint8_t *arg1_nonce,
+ size_t arg2_nonce_size,
+ size_t *arg3_nonce_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_nonce, arg2_nonce_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_aead_generate_nonce)(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_nonce, arg2_nonce_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_aead_set_lengths */
+psa_status_t mbedtls_test_wrap_psa_aead_set_lengths(
+ psa_aead_operation_t *arg0_operation,
+ size_t arg1_ad_length,
+ size_t arg2_plaintext_length)
+{
+ psa_status_t status = (psa_aead_set_lengths)(arg0_operation, arg1_ad_length, arg2_plaintext_length);
+ return status;
+}
+
+/* Wrapper for psa_aead_set_nonce */
+psa_status_t mbedtls_test_wrap_psa_aead_set_nonce(
+ psa_aead_operation_t *arg0_operation,
+ const uint8_t *arg1_nonce,
+ size_t arg2_nonce_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_nonce, arg2_nonce_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_aead_set_nonce)(arg0_operation, arg1_nonce, arg2_nonce_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_nonce, arg2_nonce_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_aead_update */
+psa_status_t mbedtls_test_wrap_psa_aead_update(
+ psa_aead_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length,
+ uint8_t *arg3_output,
+ size_t arg4_output_size,
+ size_t *arg5_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_aead_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_aead_update_ad */
+psa_status_t mbedtls_test_wrap_psa_aead_update_ad(
+ psa_aead_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_aead_update_ad)(arg0_operation, arg1_input, arg2_input_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_aead_verify */
+psa_status_t mbedtls_test_wrap_psa_aead_verify(
+ psa_aead_operation_t *arg0_operation,
+ uint8_t *arg1_plaintext,
+ size_t arg2_plaintext_size,
+ size_t *arg3_plaintext_length,
+ const uint8_t *arg4_tag,
+ size_t arg5_tag_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_plaintext, arg2_plaintext_size);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_tag, arg5_tag_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_aead_verify)(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_plaintext, arg2_plaintext_size);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_tag, arg5_tag_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_asymmetric_decrypt */
+psa_status_t mbedtls_test_wrap_psa_asymmetric_decrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ const uint8_t *arg4_salt,
+ size_t arg5_salt_length,
+ uint8_t *arg6_output,
+ size_t arg7_output_size,
+ size_t *arg8_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_asymmetric_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_asymmetric_encrypt */
+psa_status_t mbedtls_test_wrap_psa_asymmetric_encrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ const uint8_t *arg4_salt,
+ size_t arg5_salt_length,
+ uint8_t *arg6_output,
+ size_t arg7_output_size,
+ size_t *arg8_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_asymmetric_encrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_cipher_abort */
+psa_status_t mbedtls_test_wrap_psa_cipher_abort(
+ psa_cipher_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_cipher_abort)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_cipher_decrypt */
+psa_status_t mbedtls_test_wrap_psa_cipher_decrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ uint8_t *arg4_output,
+ size_t arg5_output_size,
+ size_t *arg6_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_cipher_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_cipher_decrypt_setup */
+psa_status_t mbedtls_test_wrap_psa_cipher_decrypt_setup(
+ psa_cipher_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg)
+{
+ psa_status_t status = (psa_cipher_decrypt_setup)(arg0_operation, arg1_key, arg2_alg);
+ return status;
+}
+
+/* Wrapper for psa_cipher_encrypt */
+psa_status_t mbedtls_test_wrap_psa_cipher_encrypt(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ uint8_t *arg4_output,
+ size_t arg5_output_size,
+ size_t *arg6_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_cipher_encrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_cipher_encrypt_setup */
+psa_status_t mbedtls_test_wrap_psa_cipher_encrypt_setup(
+ psa_cipher_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg)
+{
+ psa_status_t status = (psa_cipher_encrypt_setup)(arg0_operation, arg1_key, arg2_alg);
+ return status;
+}
+
+/* Wrapper for psa_cipher_finish */
+psa_status_t mbedtls_test_wrap_psa_cipher_finish(
+ psa_cipher_operation_t *arg0_operation,
+ uint8_t *arg1_output,
+ size_t arg2_output_size,
+ size_t *arg3_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_output, arg2_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_cipher_finish)(arg0_operation, arg1_output, arg2_output_size, arg3_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_output, arg2_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_cipher_generate_iv */
+psa_status_t mbedtls_test_wrap_psa_cipher_generate_iv(
+ psa_cipher_operation_t *arg0_operation,
+ uint8_t *arg1_iv,
+ size_t arg2_iv_size,
+ size_t *arg3_iv_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_iv, arg2_iv_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_cipher_generate_iv)(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_iv, arg2_iv_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_cipher_set_iv */
+psa_status_t mbedtls_test_wrap_psa_cipher_set_iv(
+ psa_cipher_operation_t *arg0_operation,
+ const uint8_t *arg1_iv,
+ size_t arg2_iv_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_iv, arg2_iv_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_cipher_set_iv)(arg0_operation, arg1_iv, arg2_iv_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_iv, arg2_iv_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_cipher_update */
+psa_status_t mbedtls_test_wrap_psa_cipher_update(
+ psa_cipher_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length,
+ uint8_t *arg3_output,
+ size_t arg4_output_size,
+ size_t *arg5_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_cipher_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_copy_key */
+psa_status_t mbedtls_test_wrap_psa_copy_key(
+ mbedtls_svc_key_id_t arg0_source_key,
+ const psa_key_attributes_t *arg1_attributes,
+ mbedtls_svc_key_id_t *arg2_target_key)
+{
+ psa_status_t status = (psa_copy_key)(arg0_source_key, arg1_attributes, arg2_target_key);
+ return status;
+}
+
+/* Wrapper for psa_crypto_driver_pake_get_cipher_suite */
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ psa_pake_cipher_suite_t *arg1_cipher_suite)
+{
+ psa_status_t status = (psa_crypto_driver_pake_get_cipher_suite)(arg0_inputs, arg1_cipher_suite);
+ return status;
+}
+
+/* Wrapper for psa_crypto_driver_pake_get_password */
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ uint8_t *arg1_buffer,
+ size_t arg2_buffer_size,
+ size_t *arg3_buffer_length)
+{
+ psa_status_t status = (psa_crypto_driver_pake_get_password)(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length);
+ return status;
+}
+
+/* Wrapper for psa_crypto_driver_pake_get_password_len */
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ size_t *arg1_password_len)
+{
+ psa_status_t status = (psa_crypto_driver_pake_get_password_len)(arg0_inputs, arg1_password_len);
+ return status;
+}
+
+/* Wrapper for psa_crypto_driver_pake_get_peer */
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ uint8_t *arg1_peer_id,
+ size_t arg2_peer_id_size,
+ size_t *arg3_peer_id_length)
+{
+ psa_status_t status = (psa_crypto_driver_pake_get_peer)(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length);
+ return status;
+}
+
+/* Wrapper for psa_crypto_driver_pake_get_peer_len */
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ size_t *arg1_peer_len)
+{
+ psa_status_t status = (psa_crypto_driver_pake_get_peer_len)(arg0_inputs, arg1_peer_len);
+ return status;
+}
+
+/* Wrapper for psa_crypto_driver_pake_get_user */
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ uint8_t *arg1_user_id,
+ size_t arg2_user_id_size,
+ size_t *arg3_user_id_len)
+{
+ psa_status_t status = (psa_crypto_driver_pake_get_user)(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len);
+ return status;
+}
+
+/* Wrapper for psa_crypto_driver_pake_get_user_len */
+psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len(
+ const psa_crypto_driver_pake_inputs_t *arg0_inputs,
+ size_t *arg1_user_len)
+{
+ psa_status_t status = (psa_crypto_driver_pake_get_user_len)(arg0_inputs, arg1_user_len);
+ return status;
+}
+
+/* Wrapper for psa_crypto_init */
+psa_status_t mbedtls_test_wrap_psa_crypto_init(void)
+{
+ psa_status_t status = (psa_crypto_init)();
+ return status;
+}
+
+/* Wrapper for psa_destroy_key */
+psa_status_t mbedtls_test_wrap_psa_destroy_key(
+ mbedtls_svc_key_id_t arg0_key)
+{
+ psa_status_t status = (psa_destroy_key)(arg0_key);
+ return status;
+}
+
+/* Wrapper for psa_export_key */
+psa_status_t mbedtls_test_wrap_psa_export_key(
+ mbedtls_svc_key_id_t arg0_key,
+ uint8_t *arg1_data,
+ size_t arg2_data_size,
+ size_t *arg3_data_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_export_key)(arg0_key, arg1_data, arg2_data_size, arg3_data_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_export_public_key */
+psa_status_t mbedtls_test_wrap_psa_export_public_key(
+ mbedtls_svc_key_id_t arg0_key,
+ uint8_t *arg1_data,
+ size_t arg2_data_size,
+ size_t *arg3_data_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_export_public_key)(arg0_key, arg1_data, arg2_data_size, arg3_data_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_generate_key */
+psa_status_t mbedtls_test_wrap_psa_generate_key(
+ const psa_key_attributes_t *arg0_attributes,
+ mbedtls_svc_key_id_t *arg1_key)
+{
+ psa_status_t status = (psa_generate_key)(arg0_attributes, arg1_key);
+ return status;
+}
+
+/* Wrapper for psa_generate_key_ext */
+psa_status_t mbedtls_test_wrap_psa_generate_key_ext(
+ const psa_key_attributes_t *arg0_attributes,
+ const psa_key_production_parameters_t *arg1_params,
+ size_t arg2_params_data_length,
+ mbedtls_svc_key_id_t *arg3_key)
+{
+ psa_status_t status = (psa_generate_key_ext)(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key);
+ return status;
+}
+
+/* Wrapper for psa_generate_random */
+psa_status_t mbedtls_test_wrap_psa_generate_random(
+ uint8_t *arg0_output,
+ size_t arg1_output_size)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg0_output, arg1_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_generate_random)(arg0_output, arg1_output_size);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg0_output, arg1_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_get_key_attributes */
+psa_status_t mbedtls_test_wrap_psa_get_key_attributes(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_key_attributes_t *arg1_attributes)
+{
+ psa_status_t status = (psa_get_key_attributes)(arg0_key, arg1_attributes);
+ return status;
+}
+
+/* Wrapper for psa_hash_abort */
+psa_status_t mbedtls_test_wrap_psa_hash_abort(
+ psa_hash_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_hash_abort)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_hash_clone */
+psa_status_t mbedtls_test_wrap_psa_hash_clone(
+ const psa_hash_operation_t *arg0_source_operation,
+ psa_hash_operation_t *arg1_target_operation)
+{
+ psa_status_t status = (psa_hash_clone)(arg0_source_operation, arg1_target_operation);
+ return status;
+}
+
+/* Wrapper for psa_hash_compare */
+psa_status_t mbedtls_test_wrap_psa_hash_compare(
+ psa_algorithm_t arg0_alg,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length,
+ const uint8_t *arg3_hash,
+ size_t arg4_hash_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_hash_compare)(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_hash_compute */
+psa_status_t mbedtls_test_wrap_psa_hash_compute(
+ psa_algorithm_t arg0_alg,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length,
+ uint8_t *arg3_hash,
+ size_t arg4_hash_size,
+ size_t *arg5_hash_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_hash_compute)(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_hash_finish */
+psa_status_t mbedtls_test_wrap_psa_hash_finish(
+ psa_hash_operation_t *arg0_operation,
+ uint8_t *arg1_hash,
+ size_t arg2_hash_size,
+ size_t *arg3_hash_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_hash, arg2_hash_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_hash_finish)(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_hash, arg2_hash_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_hash_setup */
+psa_status_t mbedtls_test_wrap_psa_hash_setup(
+ psa_hash_operation_t *arg0_operation,
+ psa_algorithm_t arg1_alg)
+{
+ psa_status_t status = (psa_hash_setup)(arg0_operation, arg1_alg);
+ return status;
+}
+
+/* Wrapper for psa_hash_update */
+psa_status_t mbedtls_test_wrap_psa_hash_update(
+ psa_hash_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_hash_update)(arg0_operation, arg1_input, arg2_input_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_hash_verify */
+psa_status_t mbedtls_test_wrap_psa_hash_verify(
+ psa_hash_operation_t *arg0_operation,
+ const uint8_t *arg1_hash,
+ size_t arg2_hash_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_hash, arg2_hash_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_hash_verify)(arg0_operation, arg1_hash, arg2_hash_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_hash, arg2_hash_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_import_key */
+psa_status_t mbedtls_test_wrap_psa_import_key(
+ const psa_key_attributes_t *arg0_attributes,
+ const uint8_t *arg1_data,
+ size_t arg2_data_length,
+ mbedtls_svc_key_id_t *arg3_key)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_import_key)(arg0_attributes, arg1_data, arg2_data_length, arg3_key);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_abort */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_abort(
+ psa_key_derivation_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_key_derivation_abort)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_get_capacity */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_get_capacity(
+ const psa_key_derivation_operation_t *arg0_operation,
+ size_t *arg1_capacity)
+{
+ psa_status_t status = (psa_key_derivation_get_capacity)(arg0_operation, arg1_capacity);
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_input_bytes */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_input_bytes(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_key_derivation_step_t arg1_step,
+ const uint8_t *arg2_data,
+ size_t arg3_data_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_data, arg3_data_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_key_derivation_input_bytes)(arg0_operation, arg1_step, arg2_data, arg3_data_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_data, arg3_data_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_input_integer */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_input_integer(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_key_derivation_step_t arg1_step,
+ uint64_t arg2_value)
+{
+ psa_status_t status = (psa_key_derivation_input_integer)(arg0_operation, arg1_step, arg2_value);
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_input_key */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_input_key(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_key_derivation_step_t arg1_step,
+ mbedtls_svc_key_id_t arg2_key)
+{
+ psa_status_t status = (psa_key_derivation_input_key)(arg0_operation, arg1_step, arg2_key);
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_key_agreement */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_key_agreement(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_key_derivation_step_t arg1_step,
+ mbedtls_svc_key_id_t arg2_private_key,
+ const uint8_t *arg3_peer_key,
+ size_t arg4_peer_key_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg3_peer_key, arg4_peer_key_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_key_derivation_key_agreement)(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_peer_key, arg4_peer_key_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_output_bytes */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_output_bytes(
+ psa_key_derivation_operation_t *arg0_operation,
+ uint8_t *arg1_output,
+ size_t arg2_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_output, arg2_output_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_key_derivation_output_bytes)(arg0_operation, arg1_output, arg2_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_output, arg2_output_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_output_key */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key(
+ const psa_key_attributes_t *arg0_attributes,
+ psa_key_derivation_operation_t *arg1_operation,
+ mbedtls_svc_key_id_t *arg2_key)
+{
+ psa_status_t status = (psa_key_derivation_output_key)(arg0_attributes, arg1_operation, arg2_key);
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_output_key_ext */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_ext(
+ const psa_key_attributes_t *arg0_attributes,
+ psa_key_derivation_operation_t *arg1_operation,
+ const psa_key_production_parameters_t *arg2_params,
+ size_t arg3_params_data_length,
+ mbedtls_svc_key_id_t *arg4_key)
+{
+ psa_status_t status = (psa_key_derivation_output_key_ext)(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key);
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_set_capacity */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_set_capacity(
+ psa_key_derivation_operation_t *arg0_operation,
+ size_t arg1_capacity)
+{
+ psa_status_t status = (psa_key_derivation_set_capacity)(arg0_operation, arg1_capacity);
+ return status;
+}
+
+/* Wrapper for psa_key_derivation_setup */
+psa_status_t mbedtls_test_wrap_psa_key_derivation_setup(
+ psa_key_derivation_operation_t *arg0_operation,
+ psa_algorithm_t arg1_alg)
+{
+ psa_status_t status = (psa_key_derivation_setup)(arg0_operation, arg1_alg);
+ return status;
+}
+
+/* Wrapper for psa_mac_abort */
+psa_status_t mbedtls_test_wrap_psa_mac_abort(
+ psa_mac_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_mac_abort)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_mac_compute */
+psa_status_t mbedtls_test_wrap_psa_mac_compute(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ uint8_t *arg4_mac,
+ size_t arg5_mac_size,
+ size_t *arg6_mac_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_mac, arg5_mac_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_mac_compute)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_mac, arg5_mac_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_mac_sign_finish */
+psa_status_t mbedtls_test_wrap_psa_mac_sign_finish(
+ psa_mac_operation_t *arg0_operation,
+ uint8_t *arg1_mac,
+ size_t arg2_mac_size,
+ size_t *arg3_mac_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_mac, arg2_mac_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_mac_sign_finish)(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_mac, arg2_mac_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_mac_sign_setup */
+psa_status_t mbedtls_test_wrap_psa_mac_sign_setup(
+ psa_mac_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg)
+{
+ psa_status_t status = (psa_mac_sign_setup)(arg0_operation, arg1_key, arg2_alg);
+ return status;
+}
+
+/* Wrapper for psa_mac_update */
+psa_status_t mbedtls_test_wrap_psa_mac_update(
+ psa_mac_operation_t *arg0_operation,
+ const uint8_t *arg1_input,
+ size_t arg2_input_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_mac_update)(arg0_operation, arg1_input, arg2_input_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_mac_verify */
+psa_status_t mbedtls_test_wrap_psa_mac_verify(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ const uint8_t *arg4_mac,
+ size_t arg5_mac_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_mac, arg5_mac_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_mac_verify)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_mac, arg5_mac_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_mac_verify_finish */
+psa_status_t mbedtls_test_wrap_psa_mac_verify_finish(
+ psa_mac_operation_t *arg0_operation,
+ const uint8_t *arg1_mac,
+ size_t arg2_mac_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_mac, arg2_mac_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_mac_verify_finish)(arg0_operation, arg1_mac, arg2_mac_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_mac, arg2_mac_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_mac_verify_setup */
+psa_status_t mbedtls_test_wrap_psa_mac_verify_setup(
+ psa_mac_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg)
+{
+ psa_status_t status = (psa_mac_verify_setup)(arg0_operation, arg1_key, arg2_alg);
+ return status;
+}
+
+/* Wrapper for psa_pake_abort */
+psa_status_t mbedtls_test_wrap_psa_pake_abort(
+ psa_pake_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_pake_abort)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_pake_get_implicit_key */
+psa_status_t mbedtls_test_wrap_psa_pake_get_implicit_key(
+ psa_pake_operation_t *arg0_operation,
+ psa_key_derivation_operation_t *arg1_output)
+{
+ psa_status_t status = (psa_pake_get_implicit_key)(arg0_operation, arg1_output);
+ return status;
+}
+
+/* Wrapper for psa_pake_input */
+psa_status_t mbedtls_test_wrap_psa_pake_input(
+ psa_pake_operation_t *arg0_operation,
+ psa_pake_step_t arg1_step,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_pake_input)(arg0_operation, arg1_step, arg2_input, arg3_input_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_pake_output */
+psa_status_t mbedtls_test_wrap_psa_pake_output(
+ psa_pake_operation_t *arg0_operation,
+ psa_pake_step_t arg1_step,
+ uint8_t *arg2_output,
+ size_t arg3_output_size,
+ size_t *arg4_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_output, arg3_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_pake_output)(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_output, arg3_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_pake_set_password_key */
+psa_status_t mbedtls_test_wrap_psa_pake_set_password_key(
+ psa_pake_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_password)
+{
+ psa_status_t status = (psa_pake_set_password_key)(arg0_operation, arg1_password);
+ return status;
+}
+
+/* Wrapper for psa_pake_set_peer */
+psa_status_t mbedtls_test_wrap_psa_pake_set_peer(
+ psa_pake_operation_t *arg0_operation,
+ const uint8_t *arg1_peer_id,
+ size_t arg2_peer_id_len)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_peer_id, arg2_peer_id_len);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_pake_set_peer)(arg0_operation, arg1_peer_id, arg2_peer_id_len);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_peer_id, arg2_peer_id_len);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_pake_set_role */
+psa_status_t mbedtls_test_wrap_psa_pake_set_role(
+ psa_pake_operation_t *arg0_operation,
+ psa_pake_role_t arg1_role)
+{
+ psa_status_t status = (psa_pake_set_role)(arg0_operation, arg1_role);
+ return status;
+}
+
+/* Wrapper for psa_pake_set_user */
+psa_status_t mbedtls_test_wrap_psa_pake_set_user(
+ psa_pake_operation_t *arg0_operation,
+ const uint8_t *arg1_user_id,
+ size_t arg2_user_id_len)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_user_id, arg2_user_id_len);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_pake_set_user)(arg0_operation, arg1_user_id, arg2_user_id_len);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_user_id, arg2_user_id_len);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_pake_setup */
+psa_status_t mbedtls_test_wrap_psa_pake_setup(
+ psa_pake_operation_t *arg0_operation,
+ const psa_pake_cipher_suite_t *arg1_cipher_suite)
+{
+ psa_status_t status = (psa_pake_setup)(arg0_operation, arg1_cipher_suite);
+ return status;
+}
+
+/* Wrapper for psa_purge_key */
+psa_status_t mbedtls_test_wrap_psa_purge_key(
+ mbedtls_svc_key_id_t arg0_key)
+{
+ psa_status_t status = (psa_purge_key)(arg0_key);
+ return status;
+}
+
+/* Wrapper for psa_raw_key_agreement */
+psa_status_t mbedtls_test_wrap_psa_raw_key_agreement(
+ psa_algorithm_t arg0_alg,
+ mbedtls_svc_key_id_t arg1_private_key,
+ const uint8_t *arg2_peer_key,
+ size_t arg3_peer_key_length,
+ uint8_t *arg4_output,
+ size_t arg5_output_size,
+ size_t *arg6_output_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_peer_key, arg3_peer_key_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_raw_key_agreement)(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_peer_key, arg3_peer_key_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_sign_hash */
+psa_status_t mbedtls_test_wrap_psa_sign_hash(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_hash,
+ size_t arg3_hash_length,
+ uint8_t *arg4_signature,
+ size_t arg5_signature_size,
+ size_t *arg6_signature_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_hash, arg3_hash_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_sign_hash)(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_hash, arg3_hash_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_sign_hash_abort */
+psa_status_t mbedtls_test_wrap_psa_sign_hash_abort(
+ psa_sign_hash_interruptible_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_sign_hash_abort)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_sign_hash_complete */
+psa_status_t mbedtls_test_wrap_psa_sign_hash_complete(
+ psa_sign_hash_interruptible_operation_t *arg0_operation,
+ uint8_t *arg1_signature,
+ size_t arg2_signature_size,
+ size_t *arg3_signature_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg1_signature, arg2_signature_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_sign_hash_complete)(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg1_signature, arg2_signature_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_sign_hash_start */
+psa_status_t mbedtls_test_wrap_psa_sign_hash_start(
+ psa_sign_hash_interruptible_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg,
+ const uint8_t *arg3_hash,
+ size_t arg4_hash_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_sign_hash_start)(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_sign_message */
+psa_status_t mbedtls_test_wrap_psa_sign_message(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ uint8_t *arg4_signature,
+ size_t arg5_signature_size,
+ size_t *arg6_signature_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_sign_message)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_size);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_verify_hash */
+psa_status_t mbedtls_test_wrap_psa_verify_hash(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_hash,
+ size_t arg3_hash_length,
+ const uint8_t *arg4_signature,
+ size_t arg5_signature_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_hash, arg3_hash_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_verify_hash)(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_hash, arg3_hash_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_verify_hash_abort */
+psa_status_t mbedtls_test_wrap_psa_verify_hash_abort(
+ psa_verify_hash_interruptible_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_verify_hash_abort)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_verify_hash_complete */
+psa_status_t mbedtls_test_wrap_psa_verify_hash_complete(
+ psa_verify_hash_interruptible_operation_t *arg0_operation)
+{
+ psa_status_t status = (psa_verify_hash_complete)(arg0_operation);
+ return status;
+}
+
+/* Wrapper for psa_verify_hash_start */
+psa_status_t mbedtls_test_wrap_psa_verify_hash_start(
+ psa_verify_hash_interruptible_operation_t *arg0_operation,
+ mbedtls_svc_key_id_t arg1_key,
+ psa_algorithm_t arg2_alg,
+ const uint8_t *arg3_hash,
+ size_t arg4_hash_length,
+ const uint8_t *arg5_signature,
+ size_t arg6_signature_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg5_signature, arg6_signature_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_verify_hash_start)(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg5_signature, arg6_signature_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+/* Wrapper for psa_verify_message */
+psa_status_t mbedtls_test_wrap_psa_verify_message(
+ mbedtls_svc_key_id_t arg0_key,
+ psa_algorithm_t arg1_alg,
+ const uint8_t *arg2_input,
+ size_t arg3_input_length,
+ const uint8_t *arg4_signature,
+ size_t arg5_signature_length)
+{
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ psa_status_t status = (psa_verify_message)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length);
+#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_length);
+#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */
+ return status;
+}
+
+#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \
+ !defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+
+/* End of automatically generated file. */
diff --git a/tests/src/random.c b/tests/src/random.c
new file mode 100644
index 0000000..d041f36
--- /dev/null
+++ b/tests/src/random.c
@@ -0,0 +1,136 @@
+/**
+ * \file random.c
+ *
+ * \brief This file contains the helper functions to generate random numbers
+ * for the purpose of testing.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * for arc4random_buf() from <stdlib.h>
+ */
+#if defined(__NetBSD__)
+#define _NETBSD_SOURCE 1
+#elif defined(__OpenBSD__)
+#define _BSD_SOURCE 1
+#endif
+
+#include <test/macros.h>
+#include <test/random.h>
+#include <string.h>
+
+#include <mbedtls/entropy.h>
+#include <alignment.h>
+
+int mbedtls_test_rnd_std_rand(void *rng_state,
+ unsigned char *output,
+ size_t len)
+{
+#if !defined(__OpenBSD__) && !defined(__NetBSD__)
+ size_t i;
+
+ if (rng_state != NULL) {
+ rng_state = NULL;
+ }
+
+ for (i = 0; i < len; ++i) {
+ output[i] = rand();
+ }
+#else
+ if (rng_state != NULL) {
+ rng_state = NULL;
+ }
+
+ arc4random_buf(output, len);
+#endif /* !OpenBSD && !NetBSD */
+
+ return 0;
+}
+
+int mbedtls_test_rnd_zero_rand(void *rng_state,
+ unsigned char *output,
+ size_t len)
+{
+ if (rng_state != NULL) {
+ rng_state = NULL;
+ }
+
+ memset(output, 0, len);
+
+ return 0;
+}
+
+int mbedtls_test_rnd_buffer_rand(void *rng_state,
+ unsigned char *output,
+ size_t len)
+{
+ mbedtls_test_rnd_buf_info *info = (mbedtls_test_rnd_buf_info *) rng_state;
+ size_t use_len;
+
+ if (rng_state == NULL) {
+ return mbedtls_test_rnd_std_rand(NULL, output, len);
+ }
+
+ use_len = len;
+ if (len > info->length) {
+ use_len = info->length;
+ }
+
+ if (use_len) {
+ memcpy(output, info->buf, use_len);
+ info->buf += use_len;
+ info->length -= use_len;
+ }
+
+ if (len - use_len > 0) {
+ if (info->fallback_f_rng != NULL) {
+ return info->fallback_f_rng(info->fallback_p_rng,
+ output + use_len,
+ len - use_len);
+ } else {
+ return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+ }
+ }
+
+ return 0;
+}
+
+int mbedtls_test_rnd_pseudo_rand(void *rng_state,
+ unsigned char *output,
+ size_t len)
+{
+ mbedtls_test_rnd_pseudo_info *info =
+ (mbedtls_test_rnd_pseudo_info *) rng_state;
+ uint32_t i, *k, sum, delta = 0x9E3779B9;
+ unsigned char result[4], *out = output;
+
+ if (rng_state == NULL) {
+ return mbedtls_test_rnd_std_rand(NULL, output, len);
+ }
+
+ k = info->key;
+
+ while (len > 0) {
+ size_t use_len = (len > 4) ? 4 : len;
+ sum = 0;
+
+ for (i = 0; i < 32; i++) {
+ info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5))
+ + info->v1) ^ (sum + k[sum & 3]);
+ sum += delta;
+ info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5))
+ + info->v0) ^ (sum + k[(sum>>11) & 3]);
+ }
+
+ MBEDTLS_PUT_UINT32_BE(info->v0, result, 0);
+ memcpy(out, result, use_len);
+ len -= use_len;
+ out += 4;
+ }
+
+ return 0;
+}
diff --git a/tests/src/test_certs.h b/tests/src/test_certs.h
new file mode 100644
index 0000000..b313ea8
--- /dev/null
+++ b/tests/src/test_certs.h
@@ -0,0 +1,1226 @@
+/*
+ * X.509 test certificates
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */
+/* *INDENT-OFF* */
+
+/* This is taken from test-ca2.crt. */
+/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM test-ca2.crt */
+#define TEST_CA_CRT_EC_PEM \
+ "-----BEGIN CERTIFICATE-----\r\n" \
+ "MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \
+ "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \
+ "IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n" \
+ "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \
+ "IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n" \
+ "4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n" \
+ "6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD\r\n" \
+ "AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd\r\n" \
+ "bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq\r\n" \
+ "6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29\r\n" \
+ "N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==\r\n" \
+ "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from test-ca2.crt.der. */
+/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER test-ca2.crt.der */
+#define TEST_CA_CRT_EC_DER { \
+ 0x30, 0x82, 0x02, 0x07, 0x30, 0x82, 0x01, 0x8b, 0xa0, 0x03, 0x02, 0x01, \
+ 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \
+ 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \
+ 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \
+ 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \
+ 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+ 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \
+ 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \
+ 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \
+ 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \
+ 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \
+ 0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \
+ 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \
+ 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+ 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \
+ 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \
+ 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \
+ 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \
+ 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \
+ 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \
+ 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \
+ 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \
+ 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \
+ 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \
+ 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \
+ 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x53, 0x30, 0x51, 0x30, 0x0f, \
+ 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, \
+ 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \
+ 0x04, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, \
+ 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, \
+ 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, \
+ 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \
+ 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, \
+ 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, \
+ 0x30, 0x65, 0x02, 0x31, 0x00, 0xe9, 0x35, 0x67, 0xc1, 0x22, 0x5c, 0xea, \
+ 0xeb, 0x15, 0x76, 0x53, 0x04, 0x03, 0xff, 0x56, 0x06, 0xcf, 0xd7, 0xd0, \
+ 0x50, 0xce, 0xc0, 0x7c, 0xd2, 0xb3, 0x55, 0xad, 0x8f, 0x54, 0x1a, 0x5f, \
+ 0xfd, 0x00, 0xf5, 0x4c, 0x0c, 0xa5, 0x4d, 0x84, 0xc5, 0xe0, 0x62, 0x3a, \
+ 0xaa, 0x56, 0xfa, 0x10, 0xf6, 0x02, 0x30, 0x5f, 0xd8, 0x55, 0xad, 0xbd, \
+ 0x37, 0x9c, 0x82, 0xd6, 0x61, 0x40, 0x8a, 0xbd, 0x7d, 0x8d, 0xbf, 0x4f, \
+ 0x97, 0xd8, 0xa2, 0x22, 0x44, 0x66, 0xd7, 0xb7, 0x4c, 0xe3, 0x2e, 0xa6, \
+ 0xe5, 0x52, 0x0c, 0x7a, 0x91, 0x0f, 0x9b, 0xf5, 0x65, 0x58, 0x06, 0xbc, \
+ 0x1f, 0x9a, 0x75, 0xf8, 0x13, 0xdb, 0x1b \
+}
+/* END FILE */
+
+/* This is taken from test-ca2.key.enc. */
+/* BEGIN FILE string macro TEST_CA_KEY_EC_PEM test-ca2.key.enc */
+#define TEST_CA_KEY_EC_PEM \
+ "-----BEGIN EC PRIVATE KEY-----\r\n" \
+ "Proc-Type: 4,ENCRYPTED\r\n" \
+ "DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n" \
+ "\r\n" \
+ "IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n" \
+ "ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n" \
+ "UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n" \
+ "a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n" \
+ "-----END EC PRIVATE KEY-----\r\n"
+/* END FILE */
+
+#define TEST_CA_PWD_EC_PEM "PolarSSLTest"
+
+/* This is generated from test-ca2.key.der. */
+/* BEGIN FILE binary macro TEST_CA_KEY_EC_DER test-ca2.key.der */
+#define TEST_CA_KEY_EC_DER { \
+ 0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e, \
+ 0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6, \
+ 0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f, \
+ 0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85, \
+ 0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05, \
+ 0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3, \
+ 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, \
+ 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, \
+ 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, \
+ 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, \
+ 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, \
+ 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, \
+ 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, \
+ 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e \
+}
+/* END FILE */
+
+/* This is taken from test-ca-sha256.crt. */
+/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA256_PEM test-ca-sha256.crt */
+#define TEST_CA_CRT_RSA_SHA256_PEM \
+ "-----BEGIN CERTIFICATE-----\r\n" \
+ "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+ "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+ "MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+ "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \
+ "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \
+ "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \
+ "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \
+ "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \
+ "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \
+ "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \
+ "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \
+ "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA\r\n" \
+ "A4IBAQA4qFSCth2q22uJIdE4KGHJsJjVEfw2/xn+MkTvCMfxVrvmRvqCtjE4tKDl\r\n" \
+ "oK4MxFOek07oDZwvtAT9ijn1hHftTNS7RH9zd/fxNpfcHnMZXVC4w4DNA1fSANtW\r\n" \
+ "5sY1JB5Je9jScrsLSS+mAjyv0Ow3Hb2Bix8wu7xNNrV5fIf7Ubm+wt6SqEBxu3Kb\r\n" \
+ "+EfObAT4huf3czznhH3C17ed6NSbXwoXfby7stWUDeRJv08RaFOykf/Aae7bY5PL\r\n" \
+ "yTVrkAnikMntJ9YI+hNNYt3inqq11A5cN0+rVTst8UKCxzQ4GpvroSwPKTFkbMw4\r\n" \
+ "/anT1dVxr/BtwJfiESoK3/4CeXR1\r\n" \
+ "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from test-ca-sha256.crt.der. */
+/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER test-ca-sha256.crt.der */
+#define TEST_CA_CRT_RSA_SHA256_DER { \
+ 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \
+ 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
+ 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \
+ 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \
+ 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \
+ 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \
+ 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+ 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
+ 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \
+ 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \
+ 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+ 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+ 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \
+ 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \
+ 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \
+ 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \
+ 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \
+ 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \
+ 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \
+ 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \
+ 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \
+ 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \
+ 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \
+ 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \
+ 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \
+ 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \
+ 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \
+ 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \
+ 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \
+ 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \
+ 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \
+ 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \
+ 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \
+ 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \
+ 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \
+ 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \
+ 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \
+ 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \
+ 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \
+ 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \
+ 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \
+ 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \
+ 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \
+ 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, \
+ 0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa, \
+ 0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5, \
+ 0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1, \
+ 0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5, \
+ 0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f, \
+ 0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb, \
+ 0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19, \
+ 0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56, \
+ 0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b, \
+ 0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81, \
+ 0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb, \
+ 0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b, \
+ 0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7, \
+ 0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17, \
+ 0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11, \
+ 0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb, \
+ 0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08, \
+ 0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c, \
+ 0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38, \
+ 0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38, \
+ 0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2, \
+ 0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75 \
+}
+/* END FILE */
+
+/* This is taken from test-ca-sha1.crt. */
+/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA1_PEM test-ca-sha1.crt */
+#define TEST_CA_CRT_RSA_SHA1_PEM \
+ "-----BEGIN CERTIFICATE-----\r\n" \
+ "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+ "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+ "MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+ "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \
+ "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \
+ "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \
+ "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \
+ "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \
+ "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \
+ "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \
+ "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \
+ "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA\r\n" \
+ "A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL\r\n" \
+ "hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm\r\n" \
+ "8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD\r\n" \
+ "zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ\r\n" \
+ "0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/\r\n" \
+ "mtxyUALj2pQxRitopORFQdn7AOY5\r\n" \
+ "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from test-ca-sha1.crt.der. */
+/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER test-ca-sha1.crt.der */
+#define TEST_CA_CRT_RSA_SHA1_DER { \
+ 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \
+ 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
+ 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \
+ 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \
+ 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \
+ 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \
+ 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+ 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
+ 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \
+ 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \
+ 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+ 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+ 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \
+ 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \
+ 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \
+ 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \
+ 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \
+ 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \
+ 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \
+ 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \
+ 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \
+ 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \
+ 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \
+ 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \
+ 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \
+ 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \
+ 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \
+ 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \
+ 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \
+ 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \
+ 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \
+ 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \
+ 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \
+ 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \
+ 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \
+ 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \
+ 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \
+ 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \
+ 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \
+ 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \
+ 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \
+ 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \
+ 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \
+ 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, \
+ 0x03, 0x82, 0x01, 0x01, 0x00, 0x74, 0x66, 0x23, 0x51, 0x15, 0xd8, 0x9a, \
+ 0xea, 0x4b, 0x24, 0x68, 0xf9, 0xe1, 0xae, 0xa7, 0xa3, 0x21, 0x1a, 0xbc, \
+ 0x60, 0xc1, 0x06, 0x01, 0xfd, 0xa8, 0x20, 0xf9, 0xf2, 0x67, 0xbf, 0x31, \
+ 0xa3, 0x21, 0x11, 0x81, 0xcd, 0xf9, 0x94, 0x71, 0xb2, 0x32, 0xdb, 0x0b, \
+ 0x85, 0x68, 0x9c, 0x36, 0x33, 0xf8, 0x77, 0xf8, 0x52, 0xf4, 0x0b, 0x38, \
+ 0x8f, 0x92, 0x80, 0xda, 0x07, 0x4d, 0x1a, 0x2e, 0x44, 0x4c, 0x0d, 0x57, \
+ 0xed, 0x2a, 0x30, 0x58, 0xe1, 0xac, 0xaf, 0x28, 0xaf, 0x4a, 0x93, 0x12, \
+ 0x1d, 0x5c, 0xb5, 0xf8, 0x77, 0x5f, 0x5a, 0x5b, 0x18, 0x40, 0xec, 0xe6, \
+ 0xf2, 0x8f, 0x9f, 0x69, 0x03, 0x54, 0x9b, 0xc5, 0xf3, 0x3d, 0x59, 0xad, \
+ 0xb5, 0xf0, 0x15, 0xb2, 0x9c, 0x5e, 0x1d, 0x2c, 0x49, 0x67, 0x7e, 0x8e, \
+ 0xa3, 0xe4, 0x16, 0x67, 0x9c, 0x19, 0x94, 0x22, 0x04, 0xca, 0x31, 0x1d, \
+ 0x2d, 0x42, 0x1d, 0xf9, 0x39, 0xb8, 0x07, 0x3d, 0xc1, 0xe6, 0x34, 0x43, \
+ 0xcd, 0x96, 0xbf, 0x49, 0xaa, 0x83, 0xa2, 0x4a, 0xba, 0xe8, 0xdd, 0xb3, \
+ 0xa5, 0xb8, 0x0a, 0x28, 0x09, 0x77, 0x19, 0x4d, 0x8e, 0xfb, 0xe7, 0xc1, \
+ 0xa8, 0xfd, 0x9d, 0x4a, 0x47, 0x50, 0xca, 0x49, 0x93, 0xc6, 0x12, 0xcb, \
+ 0x59, 0x13, 0x7c, 0x14, 0x9a, 0xa1, 0x60, 0x04, 0xf2, 0x42, 0x7b, 0x59, \
+ 0xd1, 0x04, 0xa2, 0xdd, 0x6f, 0x47, 0x7d, 0x26, 0x4f, 0x9c, 0x54, 0xdc, \
+ 0x3c, 0x85, 0xde, 0xa2, 0x23, 0xdd, 0xda, 0x92, 0xe5, 0xc6, 0xdd, 0x61, \
+ 0x66, 0xef, 0x1d, 0xc2, 0xcd, 0x8b, 0x4d, 0x71, 0x3a, 0xde, 0xe3, 0xfa, \
+ 0x30, 0xce, 0x0b, 0x1e, 0xf5, 0xb1, 0x8a, 0xe2, 0x5a, 0x5a, 0x43, 0xff, \
+ 0x9a, 0xdc, 0x72, 0x50, 0x02, 0xe3, 0xda, 0x94, 0x31, 0x46, 0x2b, 0x68, \
+ 0xa4, 0xe4, 0x45, 0x41, 0xd9, 0xfb, 0x00, 0xe6, 0x39 \
+}
+/* END FILE */
+
+/* This is taken from test-ca.key. */
+/* BEGIN FILE string macro TEST_CA_KEY_RSA_PEM test-ca.key */
+#define TEST_CA_KEY_RSA_PEM \
+ "-----BEGIN RSA PRIVATE KEY-----\r\n" \
+ "Proc-Type: 4,ENCRYPTED\r\n" \
+ "DEK-Info: AES-128-CBC,781840E6B804AE83D2AF71127C4CE314\r\n" \
+ "\r\n" \
+ "etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79\r\n" \
+ "NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO\r\n" \
+ "bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB\r\n" \
+ "skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV\r\n" \
+ "sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45\r\n" \
+ "U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G\r\n" \
+ "L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl\r\n" \
+ "UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC\r\n" \
+ "itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM\r\n" \
+ "sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB\r\n" \
+ "/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m\r\n" \
+ "1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV\r\n" \
+ "UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21\r\n" \
+ "7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG\r\n" \
+ "ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm\r\n" \
+ "cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W\r\n" \
+ "R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts\r\n" \
+ "EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP\r\n" \
+ "90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD\r\n" \
+ "gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR\r\n" \
+ "xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ\r\n" \
+ "0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp\r\n" \
+ "fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX\r\n" \
+ "9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H\r\n" \
+ "PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU\r\n" \
+ "-----END RSA PRIVATE KEY-----\r\n"
+/* END FILE */
+
+#define TEST_CA_PWD_RSA_PEM "PolarSSLTest"
+
+/* This is generated from test-ca.key.der. */
+/* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER test-ca.key.der */
+#define TEST_CA_KEY_RSA_DER { \
+ 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \
+ 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde, \
+ 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4, \
+ 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5, \
+ 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d, \
+ 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8, \
+ 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40, \
+ 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e, \
+ 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00, \
+ 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83, \
+ 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3, \
+ 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe, \
+ 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5, \
+ 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2, \
+ 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1, \
+ 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79, \
+ 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27, \
+ 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30, \
+ 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1, \
+ 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea, \
+ 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab, \
+ 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99, \
+ 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \
+ 0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84, \
+ 0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35, \
+ 0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7, \
+ 0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38, \
+ 0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c, \
+ 0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5, \
+ 0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab, \
+ 0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08, \
+ 0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10, \
+ 0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0, \
+ 0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e, \
+ 0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1, \
+ 0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88, \
+ 0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec, \
+ 0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02, \
+ 0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e, \
+ 0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76, \
+ 0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0, \
+ 0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f, \
+ 0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64, \
+ 0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50, \
+ 0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e, \
+ 0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3, \
+ 0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44, \
+ 0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd, \
+ 0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65, \
+ 0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d, \
+ 0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7, \
+ 0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd, \
+ 0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3, \
+ 0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16, \
+ 0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a, \
+ 0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b, \
+ 0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31, \
+ 0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3, \
+ 0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c, \
+ 0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79, \
+ 0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b, \
+ 0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13, \
+ 0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77, \
+ 0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79, \
+ 0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71, \
+ 0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7, \
+ 0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a, \
+ 0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75, \
+ 0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17, \
+ 0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf, \
+ 0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05, \
+ 0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14, \
+ 0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70, \
+ 0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7, \
+ 0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54, \
+ 0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a, \
+ 0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0, \
+ 0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90, \
+ 0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83, \
+ 0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22, \
+ 0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c, \
+ 0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23, \
+ 0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09, \
+ 0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab, \
+ 0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8, \
+ 0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b, \
+ 0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b, \
+ 0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c, \
+ 0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2, \
+ 0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68, \
+ 0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec, \
+ 0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32, \
+ 0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36, \
+ 0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30, \
+ 0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53, \
+ 0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32, \
+ 0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22, \
+ 0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0, \
+ 0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69, \
+ 0xa8, 0xc2, 0x8f, 0x0d \
+}
+/* END FILE */
+
+/* This is taken from server5.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM server5.crt */
+#define TEST_SRV_CRT_EC_PEM \
+ "-----BEGIN CERTIFICATE-----\r\n" \
+ "MIICIDCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+ "A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \
+ "MjMwNTE3MDcxMDM2WhcNMzMwNTE0MDcxMDM2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+ "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \
+ "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \
+ "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \
+ "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \
+ "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh\r\n" \
+ "clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \
+ "CCqGSM49BAMCA2kAMGYCMQDg6p7PPfr2+n7nGvya3pU4ust3k7Obk4/tZX+uHHRQ\r\n" \
+ "qaccsyULeFNzkyRvWHFeT5sCMQCzDJX79Ii7hILYza/iXWJe/BjJEE8MteCRGXDN\r\n" \
+ "06jC+BLgOH1KQV9ArqEh3AhOhEg=\r\n" \
+ "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from server5.crt.der. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER server5.crt.der */
+#define TEST_SRV_CRT_EC_DER { \
+ 0x30, 0x82, 0x02, 0x20, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \
+ 0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
+ 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+ 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+ 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \
+ 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
+ 0x32, 0x33, 0x30, 0x35, 0x31, 0x37, 0x30, 0x37, 0x31, 0x30, 0x33, 0x36, \
+ 0x5a, 0x17, 0x0d, 0x33, 0x33, 0x30, 0x35, 0x31, 0x34, 0x30, 0x37, 0x31, \
+ 0x30, 0x33, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+ 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+ 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \
+ 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \
+ 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \
+ 0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \
+ 0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \
+ 0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \
+ 0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \
+ 0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \
+ 0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \
+ 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \
+ 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \
+ 0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \
+ 0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \
+ 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \
+ 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \
+ 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
+ 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
+ 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \
+ 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \
+ 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \
+ 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \
+ 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x69, 0x00, \
+ 0x30, 0x66, 0x02, 0x31, 0x00, 0xe0, 0xea, 0x9e, 0xcf, 0x3d, 0xfa, 0xf6, \
+ 0xfa, 0x7e, 0xe7, 0x1a, 0xfc, 0x9a, 0xde, 0x95, 0x38, 0xba, 0xcb, 0x77, \
+ 0x93, 0xb3, 0x9b, 0x93, 0x8f, 0xed, 0x65, 0x7f, 0xae, 0x1c, 0x74, 0x50, \
+ 0xa9, 0xa7, 0x1c, 0xb3, 0x25, 0x0b, 0x78, 0x53, 0x73, 0x93, 0x24, 0x6f, \
+ 0x58, 0x71, 0x5e, 0x4f, 0x9b, 0x02, 0x31, 0x00, 0xb3, 0x0c, 0x95, 0xfb, \
+ 0xf4, 0x88, 0xbb, 0x84, 0x82, 0xd8, 0xcd, 0xaf, 0xe2, 0x5d, 0x62, 0x5e, \
+ 0xfc, 0x18, 0xc9, 0x10, 0x4f, 0x0c, 0xb5, 0xe0, 0x91, 0x19, 0x70, 0xcd, \
+ 0xd3, 0xa8, 0xc2, 0xf8, 0x12, 0xe0, 0x38, 0x7d, 0x4a, 0x41, 0x5f, 0x40, \
+ 0xae, 0xa1, 0x21, 0xdc, 0x08, 0x4e, 0x84, 0x48 \
+}
+/* END FILE */
+
+/* This is taken from server5.key. */
+/* BEGIN FILE string macro TEST_SRV_KEY_EC_PEM server5.key */
+#define TEST_SRV_KEY_EC_PEM \
+ "-----BEGIN EC PRIVATE KEY-----\r\n" \
+ "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" \
+ "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" \
+ "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n" \
+ "-----END EC PRIVATE KEY-----\r\n"
+/* END FILE */
+
+/* This is generated from server5.key.der. */
+/* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER server5.key.der */
+#define TEST_SRV_KEY_EC_DER { \
+ 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76, \
+ 0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a, \
+ 0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f, \
+ 0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \
+ 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56, \
+ 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20, \
+ 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7, \
+ 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff, \
+ 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b, \
+ 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed, \
+ 0xff \
+}
+/* END FILE */
+
+/* This is taken from server2-sha256.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA256_PEM server2-sha256.crt */
+#define TEST_SRV_CRT_RSA_SHA256_PEM \
+ "-----BEGIN CERTIFICATE-----\r\n" \
+ "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+ "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+ "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+ "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \
+ "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \
+ "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \
+ "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \
+ "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \
+ "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \
+ "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \
+ "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \
+ "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAC465FJh\r\n" \
+ "Pqel7zJngHIHJrqj/wVAxGAFOTF396XKATGAp+HRCqJ81Ry60CNK1jDzk8dv6M6U\r\n" \
+ "HoS7RIFiM/9rXQCbJfiPD5xMTejZp5n5UYHAmxsxDaazfA5FuBhkfokKK6jD4Eq9\r\n" \
+ "1C94xGKb6X4/VkaPF7cqoBBw/bHxawXc0UEPjqayiBpCYU/rJoVZgLqFVP7Px3sv\r\n" \
+ "a1nOrNx8rPPI1hJ+ZOg8maiPTxHZnBVLakSSLQy/sWeWyazO1RnrbxjrbgQtYKz0\r\n" \
+ "e3nwGpu1w13vfckFmUSBhHXH7AAS/HpKC4IH7G2GAk3+n8iSSN71sZzpxonQwVbo\r\n" \
+ "pMZqLmbBm/7WPLc=\r\n" \
+ "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from server2-sha256.crt.der. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER server2-sha256.crt.der */
+#define TEST_SRV_CRT_RSA_SHA256_DER { \
+ 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \
+ 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
+ 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \
+ 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \
+ 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \
+ 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \
+ 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+ 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
+ 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \
+ 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \
+ 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+ 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+ 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \
+ 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \
+ 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \
+ 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \
+ 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \
+ 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \
+ 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \
+ 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \
+ 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \
+ 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \
+ 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \
+ 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \
+ 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \
+ 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \
+ 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \
+ 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \
+ 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \
+ 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \
+ 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \
+ 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \
+ 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \
+ 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \
+ 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \
+ 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \
+ 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \
+ 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \
+ 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \
+ 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \
+ 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \
+ 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \
+ 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, \
+ 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61, \
+ 0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3, \
+ 0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca, \
+ 0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba, \
+ 0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94, \
+ 0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b, \
+ 0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9, \
+ 0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45, \
+ 0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd, \
+ 0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f, \
+ 0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc, \
+ 0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb, \
+ 0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f, \
+ 0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e, \
+ 0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b, \
+ 0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce, \
+ 0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4, \
+ 0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05, \
+ 0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a, \
+ 0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92, \
+ 0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8, \
+ 0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7 \
+}
+/* END FILE */
+
+/* This is taken from server2.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM server2.crt */
+#define TEST_SRV_CRT_RSA_SHA1_PEM \
+ "-----BEGIN CERTIFICATE-----\r\n" \
+ "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+ "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+ "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+ "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \
+ "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \
+ "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \
+ "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \
+ "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \
+ "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \
+ "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \
+ "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \
+ "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n" \
+ "cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n" \
+ "O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n" \
+ "KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n" \
+ "iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n" \
+ "HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n" \
+ "Awgk0+4m0T25cNs=\r\n" \
+ "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from server2.crt.der. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER server2.crt.der */
+#define TEST_SRV_CRT_RSA_SHA1_DER { \
+ 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \
+ 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
+ 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \
+ 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \
+ 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \
+ 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \
+ 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+ 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
+ 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \
+ 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \
+ 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+ 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+ 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \
+ 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \
+ 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \
+ 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \
+ 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \
+ 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \
+ 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \
+ 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \
+ 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \
+ 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \
+ 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \
+ 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \
+ 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \
+ 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \
+ 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \
+ 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \
+ 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \
+ 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \
+ 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \
+ 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \
+ 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \
+ 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \
+ 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \
+ 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \
+ 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \
+ 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \
+ 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \
+ 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \
+ 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \
+ 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \
+ 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, \
+ 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x99, 0x25, 0x83, 0x74, 0x38, \
+ 0x70, 0x1e, 0xef, 0xec, 0x1c, 0xec, 0xc4, 0xcf, 0xef, 0x2f, 0x22, 0x9c, \
+ 0x70, 0xee, 0xa8, 0xa7, 0x4f, 0xe0, 0x67, 0x33, 0x38, 0x82, 0x1b, 0x8b, \
+ 0xab, 0x66, 0x37, 0xda, 0x49, 0x74, 0xb0, 0xce, 0xa4, 0x48, 0xd5, 0x14, \
+ 0x99, 0xdb, 0xae, 0xab, 0x7b, 0xbf, 0xf8, 0x69, 0x94, 0x64, 0xdd, 0x80, \
+ 0x3b, 0xfe, 0xdc, 0xf8, 0x7c, 0x3b, 0x84, 0x31, 0x44, 0x22, 0xf6, 0x64, \
+ 0xf7, 0xc6, 0x81, 0x1a, 0x30, 0x8b, 0xaa, 0x7d, 0xc3, 0x9a, 0x01, 0xc8, \
+ 0xbf, 0xc4, 0xe8, 0x43, 0xae, 0xe7, 0x7a, 0x59, 0x50, 0xc7, 0x1d, 0x94, \
+ 0x8f, 0x7d, 0x3d, 0x3d, 0xd8, 0x23, 0x36, 0x2f, 0xeb, 0xf4, 0x73, 0x9c, \
+ 0x28, 0xd0, 0x18, 0x3d, 0xb0, 0x5c, 0x83, 0xa3, 0x09, 0x19, 0x65, 0xa3, \
+ 0xd9, 0x32, 0x3a, 0xbc, 0xd6, 0x9c, 0x7a, 0x2a, 0x2c, 0xfc, 0x38, 0x4e, \
+ 0x63, 0x1e, 0x55, 0xd2, 0x3e, 0x67, 0x7e, 0xa4, 0x89, 0xfe, 0x99, 0xd4, \
+ 0xd2, 0x0f, 0x48, 0x82, 0x7d, 0x8b, 0x02, 0x18, 0x18, 0xa4, 0x62, 0x44, \
+ 0x88, 0x43, 0x3d, 0xc1, 0x6e, 0xe1, 0x10, 0xc9, 0x30, 0x9a, 0x4d, 0x21, \
+ 0xfe, 0xca, 0x99, 0xb2, 0xb2, 0x6c, 0x18, 0x7e, 0x58, 0xb0, 0x5f, 0xd5, \
+ 0x4e, 0x14, 0xaa, 0xfc, 0x95, 0x4e, 0xd5, 0xed, 0xa6, 0x64, 0x7d, 0xaf, \
+ 0xae, 0xec, 0x99, 0x28, 0x95, 0x41, 0xab, 0xef, 0x2d, 0x0c, 0xd6, 0x29, \
+ 0x1e, 0x42, 0xba, 0xb5, 0x2c, 0x95, 0x61, 0x08, 0x73, 0x22, 0xdd, 0xd2, \
+ 0xb4, 0xc2, 0x56, 0x28, 0xc9, 0x7f, 0xa3, 0x99, 0x36, 0x01, 0x8c, 0xfa, \
+ 0xb5, 0x20, 0xb5, 0xeb, 0x8f, 0xb5, 0xa0, 0x6f, 0x8c, 0x2f, 0x72, 0xd6, \
+ 0x83, 0xc5, 0xeb, 0x18, 0xa6, 0xbd, 0xd4, 0x7e, 0x14, 0x38, 0xa6, 0xa9, \
+ 0x03, 0x08, 0x24, 0xd3, 0xee, 0x26, 0xd1, 0x3d, 0xb9, 0x70, 0xdb \
+}
+/* END FILE */
+
+/* This is taken from server2.key. */
+/* BEGIN FILE string macro TEST_SRV_KEY_RSA_PEM server2.key */
+#define TEST_SRV_KEY_RSA_PEM \
+ "-----BEGIN RSA PRIVATE KEY-----\r\n" \
+ "MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" \
+ "lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" \
+ "2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n" \
+ "Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n" \
+ "GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n" \
+ "y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n" \
+ "++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n" \
+ "Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n" \
+ "/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n" \
+ "WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n" \
+ "GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n" \
+ "TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n" \
+ "CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n" \
+ "nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n" \
+ "AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n" \
+ "sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n" \
+ "mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n" \
+ "BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n" \
+ "whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n" \
+ "vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n" \
+ "3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n" \
+ "3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n" \
+ "ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n" \
+ "4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n" \
+ "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n" \
+ "-----END RSA PRIVATE KEY-----\r\n"
+/* END FILE */
+
+/* This is generated from server2.key.der. */
+/* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER server2.key.der */
+#define TEST_SRV_KEY_RSA_DER { \
+ 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \
+ 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, \
+ 0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, \
+ 0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, \
+ 0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, \
+ 0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, \
+ 0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, \
+ 0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, \
+ 0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, \
+ 0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, \
+ 0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, \
+ 0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, \
+ 0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, \
+ 0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, \
+ 0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, \
+ 0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, \
+ 0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, \
+ 0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, \
+ 0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, \
+ 0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, \
+ 0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, \
+ 0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, \
+ 0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \
+ 0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59, \
+ 0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c, \
+ 0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7, \
+ 0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42, \
+ 0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86, \
+ 0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d, \
+ 0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf, \
+ 0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84, \
+ 0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19, \
+ 0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a, \
+ 0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8, \
+ 0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c, \
+ 0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26, \
+ 0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c, \
+ 0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5, \
+ 0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b, \
+ 0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde, \
+ 0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83, \
+ 0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4, \
+ 0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66, \
+ 0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a, \
+ 0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a, \
+ 0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba, \
+ 0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8, \
+ 0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc, \
+ 0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8, \
+ 0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca, \
+ 0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f, \
+ 0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a, \
+ 0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83, \
+ 0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8, \
+ 0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4, \
+ 0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae, \
+ 0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b, \
+ 0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7, \
+ 0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7, \
+ 0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20, \
+ 0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44, \
+ 0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86, \
+ 0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02, \
+ 0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac, \
+ 0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43, \
+ 0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42, \
+ 0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79, \
+ 0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c, \
+ 0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57, \
+ 0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c, \
+ 0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e, \
+ 0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f, \
+ 0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61, \
+ 0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb, \
+ 0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b, \
+ 0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb, \
+ 0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4, \
+ 0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47, \
+ 0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a, \
+ 0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c, \
+ 0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02, \
+ 0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26, \
+ 0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02, \
+ 0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f, \
+ 0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd, \
+ 0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73, \
+ 0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88, \
+ 0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03, \
+ 0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71, \
+ 0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00, \
+ 0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2, \
+ 0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47, \
+ 0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67, \
+ 0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2, \
+ 0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde, \
+ 0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4, \
+ 0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7, \
+ 0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c, \
+ 0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f, \
+ 0x06, 0x21, 0x2e, 0x56 \
+}
+/* END FILE */
+
+/* This is taken from cli2.crt. */
+/* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM cli2.crt */
+#define TEST_CLI_CRT_EC_PEM \
+ "-----BEGIN CERTIFICATE-----\r\n" \
+ "MIIB3zCCAWOgAwIBAgIBDTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw\r\n" \
+ "DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJTU0wgVGVzdCBFQyBDQTAe\r\n" \
+ "Fw0xOTAyMTAxNDQ0MDBaFw0yOTAyMTAxNDQ0MDBaMEExCzAJBgNVBAYTAk5MMREw\r\n" \
+ "DwYDVQQKDAhQb2xhclNTTDEfMB0GA1UEAwwWUG9sYXJTU0wgVGVzdCBDbGllbnQg\r\n" \
+ "MjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFflrrFz39Osu5O4gf8Sru7mU6zO\r\n" \
+ "VVP2NA7MLuNjJQvfmOLzXGA2lsDVGBRw5X+f1UtFGOWwbNVc+JaPh3Cj5MejTTBL\r\n" \
+ "MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMB8GA1Ud\r\n" \
+ "IwQYMBaAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8MAwGCCqGSM49BAMCBQADaAAwZQIx\r\n" \
+ "AMqme4DKMldUlplDET9Q6Eptre7uUWKhsLOF+zPkKDlfzpIkJYEFgcloDHGYw80u\r\n" \
+ "IgIwNftyPXsabTqMM7iEHgVpX/GRozKklY9yQI/5eoA6gGW7Y+imuGR/oao5ySOb\r\n" \
+ "a9Vk\r\n" \
+ "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from cli2.crt.der. */
+/* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER cli2.crt.der */
+#define TEST_CLI_CRT_EC_DER { \
+ 0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01, \
+ 0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
+ 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
+ 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
+ 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \
+ 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \
+ 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, \
+ 0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, \
+ 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, \
+ 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09, \
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
+ 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
+ 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, \
+ 0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \
+ 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, \
+ 0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, \
+ 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, \
+ 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac, \
+ 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce, \
+ 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf, \
+ 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70, \
+ 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, \
+ 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b, \
+ 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, \
+ 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00, \
+ 0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6, \
+ 0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, \
+ 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, \
+ 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, \
+ 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \
+ 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, \
+ 0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43, \
+ 0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1, \
+ 0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24, \
+ 0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e, \
+ 0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c, \
+ 0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4, \
+ 0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb, \
+ 0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b, \
+ 0x6b, 0xd5, 0x64 \
+}
+/* END FILE */
+
+/* This is taken from cli2.key. */
+/* BEGIN FILE string macro TEST_CLI_KEY_EC_PEM cli2.key */
+#define TEST_CLI_KEY_EC_PEM \
+ "-----BEGIN EC PRIVATE KEY-----\r\n" \
+ "MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" \
+ "AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" \
+ "wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n" \
+ "-----END EC PRIVATE KEY-----\r\n"
+/* END FILE */
+
+/* This is generated from cli2.key.der. */
+/* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER cli2.key.der */
+#define TEST_CLI_KEY_EC_DER { \
+ 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1, \
+ 0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0, \
+ 0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61, \
+ 0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \
+ 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, \
+ 0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, \
+ 0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, \
+ 0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, \
+ 0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, \
+ 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, \
+ 0xc7 \
+}
+/* END FILE */
+
+/* This is taken from cli-rsa-sha256.crt. */
+/* BEGIN FILE string macro TEST_CLI_CRT_RSA_PEM cli-rsa-sha256.crt */
+#define TEST_CLI_CRT_RSA_PEM \
+ "-----BEGIN CERTIFICATE-----\r\n" \
+ "MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+ "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+ "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+ "A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" \
+ "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" \
+ "M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" \
+ "1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" \
+ "MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" \
+ "4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" \
+ "/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" \
+ "o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" \
+ "BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC\r\n" \
+ "AQEAXidv1d4pLlBiKWED95rMycBdgDcgyNqJxakFkRfRyA2y1mlyTn7uBXRkNLY5\r\n" \
+ "ZFzK82GCjk2Q2OD4RZSCPAJJqLpHHU34t71ciffvy2KK81YvrxczRhMAE64i+qna\r\n" \
+ "yP3Td2XuWJR05PVPoSemsNELs9gWttdnYy3ce+EY2Y0n7Rsi7982EeLIAA7H6ca4\r\n" \
+ "2Es/NUH//JZJT32OP0doMxeDRA+vplkKqTLLWf7dX26LIriBkBaRCgR5Yv9LBPFc\r\n" \
+ "NOtpzu/LbrY7QFXKJMI+JXDudCsOn8KCmiA4d6Emisqfh3V3485l7HEQNcvLTxlD\r\n" \
+ "6zDQyi0/ykYUYZkwQTK1N2Nvlw==\r\n" \
+ "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from cli-rsa-sha256.crt.der. */
+/* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER cli-rsa-sha256.crt.der */
+#define TEST_CLI_CRT_RSA_DER { \
+ 0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01, \
+ 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
+ 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \
+ 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \
+ 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \
+ 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \
+ 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+ 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
+ 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \
+ 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \
+ 0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+ 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+ 0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+ 0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c, \
+ 0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, \
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, \
+ 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, \
+ 0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, \
+ 0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, \
+ 0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, \
+ 0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, \
+ 0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, \
+ 0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, \
+ 0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, \
+ 0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, \
+ 0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, \
+ 0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, \
+ 0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, \
+ 0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, \
+ 0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, \
+ 0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, \
+ 0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, \
+ 0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, \
+ 0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, \
+ 0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, \
+ 0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, \
+ 0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, \
+ 0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, \
+ 0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, \
+ 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, \
+ 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \
+ 0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e, \
+ 0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f, \
+ 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4, \
+ 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95, \
+ 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, \
+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, \
+ 0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62, \
+ 0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20, \
+ 0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2, \
+ 0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39, \
+ 0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8, \
+ 0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8, \
+ 0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f, \
+ 0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda, \
+ 0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f, \
+ 0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67, \
+ 0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22, \
+ 0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8, \
+ 0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e, \
+ 0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a, \
+ 0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81, \
+ 0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c, \
+ 0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca, \
+ 0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82, \
+ 0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77, \
+ 0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43, \
+ 0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30, \
+ 0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97 \
+}
+/* END FILE */
+
+/* This is taken from cli-rsa.key. */
+/* BEGIN FILE string macro TEST_CLI_KEY_RSA_PEM cli-rsa.key */
+#define TEST_CLI_KEY_RSA_PEM \
+ "-----BEGIN RSA PRIVATE KEY-----\r\n" \
+ "MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" \
+ "B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" \
+ "bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n" \
+ "Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n" \
+ "7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n" \
+ "dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n" \
+ "yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n" \
+ "4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n" \
+ "ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n" \
+ "zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n" \
+ "l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n" \
+ "DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n" \
+ "VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" \
+ "Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" \
+ "wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" \
+ "c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" \
+ "33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" \
+ "ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" \
+ "BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" \
+ "KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" \
+ "UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" \
+ "7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" \
+ "gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" \
+ "bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" \
+ "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" \
+ "-----END RSA PRIVATE KEY-----\r\n"
+/* END FILE */
+
+/* This is generated from cli-rsa.key.der. */
+/* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER cli-rsa.key.der */
+#define TEST_CLI_KEY_RSA_DER { \
+ 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \
+ 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14, \
+ 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d, \
+ 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85, \
+ 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e, \
+ 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49, \
+ 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77, \
+ 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5, \
+ 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea, \
+ 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9, \
+ 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5, \
+ 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d, \
+ 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c, \
+ 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad, \
+ 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8, \
+ 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7, \
+ 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4, \
+ 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35, \
+ 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b, \
+ 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf, \
+ 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71, \
+ 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd, \
+ 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \
+ 0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d, \
+ 0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c, \
+ 0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86, \
+ 0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97, \
+ 0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3, \
+ 0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d, \
+ 0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15, \
+ 0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6, \
+ 0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad, \
+ 0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1, \
+ 0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4, \
+ 0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e, \
+ 0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80, \
+ 0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40, \
+ 0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42, \
+ 0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2, \
+ 0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d, \
+ 0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54, \
+ 0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61, \
+ 0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea, \
+ 0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f, \
+ 0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf, \
+ 0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6, \
+ 0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67, \
+ 0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13, \
+ 0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda, \
+ 0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a, \
+ 0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42, \
+ 0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b, \
+ 0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36, \
+ 0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b, \
+ 0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f, \
+ 0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb, \
+ 0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee, \
+ 0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2, \
+ 0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48, \
+ 0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac, \
+ 0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92, \
+ 0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5, \
+ 0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e, \
+ 0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22, \
+ 0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2, \
+ 0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba, \
+ 0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7, \
+ 0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4, \
+ 0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61, \
+ 0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8, \
+ 0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4, \
+ 0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74, \
+ 0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f, \
+ 0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f, \
+ 0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc, \
+ 0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6, \
+ 0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91, \
+ 0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0, \
+ 0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23, \
+ 0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe, \
+ 0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb, \
+ 0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2, \
+ 0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34, \
+ 0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc, \
+ 0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39, \
+ 0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b, \
+ 0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69, \
+ 0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a, \
+ 0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6, \
+ 0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d, \
+ 0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c, \
+ 0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e, \
+ 0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6, \
+ 0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11, \
+ 0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02, \
+ 0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf, \
+ 0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65, \
+ 0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e, \
+ 0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64, \
+ 0x8b, 0x87, 0xc3, 0x00 \
+}
+/* END FILE */
+
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
new file mode 100644
index 0000000..55201c0
--- /dev/null
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -0,0 +1,2559 @@
+/** \file ssl_helpers.c
+ *
+ * \brief Helper functions to set up a TLS connection.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/ssl_helpers.h>
+#include "mbedtls/psa_util.h"
+
+#if defined(MBEDTLS_SSL_TLS_C)
+int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len)
+{
+ (void) p_rng;
+ for (size_t i = 0; i < output_len; i++) {
+ output[i] = rand();
+ }
+
+ return 0;
+}
+
+void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
+ const char *file, int line,
+ const char *str)
+{
+ mbedtls_test_ssl_log_pattern *p = (mbedtls_test_ssl_log_pattern *) ctx;
+
+ (void) level;
+ (void) line;
+ (void) file;
+
+ if (NULL != p &&
+ NULL != p->pattern &&
+ NULL != strstr(str, p->pattern)) {
+ p->counter++;
+ }
+}
+
+void mbedtls_test_init_handshake_options(
+ mbedtls_test_handshake_test_options *opts)
+{
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+ static int rng_seed = 0xBEEF;
+
+ srand(rng_seed);
+ rng_seed += 0xD0;
+#endif
+
+ memset(opts, 0, sizeof(*opts));
+
+ opts->cipher = "";
+ opts->client_min_version = MBEDTLS_SSL_VERSION_UNKNOWN;
+ opts->client_max_version = MBEDTLS_SSL_VERSION_UNKNOWN;
+ opts->server_min_version = MBEDTLS_SSL_VERSION_UNKNOWN;
+ opts->server_max_version = MBEDTLS_SSL_VERSION_UNKNOWN;
+ opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3;
+ opts->pk_alg = MBEDTLS_PK_RSA;
+ opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE;
+ opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE;
+ opts->cli_msg_len = 100;
+ opts->srv_msg_len = 100;
+ opts->expected_cli_fragments = 1;
+ opts->expected_srv_fragments = 1;
+ opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION;
+ opts->resize_buffers = 1;
+ opts->early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED;
+ opts->max_early_data_size = -1;
+#if defined(MBEDTLS_SSL_CACHE_C)
+ TEST_CALLOC(opts->cache, 1);
+ mbedtls_ssl_cache_init(opts->cache);
+#if defined(MBEDTLS_HAVE_TIME)
+ TEST_EQUAL(mbedtls_ssl_cache_get_timeout(opts->cache),
+ MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT);
+#endif
+exit:
+ return;
+#endif
+}
+
+void mbedtls_test_free_handshake_options(
+ mbedtls_test_handshake_test_options *opts)
+{
+#if defined(MBEDTLS_SSL_CACHE_C)
+ mbedtls_ssl_cache_free(opts->cache);
+ mbedtls_free(opts->cache);
+#else
+ (void) opts;
+#endif
+}
+
+#if defined(MBEDTLS_TEST_HOOKS)
+static void set_chk_buf_ptr_args(
+ mbedtls_ssl_chk_buf_ptr_args *args,
+ unsigned char *cur, unsigned char *end, size_t need)
+{
+ args->cur = cur;
+ args->end = end;
+ args->need = need;
+}
+
+static void reset_chk_buf_ptr_args(mbedtls_ssl_chk_buf_ptr_args *args)
+{
+ memset(args, 0, sizeof(*args));
+}
+#endif /* MBEDTLS_TEST_HOOKS */
+
+void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf)
+{
+ memset(buf, 0, sizeof(*buf));
+}
+
+int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf,
+ size_t capacity)
+{
+ buf->buffer = (unsigned char *) mbedtls_calloc(capacity,
+ sizeof(unsigned char));
+ if (NULL == buf->buffer) {
+ return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ }
+ buf->capacity = capacity;
+
+ return 0;
+}
+
+void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf)
+{
+ if (buf->buffer != NULL) {
+ mbedtls_free(buf->buffer);
+ }
+
+ memset(buf, 0, sizeof(*buf));
+}
+
+int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf,
+ const unsigned char *input, size_t input_len)
+{
+ size_t overflow = 0;
+
+ if ((buf == NULL) || (buf->buffer == NULL)) {
+ return -1;
+ }
+
+ /* Reduce input_len to a number that fits in the buffer. */
+ if ((buf->content_length + input_len) > buf->capacity) {
+ input_len = buf->capacity - buf->content_length;
+ }
+
+ if (input == NULL) {
+ return (input_len == 0) ? 0 : -1;
+ }
+
+ /* Check if the buffer has not come full circle and free space is not in
+ * the middle */
+ if (buf->start + buf->content_length < buf->capacity) {
+
+ /* Calculate the number of bytes that need to be placed at lower memory
+ * address */
+ if (buf->start + buf->content_length + input_len
+ > buf->capacity) {
+ overflow = (buf->start + buf->content_length + input_len)
+ % buf->capacity;
+ }
+
+ memcpy(buf->buffer + buf->start + buf->content_length, input,
+ input_len - overflow);
+ memcpy(buf->buffer, input + input_len - overflow, overflow);
+
+ } else {
+ /* The buffer has come full circle and free space is in the middle */
+ memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity,
+ input, input_len);
+ }
+
+ buf->content_length += input_len;
+ return (input_len > INT_MAX) ? INT_MAX : (int) input_len;
+}
+
+int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf,
+ unsigned char *output, size_t output_len)
+{
+ size_t overflow = 0;
+
+ if ((buf == NULL) || (buf->buffer == NULL)) {
+ return -1;
+ }
+
+ if (output == NULL && output_len == 0) {
+ return 0;
+ }
+
+ if (buf->content_length < output_len) {
+ output_len = buf->content_length;
+ }
+
+ /* Calculate the number of bytes that need to be drawn from lower memory
+ * address */
+ if (buf->start + output_len > buf->capacity) {
+ overflow = (buf->start + output_len) % buf->capacity;
+ }
+
+ if (output != NULL) {
+ memcpy(output, buf->buffer + buf->start, output_len - overflow);
+ memcpy(output + output_len - overflow, buf->buffer, overflow);
+ }
+
+ buf->content_length -= output_len;
+ buf->start = (buf->start + output_len) % buf->capacity;
+
+ return (output_len > INT_MAX) ? INT_MAX : (int) output_len;
+}
+
+int mbedtls_test_ssl_message_queue_setup(
+ mbedtls_test_ssl_message_queue *queue, size_t capacity)
+{
+ queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t));
+ if (NULL == queue->messages) {
+ return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ }
+
+ queue->capacity = (capacity > INT_MAX) ? INT_MAX : (int) capacity;
+ queue->pos = 0;
+ queue->num = 0;
+
+ return 0;
+}
+
+void mbedtls_test_ssl_message_queue_free(
+ mbedtls_test_ssl_message_queue *queue)
+{
+ if (queue == NULL) {
+ return;
+ }
+
+ if (queue->messages != NULL) {
+ mbedtls_free(queue->messages);
+ }
+
+ memset(queue, 0, sizeof(*queue));
+}
+
+int mbedtls_test_ssl_message_queue_push_info(
+ mbedtls_test_ssl_message_queue *queue, size_t len)
+{
+ int place;
+ if (queue == NULL) {
+ return MBEDTLS_TEST_ERROR_ARG_NULL;
+ }
+
+ if (queue->num >= queue->capacity) {
+ return MBEDTLS_ERR_SSL_WANT_WRITE;
+ }
+
+ place = (queue->pos + queue->num) % queue->capacity;
+ queue->messages[place] = len;
+ queue->num++;
+ return (len > INT_MAX) ? INT_MAX : (int) len;
+}
+
+int mbedtls_test_ssl_message_queue_pop_info(
+ mbedtls_test_ssl_message_queue *queue, size_t buf_len)
+{
+ size_t message_length;
+ if (queue == NULL) {
+ return MBEDTLS_TEST_ERROR_ARG_NULL;
+ }
+ if (queue->num == 0) {
+ return MBEDTLS_ERR_SSL_WANT_READ;
+ }
+
+ message_length = queue->messages[queue->pos];
+ queue->messages[queue->pos] = 0;
+ queue->num--;
+ queue->pos++;
+ queue->pos %= queue->capacity;
+ if (queue->pos < 0) {
+ queue->pos += queue->capacity;
+ }
+
+ return (message_length > INT_MAX && buf_len > INT_MAX) ? INT_MAX :
+ (message_length > buf_len) ? (int) buf_len : (int) message_length;
+}
+
+/*
+ * Take a peek on the info about the next message length from the queue.
+ * This will be the oldest inserted message length(fifo).
+ *
+ * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
+ * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
+ * \retval 0, if the peek was successful.
+ * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is
+ * too small to fit the message. In this case the \p msg_len will be
+ * set to the full message length so that the
+ * caller knows what portion of the message can be dropped.
+ */
+static int test_ssl_message_queue_peek_info(
+ mbedtls_test_ssl_message_queue *queue,
+ size_t buf_len, size_t *msg_len)
+{
+ if (queue == NULL || msg_len == NULL) {
+ return MBEDTLS_TEST_ERROR_ARG_NULL;
+ }
+ if (queue->num == 0) {
+ return MBEDTLS_ERR_SSL_WANT_READ;
+ }
+
+ *msg_len = queue->messages[queue->pos];
+ return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0;
+}
+
+void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket)
+{
+ memset(socket, 0, sizeof(*socket));
+}
+
+void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket)
+{
+ if (socket == NULL) {
+ return;
+ }
+
+ if (socket->input != NULL) {
+ mbedtls_test_ssl_buffer_free(socket->input);
+ mbedtls_free(socket->input);
+ }
+
+ if (socket->output != NULL) {
+ mbedtls_test_ssl_buffer_free(socket->output);
+ mbedtls_free(socket->output);
+ }
+
+ if (socket->peer != NULL) {
+ memset(socket->peer, 0, sizeof(*socket->peer));
+ }
+
+ memset(socket, 0, sizeof(*socket));
+}
+
+int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
+ mbedtls_test_mock_socket *peer2,
+ size_t bufsize)
+{
+ int ret = -1;
+
+ peer1->output =
+ (mbedtls_test_ssl_buffer *) mbedtls_calloc(
+ 1, sizeof(mbedtls_test_ssl_buffer));
+ if (peer1->output == NULL) {
+ ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ goto exit;
+ }
+ mbedtls_test_ssl_buffer_init(peer1->output);
+ if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer1->output, bufsize))) {
+ goto exit;
+ }
+
+ peer2->output =
+ (mbedtls_test_ssl_buffer *) mbedtls_calloc(
+ 1, sizeof(mbedtls_test_ssl_buffer));
+ if (peer2->output == NULL) {
+ ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ goto exit;
+ }
+ mbedtls_test_ssl_buffer_init(peer2->output);
+ if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer2->output, bufsize))) {
+ goto exit;
+ }
+
+ peer1->peer = peer2;
+ peer2->peer = peer1;
+ peer1->input = peer2->output;
+ peer2->input = peer1->output;
+
+ peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED;
+ ret = 0;
+
+exit:
+
+ if (ret != 0) {
+ mbedtls_test_mock_socket_close(peer1);
+ mbedtls_test_mock_socket_close(peer2);
+ }
+
+ return ret;
+}
+
+int mbedtls_test_mock_tcp_send_b(void *ctx,
+ const unsigned char *buf, size_t len)
+{
+ mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
+
+ if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) {
+ return -1;
+ }
+
+ return mbedtls_test_ssl_buffer_put(socket->output, buf, len);
+}
+
+int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len)
+{
+ mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
+
+ if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) {
+ return -1;
+ }
+
+ return mbedtls_test_ssl_buffer_get(socket->input, buf, len);
+}
+
+int mbedtls_test_mock_tcp_send_nb(void *ctx,
+ const unsigned char *buf, size_t len)
+{
+ mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
+
+ if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) {
+ return -1;
+ }
+
+ if (socket->output->capacity == socket->output->content_length) {
+ return MBEDTLS_ERR_SSL_WANT_WRITE;
+ }
+
+ return mbedtls_test_ssl_buffer_put(socket->output, buf, len);
+}
+
+int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len)
+{
+ mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
+
+ if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) {
+ return -1;
+ }
+
+ if (socket->input->content_length == 0) {
+ return MBEDTLS_ERR_SSL_WANT_READ;
+ }
+
+ return mbedtls_test_ssl_buffer_get(socket->input, buf, len);
+}
+
+void mbedtls_test_message_socket_init(
+ mbedtls_test_message_socket_context *ctx)
+{
+ ctx->queue_input = NULL;
+ ctx->queue_output = NULL;
+ ctx->socket = NULL;
+}
+
+int mbedtls_test_message_socket_setup(
+ mbedtls_test_ssl_message_queue *queue_input,
+ mbedtls_test_ssl_message_queue *queue_output,
+ size_t queue_capacity,
+ mbedtls_test_mock_socket *socket,
+ mbedtls_test_message_socket_context *ctx)
+{
+ int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity);
+ if (ret != 0) {
+ return ret;
+ }
+ ctx->queue_input = queue_input;
+ ctx->queue_output = queue_output;
+ ctx->socket = socket;
+ mbedtls_test_mock_socket_init(socket);
+
+ return 0;
+}
+
+void mbedtls_test_message_socket_close(
+ mbedtls_test_message_socket_context *ctx)
+{
+ if (ctx == NULL) {
+ return;
+ }
+
+ mbedtls_test_ssl_message_queue_free(ctx->queue_input);
+ mbedtls_test_mock_socket_close(ctx->socket);
+ memset(ctx, 0, sizeof(*ctx));
+}
+
+int mbedtls_test_mock_tcp_send_msg(void *ctx,
+ const unsigned char *buf, size_t len)
+{
+ mbedtls_test_ssl_message_queue *queue;
+ mbedtls_test_mock_socket *socket;
+ mbedtls_test_message_socket_context *context =
+ (mbedtls_test_message_socket_context *) ctx;
+
+ if (context == NULL || context->socket == NULL
+ || context->queue_output == NULL) {
+ return MBEDTLS_TEST_ERROR_CONTEXT_ERROR;
+ }
+
+ queue = context->queue_output;
+ socket = context->socket;
+
+ if (queue->num >= queue->capacity) {
+ return MBEDTLS_ERR_SSL_WANT_WRITE;
+ }
+
+ if (mbedtls_test_mock_tcp_send_b(socket, buf, len) != (int) len) {
+ return MBEDTLS_TEST_ERROR_SEND_FAILED;
+ }
+
+ return mbedtls_test_ssl_message_queue_push_info(queue, len);
+}
+
+int mbedtls_test_mock_tcp_recv_msg(void *ctx,
+ unsigned char *buf, size_t buf_len)
+{
+ mbedtls_test_ssl_message_queue *queue;
+ mbedtls_test_mock_socket *socket;
+ mbedtls_test_message_socket_context *context =
+ (mbedtls_test_message_socket_context *) ctx;
+ size_t drop_len = 0;
+ size_t msg_len;
+ int ret;
+
+ if (context == NULL || context->socket == NULL
+ || context->queue_input == NULL) {
+ return MBEDTLS_TEST_ERROR_CONTEXT_ERROR;
+ }
+
+ queue = context->queue_input;
+ socket = context->socket;
+
+ /* Peek first, so that in case of a socket error the data remains in
+ * the queue. */
+ ret = test_ssl_message_queue_peek_info(queue, buf_len, &msg_len);
+ if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) {
+ /* Calculate how much to drop */
+ drop_len = msg_len - buf_len;
+
+ /* Set the requested message len to be buffer length */
+ msg_len = buf_len;
+ } else if (ret != 0) {
+ return ret;
+ }
+
+ if (mbedtls_test_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) {
+ return MBEDTLS_TEST_ERROR_RECV_FAILED;
+ }
+
+ if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) {
+ /* Drop the remaining part of the message */
+ if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) !=
+ (int) drop_len) {
+ /* Inconsistent state - part of the message was read,
+ * and a part couldn't. Not much we can do here, but it should not
+ * happen in test environment, unless forced manually. */
+ }
+ }
+ mbedtls_test_ssl_message_queue_pop_info(queue, buf_len);
+
+ return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len;
+}
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+
+/*
+ * Deinitializes certificates from endpoint represented by \p ep.
+ */
+static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep)
+{
+ mbedtls_test_ssl_endpoint_certificate *cert = &(ep->cert);
+ if (cert != NULL) {
+ if (cert->ca_cert != NULL) {
+ mbedtls_x509_crt_free(cert->ca_cert);
+ mbedtls_free(cert->ca_cert);
+ cert->ca_cert = NULL;
+ }
+ if (cert->cert != NULL) {
+ mbedtls_x509_crt_free(cert->cert);
+ mbedtls_free(cert->cert);
+ cert->cert = NULL;
+ }
+ if (cert->pkey != NULL) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) {
+ psa_destroy_key(cert->pkey->priv_id);
+ }
+#endif
+ mbedtls_pk_free(cert->pkey);
+ mbedtls_free(cert->pkey);
+ cert->pkey = NULL;
+ }
+ }
+}
+
+int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
+ int pk_alg,
+ int opaque_alg, int opaque_alg2,
+ int opaque_usage)
+{
+ int i = 0;
+ int ret = -1;
+ mbedtls_test_ssl_endpoint_certificate *cert = NULL;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT;
+#endif
+
+ if (ep == NULL) {
+ return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+ }
+
+ cert = &(ep->cert);
+ TEST_CALLOC(cert->ca_cert, 1);
+ TEST_CALLOC(cert->cert, 1);
+ TEST_CALLOC(cert->pkey, 1);
+
+ mbedtls_x509_crt_init(cert->ca_cert);
+ mbedtls_x509_crt_init(cert->cert);
+ mbedtls_pk_init(cert->pkey);
+
+ /* Load the trusted CA */
+
+ for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) {
+ ret = mbedtls_x509_crt_parse_der(
+ cert->ca_cert,
+ (const unsigned char *) mbedtls_test_cas_der[i],
+ mbedtls_test_cas_der_len[i]);
+ TEST_ASSERT(ret == 0);
+ }
+
+ /* Load own certificate and private key */
+
+ if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) {
+ if (pk_alg == MBEDTLS_PK_RSA) {
+ ret = mbedtls_x509_crt_parse(
+ cert->cert,
+ (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der,
+ mbedtls_test_srv_crt_rsa_sha256_der_len);
+ TEST_ASSERT(ret == 0);
+
+ ret = mbedtls_pk_parse_key(
+ cert->pkey,
+ (const unsigned char *) mbedtls_test_srv_key_rsa_der,
+ mbedtls_test_srv_key_rsa_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL);
+ TEST_ASSERT(ret == 0);
+ } else {
+ ret = mbedtls_x509_crt_parse(
+ cert->cert,
+ (const unsigned char *) mbedtls_test_srv_crt_ec_der,
+ mbedtls_test_srv_crt_ec_der_len);
+ TEST_ASSERT(ret == 0);
+
+ ret = mbedtls_pk_parse_key(
+ cert->pkey,
+ (const unsigned char *) mbedtls_test_srv_key_ec_der,
+ mbedtls_test_srv_key_ec_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL);
+ TEST_ASSERT(ret == 0);
+ }
+ } else {
+ if (pk_alg == MBEDTLS_PK_RSA) {
+ ret = mbedtls_x509_crt_parse(
+ cert->cert,
+ (const unsigned char *) mbedtls_test_cli_crt_rsa_der,
+ mbedtls_test_cli_crt_rsa_der_len);
+ TEST_ASSERT(ret == 0);
+
+ ret = mbedtls_pk_parse_key(
+ cert->pkey,
+ (const unsigned char *) mbedtls_test_cli_key_rsa_der,
+ mbedtls_test_cli_key_rsa_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL);
+ TEST_ASSERT(ret == 0);
+ } else {
+ ret = mbedtls_x509_crt_parse(
+ cert->cert,
+ (const unsigned char *) mbedtls_test_cli_crt_ec_der,
+ mbedtls_test_cli_crt_ec_len);
+ TEST_ASSERT(ret == 0);
+
+ ret = mbedtls_pk_parse_key(
+ cert->pkey,
+ (const unsigned char *) mbedtls_test_cli_key_ec_der,
+ mbedtls_test_cli_key_ec_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL);
+ TEST_ASSERT(ret == 0);
+ }
+ }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if (opaque_alg != 0) {
+ psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
+ /* Use a fake key usage to get a successful initial guess for the PSA attributes. */
+ TEST_EQUAL(mbedtls_pk_get_psa_attributes(cert->pkey, PSA_KEY_USAGE_SIGN_HASH,
+ &key_attr), 0);
+ /* Then manually usage, alg and alg2 as requested by the test. */
+ psa_set_key_usage_flags(&key_attr, opaque_usage);
+ psa_set_key_algorithm(&key_attr, opaque_alg);
+ if (opaque_alg2 != PSA_ALG_NONE) {
+ psa_set_key_enrollment_algorithm(&key_attr, opaque_alg2);
+ }
+ TEST_EQUAL(mbedtls_pk_import_into_psa(cert->pkey, &key_attr, &key_slot), 0);
+ mbedtls_pk_free(cert->pkey);
+ mbedtls_pk_init(cert->pkey);
+ TEST_EQUAL(mbedtls_pk_setup_opaque(cert->pkey, key_slot), 0);
+ }
+#else
+ (void) opaque_alg;
+ (void) opaque_alg2;
+ (void) opaque_usage;
+#endif
+
+ mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL);
+
+ ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert,
+ cert->pkey);
+ TEST_ASSERT(ret == 0);
+ TEST_ASSERT(ep->conf.key_cert != NULL);
+
+ ret = mbedtls_ssl_conf_own_cert(&(ep->conf), NULL, NULL);
+ TEST_ASSERT(ret == 0);
+ TEST_ASSERT(ep->conf.key_cert == NULL);
+
+ ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert,
+ cert->pkey);
+ TEST_ASSERT(ret == 0);
+
+exit:
+ if (ret != 0) {
+ test_ssl_endpoint_certificate_free(ep);
+ }
+
+ return ret;
+}
+
+int mbedtls_test_ssl_endpoint_init(
+ mbedtls_test_ssl_endpoint *ep, int endpoint_type,
+ mbedtls_test_handshake_test_options *options,
+ mbedtls_test_message_socket_context *dtls_context,
+ mbedtls_test_ssl_message_queue *input_queue,
+ mbedtls_test_ssl_message_queue *output_queue)
+{
+ int ret = -1;
+ uintptr_t user_data_n;
+
+ if (dtls_context != NULL &&
+ (input_queue == NULL || output_queue == NULL)) {
+ return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+
+ }
+
+ if (ep == NULL) {
+ return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+ }
+
+ memset(ep, 0, sizeof(*ep));
+
+ ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client";
+
+ mbedtls_ssl_init(&(ep->ssl));
+ mbedtls_ssl_config_init(&(ep->conf));
+ mbedtls_ssl_conf_rng(&(ep->conf), mbedtls_test_random, NULL);
+
+ TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL);
+ TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0);
+ TEST_ASSERT(mbedtls_ssl_get_user_data_p(&ep->ssl) == NULL);
+ TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), 0);
+
+ (void) mbedtls_test_rnd_std_rand(NULL,
+ (void *) &user_data_n,
+ sizeof(user_data_n));
+ mbedtls_ssl_conf_set_user_data_n(&ep->conf, user_data_n);
+ mbedtls_ssl_set_user_data_n(&ep->ssl, user_data_n);
+
+ if (dtls_context != NULL) {
+ TEST_ASSERT(mbedtls_test_message_socket_setup(input_queue, output_queue,
+ 100, &(ep->socket),
+ dtls_context) == 0);
+ } else {
+ mbedtls_test_mock_socket_init(&(ep->socket));
+ }
+
+ /* Non-blocking callbacks without timeout */
+ if (dtls_context != NULL) {
+ mbedtls_ssl_set_bio(&(ep->ssl), dtls_context,
+ mbedtls_test_mock_tcp_send_msg,
+ mbedtls_test_mock_tcp_recv_msg,
+ NULL);
+ } else {
+ mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket),
+ mbedtls_test_mock_tcp_send_nb,
+ mbedtls_test_mock_tcp_recv_nb,
+ NULL);
+ }
+
+ ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type,
+ (dtls_context != NULL) ?
+ MBEDTLS_SSL_TRANSPORT_DATAGRAM :
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT);
+ TEST_ASSERT(ret == 0);
+
+ if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) {
+ if (options->client_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) {
+ mbedtls_ssl_conf_min_tls_version(&(ep->conf),
+ options->client_min_version);
+ }
+
+ if (options->client_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) {
+ mbedtls_ssl_conf_max_tls_version(&(ep->conf),
+ options->client_max_version);
+ }
+ } else {
+ if (options->server_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) {
+ mbedtls_ssl_conf_min_tls_version(&(ep->conf),
+ options->server_min_version);
+ }
+
+ if (options->server_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) {
+ mbedtls_ssl_conf_max_tls_version(&(ep->conf),
+ options->server_max_version);
+ }
+ }
+
+ if (options->group_list != NULL) {
+ mbedtls_ssl_conf_groups(&(ep->conf), options->group_list);
+ }
+
+ mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED);
+
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ mbedtls_ssl_conf_early_data(&(ep->conf), options->early_data);
+#if defined(MBEDTLS_SSL_SRV_C)
+ if (endpoint_type == MBEDTLS_SSL_IS_SERVER &&
+ (options->max_early_data_size >= 0)) {
+ mbedtls_ssl_conf_max_early_data_size(&(ep->conf),
+ options->max_early_data_size);
+ }
+#endif
+#if defined(MBEDTLS_SSL_ALPN)
+ /* check that alpn_list contains at least one valid entry */
+ if (options->alpn_list[0] != NULL) {
+ mbedtls_ssl_conf_alpn_protocols(&(ep->conf), options->alpn_list);
+ }
+#endif
+#endif
+
+#if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SRV_C)
+ if (endpoint_type == MBEDTLS_SSL_IS_SERVER && options->cache != NULL) {
+ mbedtls_ssl_conf_session_cache(&(ep->conf), options->cache,
+ mbedtls_ssl_cache_get,
+ mbedtls_ssl_cache_set);
+ }
+#endif
+
+ ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf));
+ TEST_ASSERT(ret == 0);
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C)
+ if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) {
+ mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL);
+ }
+#endif
+
+#if defined(MBEDTLS_DEBUG_C)
+#if defined(MBEDTLS_SSL_SRV_C)
+ if (endpoint_type == MBEDTLS_SSL_IS_SERVER &&
+ options->srv_log_fun != NULL) {
+ mbedtls_ssl_conf_dbg(&(ep->conf), options->srv_log_fun,
+ options->srv_log_obj);
+ }
+#endif
+#if defined(MBEDTLS_SSL_CLI_C)
+ if (endpoint_type == MBEDTLS_SSL_IS_CLIENT &&
+ options->cli_log_fun != NULL) {
+ mbedtls_ssl_conf_dbg(&(ep->conf), options->cli_log_fun,
+ options->cli_log_obj);
+ }
+#endif
+#endif /* MBEDTLS_DEBUG_C */
+
+ ret = mbedtls_test_ssl_endpoint_certificate_init(ep, options->pk_alg,
+ options->opaque_alg,
+ options->opaque_alg2,
+ options->opaque_usage);
+ TEST_ASSERT(ret == 0);
+
+ TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), user_data_n);
+ mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep);
+ TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), user_data_n);
+ mbedtls_ssl_set_user_data_p(&ep->ssl, ep);
+
+exit:
+ return ret;
+}
+
+void mbedtls_test_ssl_endpoint_free(
+ mbedtls_test_ssl_endpoint *ep,
+ mbedtls_test_message_socket_context *context)
+{
+ test_ssl_endpoint_certificate_free(ep);
+
+ mbedtls_ssl_free(&(ep->ssl));
+ mbedtls_ssl_config_free(&(ep->conf));
+
+ if (context != NULL) {
+ mbedtls_test_message_socket_close(context);
+ } else {
+ mbedtls_test_mock_socket_close(&(ep->socket));
+ }
+}
+
+int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
+ mbedtls_ssl_context *second_ssl,
+ int state)
+{
+ enum { BUFFSIZE = 1024 };
+ int max_steps = 1000;
+ int ret = 0;
+
+ if (ssl == NULL || second_ssl == NULL) {
+ return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+ }
+
+ /* Perform communication via connected sockets */
+ while ((ssl->state != state) && (--max_steps >= 0)) {
+ /* If /p second_ssl ends the handshake procedure before /p ssl then
+ * there is no need to call the next step */
+ if (!mbedtls_ssl_is_handshake_over(second_ssl)) {
+ ret = mbedtls_ssl_handshake_step(second_ssl);
+ if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ &&
+ ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ return ret;
+ }
+ }
+
+ /* We only care about the \p ssl state and returns, so we call it last,
+ * to leave the iteration as soon as the state is as expected. */
+ ret = mbedtls_ssl_handshake_step(ssl);
+ if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ &&
+ ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ return ret;
+ }
+ }
+
+ return (max_steps >= 0) ? ret : -1;
+}
+
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+
+/*
+ * Write application data. Increase write counter if necessary.
+ */
+int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl,
+ unsigned char *buf, int buf_len,
+ int *written,
+ const int expected_fragments)
+{
+ int ret;
+ /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
+ * a valid no-op for TLS connections. */
+ if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+ TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0);
+ }
+
+ ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written);
+ if (ret > 0) {
+ *written += ret;
+ }
+
+ if (expected_fragments == 0) {
+ /* Used for DTLS and the message size larger than MFL. In that case
+ * the message can not be fragmented and the library should return
+ * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned
+ * to prevent a dead loop inside mbedtls_test_ssl_exchange_data(). */
+ return ret;
+ } else if (expected_fragments == 1) {
+ /* Used for TLS/DTLS and the message size lower than MFL */
+ TEST_ASSERT(ret == buf_len ||
+ ret == MBEDTLS_ERR_SSL_WANT_READ ||
+ ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ } else {
+ /* Used for TLS and the message size larger than MFL */
+ TEST_ASSERT(expected_fragments > 1);
+ TEST_ASSERT((ret >= 0 && ret <= buf_len) ||
+ ret == MBEDTLS_ERR_SSL_WANT_READ ||
+ ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ }
+
+ return 0;
+
+exit:
+ /* Some of the tests failed */
+ return -1;
+}
+
+/*
+ * Read application data and increase read counter and fragments counter
+ * if necessary.
+ */
+int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl,
+ unsigned char *buf, int buf_len,
+ int *read, int *fragments,
+ const int expected_fragments)
+{
+ int ret;
+ /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
+ * a valid no-op for TLS connections. */
+ if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+ TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0);
+ }
+
+ ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read);
+ if (ret > 0) {
+ (*fragments)++;
+ *read += ret;
+ }
+
+ if (expected_fragments == 0) {
+ TEST_ASSERT(ret == 0);
+ } else if (expected_fragments == 1) {
+ TEST_ASSERT(ret == buf_len ||
+ ret == MBEDTLS_ERR_SSL_WANT_READ ||
+ ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ } else {
+ TEST_ASSERT(expected_fragments > 1);
+ TEST_ASSERT((ret >= 0 && ret <= buf_len) ||
+ ret == MBEDTLS_ERR_SSL_WANT_READ ||
+ ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ }
+
+ return 0;
+
+exit:
+ /* Some of the tests failed */
+ return -1;
+}
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+static void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher,
+ int *forced_ciphersuite)
+{
+ const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+ forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher);
+ forced_ciphersuite[1] = 0;
+
+ ciphersuite_info =
+ mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]);
+
+ TEST_ASSERT(ciphersuite_info != NULL);
+ TEST_ASSERT(ciphersuite_info->min_tls_version <= conf->max_tls_version);
+ TEST_ASSERT(ciphersuite_info->max_tls_version >= conf->min_tls_version);
+
+ if (conf->max_tls_version > ciphersuite_info->max_tls_version) {
+ conf->max_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->max_tls_version;
+ }
+ if (conf->min_tls_version < ciphersuite_info->min_tls_version) {
+ conf->min_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->min_tls_version;
+ }
+
+ mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite);
+
+exit:
+ return;
+}
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \
+ defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \
+ defined(MBEDTLS_SSL_SRV_C)
+static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl,
+ const unsigned char *name, size_t name_len)
+{
+ (void) p_info;
+ (void) ssl;
+ (void) name;
+ (void) name_len;
+
+ return 0;
+}
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED &&
+ MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED &&
+ MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+ defined(MBEDTLS_SSL_HAVE_CBC) && defined(MBEDTLS_SSL_HAVE_AES)
+int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
+ const unsigned char *iv,
+ size_t iv_len,
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char *output,
+ size_t *olen)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT;
+ size_t part_len;
+
+ status = psa_cipher_encrypt_setup(&cipher_op,
+ transform->psa_key_enc,
+ transform->psa_alg);
+
+ if (status != PSA_SUCCESS) {
+ return PSA_TO_MBEDTLS_ERR(status);
+ }
+
+ status = psa_cipher_set_iv(&cipher_op, iv, iv_len);
+
+ if (status != PSA_SUCCESS) {
+ return PSA_TO_MBEDTLS_ERR(status);
+ }
+
+ status = psa_cipher_update(&cipher_op, input, ilen, output, ilen, olen);
+
+ if (status != PSA_SUCCESS) {
+ return PSA_TO_MBEDTLS_ERR(status);
+ }
+
+ status = psa_cipher_finish(&cipher_op, output + *olen, ilen - *olen,
+ &part_len);
+
+ if (status != PSA_SUCCESS) {
+ return PSA_TO_MBEDTLS_ERR(status);
+ }
+
+ *olen += part_len;
+ return 0;
+#else
+ return mbedtls_cipher_crypt(&transform->cipher_ctx_enc,
+ iv, iv_len, input, ilen, output, olen);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC &&
+ MBEDTLS_SSL_HAVE_AES */
+
+static void mbedtls_test_ssl_cipher_info_from_type(mbedtls_cipher_type_t cipher_type,
+ mbedtls_cipher_mode_t *cipher_mode,
+ size_t *key_bits, size_t *iv_len)
+{
+ switch (cipher_type) {
+ case MBEDTLS_CIPHER_AES_128_CBC:
+ *cipher_mode = MBEDTLS_MODE_CBC;
+ *key_bits = 128;
+ *iv_len = 16;
+ break;
+ case MBEDTLS_CIPHER_AES_256_CBC:
+ *cipher_mode = MBEDTLS_MODE_CBC;
+ *key_bits = 256;
+ *iv_len = 16;
+ break;
+ case MBEDTLS_CIPHER_ARIA_128_CBC:
+ *cipher_mode = MBEDTLS_MODE_CBC;
+ *key_bits = 128;
+ *iv_len = 16;
+ break;
+ case MBEDTLS_CIPHER_ARIA_256_CBC:
+ *cipher_mode = MBEDTLS_MODE_CBC;
+ *key_bits = 256;
+ *iv_len = 16;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_128_CBC:
+ *cipher_mode = MBEDTLS_MODE_CBC;
+ *key_bits = 128;
+ *iv_len = 16;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_256_CBC:
+ *cipher_mode = MBEDTLS_MODE_CBC;
+ *key_bits = 256;
+ *iv_len = 16;
+ break;
+
+ case MBEDTLS_CIPHER_AES_128_CCM:
+ *cipher_mode = MBEDTLS_MODE_CCM;
+ *key_bits = 128;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_AES_192_CCM:
+ *cipher_mode = MBEDTLS_MODE_CCM;
+ *key_bits = 192;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_AES_256_CCM:
+ *cipher_mode = MBEDTLS_MODE_CCM;
+ *key_bits = 256;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_128_CCM:
+ *cipher_mode = MBEDTLS_MODE_CCM;
+ *key_bits = 128;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_192_CCM:
+ *cipher_mode = MBEDTLS_MODE_CCM;
+ *key_bits = 192;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_256_CCM:
+ *cipher_mode = MBEDTLS_MODE_CCM;
+ *key_bits = 256;
+ *iv_len = 12;
+ break;
+
+ case MBEDTLS_CIPHER_AES_128_GCM:
+ *cipher_mode = MBEDTLS_MODE_GCM;
+ *key_bits = 128;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_AES_192_GCM:
+ *cipher_mode = MBEDTLS_MODE_GCM;
+ *key_bits = 192;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_AES_256_GCM:
+ *cipher_mode = MBEDTLS_MODE_GCM;
+ *key_bits = 256;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_128_GCM:
+ *cipher_mode = MBEDTLS_MODE_GCM;
+ *key_bits = 128;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_192_GCM:
+ *cipher_mode = MBEDTLS_MODE_GCM;
+ *key_bits = 192;
+ *iv_len = 12;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_256_GCM:
+ *cipher_mode = MBEDTLS_MODE_GCM;
+ *key_bits = 256;
+ *iv_len = 12;
+ break;
+
+ case MBEDTLS_CIPHER_CHACHA20_POLY1305:
+ *cipher_mode = MBEDTLS_MODE_CHACHAPOLY;
+ *key_bits = 256;
+ *iv_len = 12;
+ break;
+
+ case MBEDTLS_CIPHER_NULL:
+ *cipher_mode = MBEDTLS_MODE_STREAM;
+ *key_bits = 0;
+ *iv_len = 0;
+ break;
+
+ default:
+ *cipher_mode = MBEDTLS_MODE_NONE;
+ *key_bits = 0;
+ *iv_len = 0;
+ }
+}
+
+int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
+ mbedtls_ssl_transform *t_out,
+ int cipher_type, int hash_id,
+ int etm, int tag_mode,
+ mbedtls_ssl_protocol_version tls_version,
+ size_t cid0_len,
+ size_t cid1_len)
+{
+ mbedtls_cipher_mode_t cipher_mode = MBEDTLS_MODE_NONE;
+ size_t key_bits = 0;
+ int ret = 0;
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_key_type_t key_type;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_algorithm_t alg;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+#else
+ mbedtls_cipher_info_t const *cipher_info;
+#endif
+
+ size_t keylen, maclen, ivlen = 0;
+ unsigned char *key0 = NULL, *key1 = NULL;
+ unsigned char *md0 = NULL, *md1 = NULL;
+ unsigned char iv_enc[16], iv_dec[16];
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+ unsigned char cid0[SSL_CID_LEN_MIN];
+ unsigned char cid1[SSL_CID_LEN_MIN];
+
+ mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0));
+ mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1));
+#else
+ ((void) cid0_len);
+ ((void) cid1_len);
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+ maclen = 0;
+ mbedtls_test_ssl_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type,
+ &cipher_mode, &key_bits, &ivlen);
+
+ /* Pick keys */
+ keylen = key_bits / 8;
+ /* Allocate `keylen + 1` bytes to ensure that we get
+ * a non-NULL pointers from `mbedtls_calloc` even if
+ * `keylen == 0` in the case of the NULL cipher. */
+ CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL);
+ CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL);
+ memset(key0, 0x1, keylen);
+ memset(key1, 0x2, keylen);
+
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* Pick cipher */
+ cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type);
+ CHK(cipher_info != NULL);
+ CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16);
+ CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0);
+
+ /* Setup cipher contexts */
+ CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0);
+ CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0);
+ CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0);
+ CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0);
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+ if (cipher_mode == MBEDTLS_MODE_CBC) {
+ CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc,
+ MBEDTLS_PADDING_NONE) == 0);
+ CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec,
+ MBEDTLS_PADDING_NONE) == 0);
+ CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc,
+ MBEDTLS_PADDING_NONE) == 0);
+ CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec,
+ MBEDTLS_PADDING_NONE) == 0);
+ }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+ CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0,
+ (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3,
+ MBEDTLS_ENCRYPT)
+ == 0);
+ CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1,
+ (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3,
+ MBEDTLS_DECRYPT)
+ == 0);
+ CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1,
+ (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3,
+ MBEDTLS_ENCRYPT)
+ == 0);
+ CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0,
+ (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3,
+ MBEDTLS_DECRYPT)
+ == 0);
+#endif /* !MBEDTLS_USE_PSA_CRYPTO */
+
+ /* Setup MAC contexts */
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
+ if (cipher_mode == MBEDTLS_MODE_CBC ||
+ cipher_mode == MBEDTLS_MODE_STREAM) {
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+ mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) hash_id);
+ CHK(md_info != NULL);
+#endif
+ maclen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) hash_id);
+ CHK(maclen != 0);
+ /* Pick hash keys */
+ CHK((md0 = mbedtls_calloc(1, maclen)) != NULL);
+ CHK((md1 = mbedtls_calloc(1, maclen)) != NULL);
+ memset(md0, 0x5, maclen);
+ memset(md1, 0x6, maclen);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ alg = mbedtls_md_psa_alg_from_type(hash_id);
+
+ CHK(alg != 0);
+
+ t_out->psa_mac_alg = PSA_ALG_HMAC(alg);
+ t_in->psa_mac_alg = PSA_ALG_HMAC(alg);
+ t_in->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT;
+ t_out->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT;
+ t_in->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT;
+ t_out->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT;
+
+ psa_reset_key_attributes(&attributes);
+ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
+ psa_set_key_algorithm(&attributes, PSA_ALG_HMAC(alg));
+ psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
+
+ CHK(psa_import_key(&attributes,
+ md0, maclen,
+ &t_in->psa_mac_enc) == PSA_SUCCESS);
+
+ CHK(psa_import_key(&attributes,
+ md1, maclen,
+ &t_out->psa_mac_enc) == PSA_SUCCESS);
+
+ if (cipher_mode == MBEDTLS_MODE_STREAM ||
+ etm == MBEDTLS_SSL_ETM_DISABLED) {
+ /* mbedtls_ct_hmac() requires the key to be exportable */
+ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT |
+ PSA_KEY_USAGE_VERIFY_HASH);
+ } else {
+ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+ }
+
+ CHK(psa_import_key(&attributes,
+ md1, maclen,
+ &t_in->psa_mac_dec) == PSA_SUCCESS);
+
+ CHK(psa_import_key(&attributes,
+ md0, maclen,
+ &t_out->psa_mac_dec) == PSA_SUCCESS);
+#else
+ CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0);
+ CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0);
+ CHK(mbedtls_md_setup(&t_in->md_ctx_enc, md_info, 1) == 0);
+ CHK(mbedtls_md_setup(&t_in->md_ctx_dec, md_info, 1) == 0);
+
+ CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc,
+ md0, maclen) == 0);
+ CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec,
+ md1, maclen) == 0);
+ CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc,
+ md1, maclen) == 0);
+ CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec,
+ md0, maclen) == 0);
+#endif
+ }
+#else
+ ((void) hash_id);
+#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
+
+
+ /* Pick IV's (regardless of whether they
+ * are being used by the transform). */
+ memset(iv_enc, 0x3, sizeof(iv_enc));
+ memset(iv_dec, 0x4, sizeof(iv_dec));
+
+ /*
+ * Setup transforms
+ */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
+ defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
+ t_out->encrypt_then_mac = etm;
+ t_in->encrypt_then_mac = etm;
+#else
+ ((void) etm);
+#endif
+
+ t_out->tls_version = tls_version;
+ t_in->tls_version = tls_version;
+ t_out->ivlen = ivlen;
+ t_in->ivlen = ivlen;
+
+ switch (cipher_mode) {
+ case MBEDTLS_MODE_GCM:
+ case MBEDTLS_MODE_CCM:
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+ if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
+ t_out->fixed_ivlen = 12;
+ t_in->fixed_ivlen = 12;
+ } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
+ {
+ t_out->fixed_ivlen = 4;
+ t_in->fixed_ivlen = 4;
+ }
+ t_out->maclen = 0;
+ t_in->maclen = 0;
+ switch (tag_mode) {
+ case 0: /* Full tag */
+ t_out->taglen = 16;
+ t_in->taglen = 16;
+ break;
+ case 1: /* Partial tag */
+ t_out->taglen = 8;
+ t_in->taglen = 8;
+ break;
+ default:
+ ret = 1;
+ goto cleanup;
+ }
+ break;
+
+ case MBEDTLS_MODE_CHACHAPOLY:
+ t_out->fixed_ivlen = 12;
+ t_in->fixed_ivlen = 12;
+ t_out->maclen = 0;
+ t_in->maclen = 0;
+ switch (tag_mode) {
+ case 0: /* Full tag */
+ t_out->taglen = 16;
+ t_in->taglen = 16;
+ break;
+ case 1: /* Partial tag */
+ t_out->taglen = 8;
+ t_in->taglen = 8;
+ break;
+ default:
+ ret = 1;
+ goto cleanup;
+ }
+ break;
+
+ case MBEDTLS_MODE_STREAM:
+ case MBEDTLS_MODE_CBC:
+ t_out->fixed_ivlen = 0; /* redundant, must be 0 */
+ t_in->fixed_ivlen = 0; /* redundant, must be 0 */
+ t_out->taglen = 0;
+ t_in->taglen = 0;
+ switch (tag_mode) {
+ case 0: /* Full tag */
+ t_out->maclen = maclen;
+ t_in->maclen = maclen;
+ break;
+ default:
+ ret = 1;
+ goto cleanup;
+ }
+ break;
+ default:
+ ret = 1;
+ goto cleanup;
+ break;
+ }
+
+ /* Setup IV's */
+
+ memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec));
+ memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc));
+ memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc));
+ memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec));
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+ /* Add CID */
+ memcpy(&t_in->in_cid, cid0, cid0_len);
+ memcpy(&t_in->out_cid, cid1, cid1_len);
+ t_in->in_cid_len = (uint8_t) cid0_len;
+ t_in->out_cid_len = (uint8_t) cid1_len;
+ memcpy(&t_out->in_cid, cid1, cid1_len);
+ memcpy(&t_out->out_cid, cid0, cid0_len);
+ t_out->in_cid_len = (uint8_t) cid1_len;
+ t_out->out_cid_len = (uint8_t) cid0_len;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ status = mbedtls_ssl_cipher_to_psa(cipher_type,
+ t_in->taglen,
+ &alg,
+ &key_type,
+ &key_bits);
+
+ if (status != PSA_SUCCESS) {
+ ret = PSA_TO_MBEDTLS_ERR(status);
+ goto cleanup;
+ }
+
+ t_in->psa_alg = alg;
+ t_out->psa_alg = alg;
+
+ if (alg != MBEDTLS_SSL_NULL_CIPHER) {
+ psa_reset_key_attributes(&attributes);
+ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+ psa_set_key_algorithm(&attributes, alg);
+ psa_set_key_type(&attributes, key_type);
+
+ status = psa_import_key(&attributes,
+ key0,
+ PSA_BITS_TO_BYTES(key_bits),
+ &t_in->psa_key_enc);
+
+ if (status != PSA_SUCCESS) {
+ ret = PSA_TO_MBEDTLS_ERR(status);
+ goto cleanup;
+ }
+
+ status = psa_import_key(&attributes,
+ key1,
+ PSA_BITS_TO_BYTES(key_bits),
+ &t_out->psa_key_enc);
+
+ if (status != PSA_SUCCESS) {
+ ret = PSA_TO_MBEDTLS_ERR(status);
+ goto cleanup;
+ }
+
+ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+
+ status = psa_import_key(&attributes,
+ key1,
+ PSA_BITS_TO_BYTES(key_bits),
+ &t_in->psa_key_dec);
+
+ if (status != PSA_SUCCESS) {
+ ret = PSA_TO_MBEDTLS_ERR(status);
+ goto cleanup;
+ }
+
+ status = psa_import_key(&attributes,
+ key0,
+ PSA_BITS_TO_BYTES(key_bits),
+ &t_out->psa_key_dec);
+
+ if (status != PSA_SUCCESS) {
+ ret = PSA_TO_MBEDTLS_ERR(status);
+ goto cleanup;
+ }
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+cleanup:
+
+ mbedtls_free(key0);
+ mbedtls_free(key1);
+
+ mbedtls_free(md0);
+ mbedtls_free(md1);
+
+ return ret;
+}
+
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
+int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record,
+ mbedtls_ssl_transform *transform_out)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+#endif
+
+ /* Serialized version of record header for MAC purposes */
+ unsigned char add_data[13];
+ memcpy(add_data, record->ctr, 8);
+ add_data[8] = record->type;
+ add_data[9] = record->ver[0];
+ add_data[10] = record->ver[1];
+ add_data[11] = (record->data_len >> 8) & 0xff;
+ add_data[12] = (record->data_len >> 0) & 0xff;
+
+ /* MAC with additional data */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ size_t sign_mac_length = 0;
+ TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_setup(&operation,
+ transform_out->psa_mac_enc,
+ transform_out->psa_mac_alg));
+ TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, add_data, 13));
+ TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation,
+ record->buf + record->data_offset,
+ record->data_len));
+ /* Use a temporary buffer for the MAC, because with the truncated HMAC
+ * extension, there might not be enough room in the record for the
+ * full-length MAC. */
+ unsigned char mac[PSA_HASH_MAX_SIZE];
+ TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_finish(&operation,
+ mac, sizeof(mac),
+ &sign_mac_length));
+#else
+ TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, add_data, 13));
+ TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc,
+ record->buf + record->data_offset,
+ record->data_len));
+ /* Use a temporary buffer for the MAC, because with the truncated HMAC
+ * extension, there might not be enough room in the record for the
+ * full-length MAC. */
+ unsigned char mac[MBEDTLS_MD_MAX_SIZE];
+ TEST_EQUAL(0, mbedtls_md_hmac_finish(&transform_out->md_ctx_enc, mac));
+#endif
+ memcpy(record->buf + record->data_offset + record->data_len, mac, transform_out->maclen);
+ record->data_len += transform_out->maclen;
+
+ return 0;
+
+exit:
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_mac_abort(&operation);
+#endif
+ return -1;
+}
+#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session,
+ int ticket_len,
+ int endpoint_type,
+ const char *crt_file)
+{
+ (void) ticket_len;
+
+#if defined(MBEDTLS_HAVE_TIME)
+ session->start = mbedtls_time(NULL) - 42;
+#endif
+ session->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
+
+ TEST_ASSERT(endpoint_type == MBEDTLS_SSL_IS_CLIENT ||
+ endpoint_type == MBEDTLS_SSL_IS_SERVER);
+
+ session->endpoint = endpoint_type;
+ session->ciphersuite = 0xabcd;
+ session->id_len = sizeof(session->id);
+ memset(session->id, 66, session->id_len);
+ memset(session->master, 17, sizeof(session->master));
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO)
+ if (crt_file != NULL && strlen(crt_file) != 0) {
+ mbedtls_x509_crt tmp_crt;
+ int ret;
+
+ mbedtls_x509_crt_init(&tmp_crt);
+ ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file);
+ if (ret != 0) {
+ return ret;
+ }
+
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+ /* Move temporary CRT. */
+ session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert));
+ if (session->peer_cert == NULL) {
+ return -1;
+ }
+ *session->peer_cert = tmp_crt;
+ memset(&tmp_crt, 0, sizeof(tmp_crt));
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+ /* Calculate digest of temporary CRT. */
+ session->peer_cert_digest =
+ mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN);
+ if (session->peer_cert_digest == NULL) {
+ return -1;
+ }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type(
+ MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE);
+ size_t hash_size = 0;
+ psa_status_t status = psa_hash_compute(
+ psa_alg, tmp_crt.raw.p,
+ tmp_crt.raw.len,
+ session->peer_cert_digest,
+ MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN,
+ &hash_size);
+ ret = PSA_TO_MBEDTLS_ERR(status);
+#else
+ ret = mbedtls_md(mbedtls_md_info_from_type(
+ MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE),
+ tmp_crt.raw.p, tmp_crt.raw.len,
+ session->peer_cert_digest);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ if (ret != 0) {
+ return ret;
+ }
+ session->peer_cert_digest_type =
+ MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
+ session->peer_cert_digest_len =
+ MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+ mbedtls_x509_crt_free(&tmp_crt);
+ }
+#else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */
+ (void) crt_file;
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */
+ session->verify_result = 0xdeadbeef;
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#if defined(MBEDTLS_SSL_CLI_C)
+ if (ticket_len != 0) {
+ session->ticket = mbedtls_calloc(1, ticket_len);
+ if (session->ticket == NULL) {
+ return -1;
+ }
+ memset(session->ticket, 33, ticket_len);
+ }
+ session->ticket_len = ticket_len;
+ session->ticket_lifetime = 86401;
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_HAVE_TIME)
+ if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
+ session->ticket_creation_time = mbedtls_ms_time() - 42;
+ }
+#endif
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+ session->mfl_code = 1;
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+ session->encrypt_then_mac = 1;
+#endif
+
+exit:
+ return 0;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session,
+ int ticket_len,
+ int endpoint_type)
+{
+ ((void) ticket_len);
+ session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
+ session->endpoint = endpoint_type == MBEDTLS_SSL_IS_CLIENT ?
+ MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER;
+ session->ciphersuite = 0xabcd;
+ session->ticket_age_add = 0x87654321;
+ session->ticket_flags = 0x7;
+
+ session->resumption_key_len = 32;
+ memset(session->resumption_key, 0x99, sizeof(session->resumption_key));
+
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ session->max_early_data_size = 0x87654321;
+#if defined(MBEDTLS_SSL_ALPN) && defined(MBEDTLS_SSL_SRV_C)
+ int ret = mbedtls_ssl_session_set_ticket_alpn(session, "ALPNExample");
+ if (ret != 0) {
+ return -1;
+ }
+#endif /* MBEDTLS_SSL_ALPN && MBEDTLS_SSL_SRV_C */
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
+#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
+ if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
+ session->ticket_creation_time = mbedtls_ms_time() - 42;
+ }
+#endif
+
+#if defined(MBEDTLS_SSL_CLI_C)
+ if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) {
+#if defined(MBEDTLS_HAVE_TIME)
+ session->ticket_reception_time = mbedtls_ms_time() - 40;
+#endif
+ session->ticket_lifetime = 0xfedcba98;
+
+ session->ticket_len = ticket_len;
+ if (ticket_len != 0) {
+ session->ticket = mbedtls_calloc(1, ticket_len);
+ if (session->ticket == NULL) {
+ return -1;
+ }
+ memset(session->ticket, 33, ticket_len);
+ }
+ }
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+ session->record_size_limit = 2048;
+#endif
+
+ return 0;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
+
+int mbedtls_test_ssl_exchange_data(
+ mbedtls_ssl_context *ssl_1,
+ int msg_len_1, const int expected_fragments_1,
+ mbedtls_ssl_context *ssl_2,
+ int msg_len_2, const int expected_fragments_2)
+{
+ unsigned char *msg_buf_1 = malloc(msg_len_1);
+ unsigned char *msg_buf_2 = malloc(msg_len_2);
+ unsigned char *in_buf_1 = malloc(msg_len_2);
+ unsigned char *in_buf_2 = malloc(msg_len_1);
+ int msg_type, ret = -1;
+
+ /* Perform this test with two message types. At first use a message
+ * consisting of only 0x00 for the client and only 0xFF for the server.
+ * At the second time use message with generated data */
+ for (msg_type = 0; msg_type < 2; msg_type++) {
+ int written_1 = 0;
+ int written_2 = 0;
+ int read_1 = 0;
+ int read_2 = 0;
+ int fragments_1 = 0;
+ int fragments_2 = 0;
+
+ if (msg_type == 0) {
+ memset(msg_buf_1, 0x00, msg_len_1);
+ memset(msg_buf_2, 0xff, msg_len_2);
+ } else {
+ int i, j = 0;
+ for (i = 0; i < msg_len_1; i++) {
+ msg_buf_1[i] = j++ & 0xFF;
+ }
+ for (i = 0; i < msg_len_2; i++) {
+ msg_buf_2[i] = (j -= 5) & 0xFF;
+ }
+ }
+
+ while (read_1 < msg_len_2 || read_2 < msg_len_1) {
+ /* ssl_1 sending */
+ if (msg_len_1 > written_1) {
+ ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1,
+ msg_len_1, &written_1,
+ expected_fragments_1);
+ if (expected_fragments_1 == 0) {
+ /* This error is expected when the message is too large and
+ * cannot be fragmented */
+ TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ msg_len_1 = 0;
+ } else {
+ TEST_ASSERT(ret == 0);
+ }
+ }
+
+ /* ssl_2 sending */
+ if (msg_len_2 > written_2) {
+ ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2,
+ msg_len_2, &written_2,
+ expected_fragments_2);
+ if (expected_fragments_2 == 0) {
+ /* This error is expected when the message is too large and
+ * cannot be fragmented */
+ TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+ msg_len_2 = 0;
+ } else {
+ TEST_ASSERT(ret == 0);
+ }
+ }
+
+ /* ssl_1 reading */
+ if (read_1 < msg_len_2) {
+ ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1,
+ msg_len_2, &read_1,
+ &fragments_2,
+ expected_fragments_2);
+ TEST_ASSERT(ret == 0);
+ }
+
+ /* ssl_2 reading */
+ if (read_2 < msg_len_1) {
+ ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2,
+ msg_len_1, &read_2,
+ &fragments_1,
+ expected_fragments_1);
+ TEST_ASSERT(ret == 0);
+ }
+ }
+
+ ret = -1;
+ TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1));
+ TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2));
+ TEST_ASSERT(fragments_1 == expected_fragments_1);
+ TEST_ASSERT(fragments_2 == expected_fragments_2);
+ }
+
+ ret = 0;
+
+exit:
+ free(msg_buf_1);
+ free(in_buf_1);
+ free(msg_buf_2);
+ free(in_buf_2);
+
+ return ret;
+}
+
+/*
+ * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints
+ * must be initialized and connected beforehand.
+ *
+ * \retval 0 on success, otherwise error code.
+ */
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \
+ (defined(MBEDTLS_SSL_RENEGOTIATION) || \
+ defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH))
+static int exchange_data(mbedtls_ssl_context *ssl_1,
+ mbedtls_ssl_context *ssl_2)
+{
+ return mbedtls_test_ssl_exchange_data(ssl_1, 256, 1,
+ ssl_2, 256, 1);
+}
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED &&
+ (MBEDTLS_SSL_RENEGOTIATION ||
+ MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) */
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+static int check_ssl_version(
+ mbedtls_ssl_protocol_version expected_negotiated_version,
+ const mbedtls_ssl_context *ssl)
+{
+ const char *version_string = mbedtls_ssl_get_version(ssl);
+ mbedtls_ssl_protocol_version version_number =
+ mbedtls_ssl_get_version_number(ssl);
+
+ TEST_EQUAL(ssl->tls_version, expected_negotiated_version);
+
+ if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+ TEST_EQUAL(version_string[0], 'D');
+ ++version_string;
+ }
+
+ switch (expected_negotiated_version) {
+ case MBEDTLS_SSL_VERSION_TLS1_2:
+ TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_2);
+ TEST_ASSERT(strcmp(version_string, "TLSv1.2") == 0);
+ break;
+
+ case MBEDTLS_SSL_VERSION_TLS1_3:
+ TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_3);
+ TEST_ASSERT(strcmp(version_string, "TLSv1.3") == 0);
+ break;
+
+ default:
+ TEST_FAIL(
+ "Version check not implemented for this protocol version");
+ }
+
+ return 1;
+
+exit:
+ return 0;
+}
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+void mbedtls_test_ssl_perform_handshake(
+ mbedtls_test_handshake_test_options *options)
+{
+ /* forced_ciphersuite needs to last until the end of the handshake */
+ int forced_ciphersuite[2];
+ enum { BUFFSIZE = 17000 };
+ mbedtls_test_ssl_endpoint client, server;
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
+ const char *psk_identity = "foo";
+#endif
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_timing_delay_context timer_client, timer_server;
+#endif
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+ unsigned char *context_buf = NULL;
+ size_t context_buf_len;
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ int ret = -1;
+#endif
+ int expected_handshake_result = options->expected_handshake_result;
+
+ MD_OR_USE_PSA_INIT();
+ mbedtls_platform_zeroize(&client, sizeof(client));
+ mbedtls_platform_zeroize(&server, sizeof(server));
+ mbedtls_test_ssl_message_queue server_queue, client_queue;
+ mbedtls_test_message_socket_context server_context, client_context;
+ mbedtls_test_message_socket_init(&server_context);
+ mbedtls_test_message_socket_init(&client_context);
+
+#if defined(MBEDTLS_DEBUG_C)
+ if (options->cli_log_fun || options->srv_log_fun) {
+ mbedtls_debug_set_threshold(4);
+ }
+#endif
+
+ /* Client side */
+ if (options->dtls != 0) {
+ TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
+ MBEDTLS_SSL_IS_CLIENT,
+ options, &client_context,
+ &client_queue,
+ &server_queue) == 0);
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client,
+ mbedtls_timing_set_delay,
+ mbedtls_timing_get_delay);
+#endif
+ } else {
+ TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
+ MBEDTLS_SSL_IS_CLIENT,
+ options, NULL, NULL,
+ NULL) == 0);
+ }
+
+ if (strlen(options->cipher) > 0) {
+ set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite);
+ }
+
+ /* Server side */
+ if (options->dtls != 0) {
+ TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
+ MBEDTLS_SSL_IS_SERVER,
+ options, &server_context,
+ &server_queue,
+ &client_queue) == 0);
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server,
+ mbedtls_timing_set_delay,
+ mbedtls_timing_get_delay);
+#endif
+ } else {
+ TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
+ MBEDTLS_SSL_IS_SERVER,
+ options, NULL, NULL,
+ NULL) == 0);
+ }
+
+ mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode);
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+ TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf),
+ (unsigned char) options->mfl)
+ == 0);
+ TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf),
+ (unsigned char) options->mfl)
+ == 0);
+#else
+ TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl);
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
+ if (options->psk_str != NULL && options->psk_str->len > 0) {
+ TEST_ASSERT(mbedtls_ssl_conf_psk(
+ &client.conf, options->psk_str->x,
+ options->psk_str->len,
+ (const unsigned char *) psk_identity,
+ strlen(psk_identity)) == 0);
+
+ TEST_ASSERT(mbedtls_ssl_conf_psk(
+ &server.conf, options->psk_str->x,
+ options->psk_str->len,
+ (const unsigned char *) psk_identity,
+ strlen(psk_identity)) == 0);
+#if defined(MBEDTLS_SSL_SRV_C)
+ mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL);
+#endif
+ }
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ if (options->renegotiate) {
+ mbedtls_ssl_conf_renegotiation(&(server.conf),
+ MBEDTLS_SSL_RENEGOTIATION_ENABLED);
+ mbedtls_ssl_conf_renegotiation(&(client.conf),
+ MBEDTLS_SSL_RENEGOTIATION_ENABLED);
+
+ mbedtls_ssl_conf_legacy_renegotiation(&(server.conf),
+ options->legacy_renegotiation);
+ mbedtls_ssl_conf_legacy_renegotiation(&(client.conf),
+ options->legacy_renegotiation);
+ }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+ TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket),
+ &(server.socket),
+ BUFFSIZE) == 0);
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ if (options->resize_buffers != 0) {
+ /* Ensure that the buffer sizes are appropriate before resizes */
+ TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
+ TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
+ TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
+ TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
+ }
+#endif
+
+ if (options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN) {
+ expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION;
+ }
+
+ TEST_ASSERT(mbedtls_test_move_handshake_to_state(&(client.ssl),
+ &(server.ssl),
+ MBEDTLS_SSL_HANDSHAKE_OVER)
+ == expected_handshake_result);
+
+ if (expected_handshake_result != 0) {
+ /* Connection will have failed by this point, skip to cleanup */
+ goto exit;
+ }
+
+ TEST_ASSERT(mbedtls_ssl_is_handshake_over(&client.ssl) == 1);
+
+ /* Make sure server state is moved to HANDSHAKE_OVER also. */
+ TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl),
+ &(client.ssl),
+ MBEDTLS_SSL_HANDSHAKE_OVER),
+ 0);
+
+ TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1);
+ /* Check that both sides have negotiated the expected version. */
+ mbedtls_test_set_step(0);
+ if (!check_ssl_version(options->expected_negotiated_version,
+ &client.ssl)) {
+ goto exit;
+ }
+
+ mbedtls_test_set_step(1);
+ if (!check_ssl_version(options->expected_negotiated_version,
+ &server.ssl)) {
+ goto exit;
+ }
+
+ if (options->expected_ciphersuite != 0) {
+ TEST_EQUAL(server.ssl.session->ciphersuite,
+ options->expected_ciphersuite);
+ }
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ if (options->resize_buffers != 0) {
+ /* A server, when using DTLS, might delay a buffer resize to happen
+ * after it receives a message, so we force it. */
+ TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
+
+ TEST_ASSERT(client.ssl.out_buf_len ==
+ mbedtls_ssl_get_output_buflen(&client.ssl));
+ TEST_ASSERT(client.ssl.in_buf_len ==
+ mbedtls_ssl_get_input_buflen(&client.ssl));
+ TEST_ASSERT(server.ssl.out_buf_len ==
+ mbedtls_ssl_get_output_buflen(&server.ssl));
+ TEST_ASSERT(server.ssl.in_buf_len ==
+ mbedtls_ssl_get_input_buflen(&server.ssl));
+ }
+#endif
+
+ if (options->cli_msg_len != 0 || options->srv_msg_len != 0) {
+ /* Start data exchanging test */
+ TEST_ASSERT(mbedtls_test_ssl_exchange_data(
+ &(client.ssl), options->cli_msg_len,
+ options->expected_cli_fragments,
+ &(server.ssl), options->srv_msg_len,
+ options->expected_srv_fragments)
+ == 0);
+ }
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+ if (options->serialize == 1) {
+ TEST_ASSERT(options->dtls == 1);
+
+ TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL,
+ 0, &context_buf_len)
+ == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+
+ context_buf = mbedtls_calloc(1, context_buf_len);
+ TEST_ASSERT(context_buf != NULL);
+
+ TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf,
+ context_buf_len,
+ &context_buf_len)
+ == 0);
+
+ mbedtls_ssl_free(&(server.ssl));
+ mbedtls_ssl_init(&(server.ssl));
+
+ TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0);
+
+ mbedtls_ssl_set_bio(&(server.ssl), &server_context,
+ mbedtls_test_mock_tcp_send_msg,
+ mbedtls_test_mock_tcp_recv_msg,
+ NULL);
+
+ mbedtls_ssl_set_user_data_p(&server.ssl, &server);
+
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server,
+ mbedtls_timing_set_delay,
+ mbedtls_timing_get_delay);
+#endif
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ if (options->resize_buffers != 0) {
+ /* Ensure that the buffer sizes are appropriate before resizes */
+ TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
+ TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
+ }
+#endif
+ TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf,
+ context_buf_len) == 0);
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ /* Validate buffer sizes after context deserialization */
+ if (options->resize_buffers != 0) {
+ TEST_ASSERT(server.ssl.out_buf_len ==
+ mbedtls_ssl_get_output_buflen(&server.ssl));
+ TEST_ASSERT(server.ssl.in_buf_len ==
+ mbedtls_ssl_get_input_buflen(&server.ssl));
+ }
+#endif
+ /* Retest writing/reading */
+ if (options->cli_msg_len != 0 || options->srv_msg_len != 0) {
+ TEST_ASSERT(mbedtls_test_ssl_exchange_data(
+ &(client.ssl), options->cli_msg_len,
+ options->expected_cli_fragments,
+ &(server.ssl), options->srv_msg_len,
+ options->expected_srv_fragments)
+ == 0);
+ }
+ }
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ if (options->renegotiate) {
+ /* Start test with renegotiation */
+ TEST_ASSERT(server.ssl.renego_status ==
+ MBEDTLS_SSL_INITIAL_HANDSHAKE);
+ TEST_ASSERT(client.ssl.renego_status ==
+ MBEDTLS_SSL_INITIAL_HANDSHAKE);
+
+ /* After calling this function for the server, it only sends a handshake
+ * request. All renegotiation should happen during data exchanging */
+ TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0);
+ TEST_ASSERT(server.ssl.renego_status ==
+ MBEDTLS_SSL_RENEGOTIATION_PENDING);
+ TEST_ASSERT(client.ssl.renego_status ==
+ MBEDTLS_SSL_INITIAL_HANDSHAKE);
+
+ TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
+ TEST_ASSERT(server.ssl.renego_status ==
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+ TEST_ASSERT(client.ssl.renego_status ==
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+
+ /* After calling mbedtls_ssl_renegotiate for the client,
+ * all renegotiation should happen inside this function.
+ * However in this test, we cannot perform simultaneous communication
+ * between client and server so this function will return waiting error
+ * on the socket. All rest of renegotiation should happen
+ * during data exchanging */
+ ret = mbedtls_ssl_renegotiate(&(client.ssl));
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ if (options->resize_buffers != 0) {
+ /* Ensure that the buffer sizes are appropriate before resizes */
+ TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
+ TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
+ }
+#endif
+ TEST_ASSERT(ret == 0 ||
+ ret == MBEDTLS_ERR_SSL_WANT_READ ||
+ ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ TEST_ASSERT(server.ssl.renego_status ==
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+ TEST_ASSERT(client.ssl.renego_status ==
+ MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS);
+
+ TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
+ TEST_ASSERT(server.ssl.renego_status ==
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+ TEST_ASSERT(client.ssl.renego_status ==
+ MBEDTLS_SSL_RENEGOTIATION_DONE);
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+ /* Validate buffer sizes after renegotiation */
+ if (options->resize_buffers != 0) {
+ TEST_ASSERT(client.ssl.out_buf_len ==
+ mbedtls_ssl_get_output_buflen(&client.ssl));
+ TEST_ASSERT(client.ssl.in_buf_len ==
+ mbedtls_ssl_get_input_buflen(&client.ssl));
+ TEST_ASSERT(server.ssl.out_buf_len ==
+ mbedtls_ssl_get_output_buflen(&server.ssl));
+ TEST_ASSERT(server.ssl.in_buf_len ==
+ mbedtls_ssl_get_input_buflen(&server.ssl));
+ }
+#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
+ }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+ TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&client.conf) == &client);
+ TEST_ASSERT(mbedtls_ssl_get_user_data_p(&client.ssl) == &client);
+ TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&server.conf) == &server);
+ TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server);
+
+exit:
+ mbedtls_test_ssl_endpoint_free(&client,
+ options->dtls != 0 ? &client_context : NULL);
+ mbedtls_test_ssl_endpoint_free(&server,
+ options->dtls != 0 ? &server_context : NULL);
+#if defined(MBEDTLS_DEBUG_C)
+ if (options->cli_log_fun || options->srv_log_fun) {
+ mbedtls_debug_set_threshold(0);
+ }
+#endif
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+ if (context_buf != NULL) {
+ mbedtls_free(context_buf);
+ }
+#endif
+ MD_OR_USE_PSA_DONE();
+}
+#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+int mbedtls_test_tweak_tls13_certificate_msg_vector_len(
+ unsigned char *buf, unsigned char **end, int tweak,
+ int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args)
+{
+/*
+ * The definition of the tweaks assume that the certificate list contains only
+ * one certificate.
+ */
+
+/*
+ * struct {
+ * opaque cert_data<1..2^24-1>;
+ * Extension extensions<0..2^16-1>;
+ * } CertificateEntry;
+ *
+ * struct {
+ * opaque certificate_request_context<0..2^8-1>;
+ * CertificateEntry certificate_list<0..2^24-1>;
+ * } Certificate;
+ */
+ unsigned char *p_certificate_request_context_len = buf;
+ size_t certificate_request_context_len = buf[0];
+
+ unsigned char *p_certificate_list_len =
+ buf + 1 + certificate_request_context_len;
+ unsigned char *certificate_list = p_certificate_list_len + 3;
+ size_t certificate_list_len =
+ MBEDTLS_GET_UINT24_BE(p_certificate_list_len, 0);
+
+ unsigned char *p_cert_data_len = certificate_list;
+ unsigned char *cert_data = p_cert_data_len + 3;
+ size_t cert_data_len = MBEDTLS_GET_UINT24_BE(p_cert_data_len, 0);
+
+ unsigned char *p_extensions_len = cert_data + cert_data_len;
+ unsigned char *extensions = p_extensions_len + 2;
+ size_t extensions_len = MBEDTLS_GET_UINT16_BE(p_extensions_len, 0);
+
+ *expected_result = MBEDTLS_ERR_SSL_DECODE_ERROR;
+
+ switch (tweak) {
+ case 1:
+ /* Failure when checking if the certificate request context length
+ * and certificate list length can be read
+ */
+ *end = buf + 3;
+ set_chk_buf_ptr_args(args, buf, *end, 4);
+ break;
+
+ case 2:
+ /* Invalid certificate request context length.
+ */
+ *p_certificate_request_context_len =
+ (unsigned char) certificate_request_context_len + 1;
+ reset_chk_buf_ptr_args(args);
+ break;
+
+ case 3:
+ /* Failure when checking if certificate_list data can be read. */
+ MBEDTLS_PUT_UINT24_BE(certificate_list_len + 1,
+ p_certificate_list_len, 0);
+ set_chk_buf_ptr_args(args, certificate_list, *end,
+ certificate_list_len + 1);
+ break;
+
+ case 4:
+ /* Failure when checking if the cert_data length can be read. */
+ MBEDTLS_PUT_UINT24_BE(2, p_certificate_list_len, 0);
+ set_chk_buf_ptr_args(args, p_cert_data_len, certificate_list + 2, 3);
+ break;
+
+ case 5:
+ /* Failure when checking if cert_data data can be read. */
+ MBEDTLS_PUT_UINT24_BE(certificate_list_len - 3 + 1,
+ p_cert_data_len, 0);
+ set_chk_buf_ptr_args(args, cert_data,
+ certificate_list + certificate_list_len,
+ certificate_list_len - 3 + 1);
+ break;
+
+ case 6:
+ /* Failure when checking if the extensions length can be read. */
+ MBEDTLS_PUT_UINT24_BE(certificate_list_len - extensions_len - 1,
+ p_certificate_list_len, 0);
+ set_chk_buf_ptr_args(
+ args, p_extensions_len,
+ certificate_list + certificate_list_len - extensions_len - 1, 2);
+ break;
+
+ case 7:
+ /* Failure when checking if extensions data can be read. */
+ MBEDTLS_PUT_UINT16_BE(extensions_len + 1, p_extensions_len, 0);
+
+ set_chk_buf_ptr_args(
+ args, extensions,
+ certificate_list + certificate_list_len, extensions_len + 1);
+ break;
+
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+#endif /* MBEDTLS_TEST_HOOKS */
+
+/*
+ * Functions for tests based on tickets. Implementations of the
+ * write/parse ticket interfaces as defined by mbedtls_ssl_ticket_write/parse_t.
+ * Basically same implementations as in ticket.c without the encryption. That
+ * way we can tweak easily tickets characteristics to simulate misbehaving
+ * peers.
+ */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+int mbedtls_test_ticket_write(
+ void *p_ticket, const mbedtls_ssl_session *session,
+ unsigned char *start, const unsigned char *end,
+ size_t *tlen, uint32_t *lifetime)
+{
+ int ret;
+ ((void) p_ticket);
+
+ if ((ret = mbedtls_ssl_session_save(session, start, end - start,
+ tlen)) != 0) {
+ return ret;
+ }
+
+ /* Maximum ticket lifetime as defined in RFC 8446 */
+ *lifetime = 7 * 24 * 3600;
+
+ return 0;
+}
+
+int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
+ unsigned char *buf, size_t len)
+{
+ ((void) p_ticket);
+
+ return mbedtls_ssl_session_load(session, buf, len);
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SRV_C) && \
+ defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+int mbedtls_test_get_tls13_ticket(
+ mbedtls_test_handshake_test_options *client_options,
+ mbedtls_test_handshake_test_options *server_options,
+ mbedtls_ssl_session *session)
+{
+ int ret = -1;
+ unsigned char buf[64];
+ mbedtls_test_ssl_endpoint client_ep, server_ep;
+
+ mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
+ mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
+
+ ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
+ client_options, NULL, NULL, NULL);
+ TEST_EQUAL(ret, 0);
+
+ ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
+ server_options, NULL, NULL, NULL);
+ TEST_EQUAL(ret, 0);
+
+ mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
+ mbedtls_test_ticket_write,
+ mbedtls_test_ticket_parse,
+ NULL);
+
+ ret = mbedtls_test_mock_socket_connect(&(client_ep.socket),
+ &(server_ep.socket), 1024);
+ TEST_EQUAL(ret, 0);
+
+ TEST_EQUAL(mbedtls_test_move_handshake_to_state(
+ &(server_ep.ssl), &(client_ep.ssl),
+ MBEDTLS_SSL_HANDSHAKE_OVER), 0);
+
+ TEST_EQUAL(server_ep.ssl.handshake->new_session_tickets_count, 0);
+
+ do {
+ ret = mbedtls_ssl_read(&(client_ep.ssl), buf, sizeof(buf));
+ } while (ret != MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET);
+
+ ret = mbedtls_ssl_get_session(&(client_ep.ssl), session);
+ TEST_EQUAL(ret, 0);
+
+exit:
+ mbedtls_test_ssl_endpoint_free(&client_ep, NULL);
+ mbedtls_test_ssl_endpoint_free(&server_ep, NULL);
+
+ return ret;
+}
+#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_SRV_C &&
+ MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS &&
+ MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
+
+#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/tests/src/test_memory.c b/tests/src/test_memory.c
new file mode 100644
index 0000000..ac9dde6
--- /dev/null
+++ b/tests/src/test_memory.c
@@ -0,0 +1,60 @@
+/**
+ * \file memory.c
+ *
+ * \brief Helper functions related to testing memory management.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <test/memory.h>
+
+#if defined(MBEDTLS_TEST_MEMORY_CAN_POISON)
+#include <sanitizer/asan_interface.h>
+#include <stdint.h>
+#endif
+
+#if defined(MBEDTLS_TEST_MEMORY_CAN_POISON)
+
+_Thread_local unsigned int mbedtls_test_memory_poisoning_count = 0;
+
+static void align_for_asan(const unsigned char **p_ptr, size_t *p_size)
+{
+ uintptr_t start = (uintptr_t) *p_ptr;
+ uintptr_t end = start + (uintptr_t) *p_size;
+ /* ASan can only poison regions with 8-byte alignment, and only poisons a
+ * region if it's fully within the requested range. We want to poison the
+ * whole requested region and don't mind a few extra bytes. Therefore,
+ * align start down to an 8-byte boundary, and end up to an 8-byte
+ * boundary. */
+ start = start & ~(uintptr_t) 7;
+ end = (end + 7) & ~(uintptr_t) 7;
+ *p_ptr = (const unsigned char *) start;
+ *p_size = end - start;
+}
+
+void mbedtls_test_memory_poison(const unsigned char *ptr, size_t size)
+{
+ if (mbedtls_test_memory_poisoning_count == 0) {
+ return;
+ }
+ if (size == 0) {
+ return;
+ }
+ align_for_asan(&ptr, &size);
+ __asan_poison_memory_region(ptr, size);
+}
+
+void mbedtls_test_memory_unpoison(const unsigned char *ptr, size_t size)
+{
+ if (size == 0) {
+ return;
+ }
+ align_for_asan(&ptr, &size);
+ __asan_unpoison_memory_region(ptr, size);
+}
+#endif /* Memory poisoning */
diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c
new file mode 100644
index 0000000..c1686c2
--- /dev/null
+++ b/tests/src/threading_helpers.c
@@ -0,0 +1,354 @@
+/** Mutex usage verification framework. */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/threading_helpers.h>
+#include <test/macros.h>
+
+#include "mbedtls/threading.h"
+
+#if defined(MBEDTLS_THREADING_C)
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+
+static int threading_thread_create_pthread(mbedtls_test_thread_t *thread, void *(*thread_func)(
+ void *), void *thread_data)
+{
+ if (thread == NULL || thread_func == NULL) {
+ return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
+ }
+
+ if (pthread_create(&thread->thread, NULL, thread_func, thread_data)) {
+ return MBEDTLS_ERR_THREADING_THREAD_ERROR;
+ }
+
+ return 0;
+}
+
+static int threading_thread_join_pthread(mbedtls_test_thread_t *thread)
+{
+ if (thread == NULL) {
+ return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
+ }
+
+ if (pthread_join(thread->thread, NULL) != 0) {
+ return MBEDTLS_ERR_THREADING_THREAD_ERROR;
+ }
+
+ return 0;
+}
+
+int (*mbedtls_test_thread_create)(mbedtls_test_thread_t *thread, void *(*thread_func)(void *),
+ void *thread_data) = threading_thread_create_pthread;
+int (*mbedtls_test_thread_join)(mbedtls_test_thread_t *thread) = threading_thread_join_pthread;
+
+#endif /* MBEDTLS_THREADING_PTHREAD */
+
+#if defined(MBEDTLS_THREADING_ALT)
+
+static int threading_thread_create_fail(mbedtls_test_thread_t *thread,
+ void *(*thread_func)(void *),
+ void *thread_data)
+{
+ (void) thread;
+ (void) thread_func;
+ (void) thread_data;
+
+ return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
+}
+
+static int threading_thread_join_fail(mbedtls_test_thread_t *thread)
+{
+ (void) thread;
+
+ return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
+}
+
+int (*mbedtls_test_thread_create)(mbedtls_test_thread_t *thread, void *(*thread_func)(void *),
+ void *thread_data) = threading_thread_create_fail;
+int (*mbedtls_test_thread_join)(mbedtls_test_thread_t *thread) = threading_thread_join_fail;
+
+#endif /* MBEDTLS_THREADING_ALT */
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+
+#include "mbedtls/threading.h"
+
+/** Mutex usage verification framework.
+ *
+ * The mutex usage verification code below aims to detect bad usage of
+ * Mbed TLS's mutex abstraction layer at runtime. Note that this is solely
+ * about the use of the mutex itself, not about checking whether the mutex
+ * correctly protects whatever it is supposed to protect.
+ *
+ * The normal usage of a mutex is:
+ * ```
+ * digraph mutex_states {
+ * "UNINITIALIZED"; // the initial state
+ * "IDLE";
+ * "FREED";
+ * "LOCKED";
+ * "UNINITIALIZED" -> "IDLE" [label="init"];
+ * "FREED" -> "IDLE" [label="init"];
+ * "IDLE" -> "LOCKED" [label="lock"];
+ * "LOCKED" -> "IDLE" [label="unlock"];
+ * "IDLE" -> "FREED" [label="free"];
+ * }
+ * ```
+ *
+ * All bad transitions that can be unambiguously detected are reported.
+ * An attempt to use an uninitialized mutex cannot be detected in general
+ * since the memory content may happen to denote a valid state. For the same
+ * reason, a double init cannot be detected.
+ * All-bits-zero is the state of a freed mutex, which is distinct from an
+ * initialized mutex, so attempting to use zero-initialized memory as a mutex
+ * without calling the init function is detected.
+ *
+ * The framework attempts to detect missing calls to init and free by counting
+ * calls to init and free. If there are more calls to init than free, this
+ * means that a mutex is not being freed somewhere, which is a memory leak
+ * on platforms where a mutex consumes resources other than the
+ * mbedtls_threading_mutex_t object itself. If there are more calls to free
+ * than init, this indicates a missing init, which is likely to be detected
+ * by an attempt to lock the mutex as well. A limitation of this framework is
+ * that it cannot detect scenarios where there is exactly the same number of
+ * calls to init and free but the calls don't match. A bug like this is
+ * unlikely to happen uniformly throughout the whole test suite though.
+ *
+ * If an error is detected, this framework will report what happened and the
+ * test case will be marked as failed. Unfortunately, the error report cannot
+ * indicate the exact location of the problematic call. To locate the error,
+ * use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error().
+ */
+enum value_of_mutex_state_field {
+ /* Potential values for the state field of mbedtls_threading_mutex_t.
+ * Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for
+ * compatibility with threading_mutex_init_pthread() and
+ * threading_mutex_free_pthread(). MUTEX_LOCKED could be any nonzero
+ * value. */
+ MUTEX_FREED = 0, //! < Set by mbedtls_test_wrap_mutex_free
+ MUTEX_IDLE = 1, //! < Set by mbedtls_test_wrap_mutex_init and by mbedtls_test_wrap_mutex_unlock
+ MUTEX_LOCKED = 2, //! < Set by mbedtls_test_wrap_mutex_lock
+};
+
+typedef struct {
+ void (*init)(mbedtls_threading_mutex_t *);
+ void (*free)(mbedtls_threading_mutex_t *);
+ int (*lock)(mbedtls_threading_mutex_t *);
+ int (*unlock)(mbedtls_threading_mutex_t *);
+} mutex_functions_t;
+static mutex_functions_t mutex_functions;
+
+/**
+ * The mutex used to guard live_mutexes below and access to the status variable
+ * in every mbedtls_threading_mutex_t.
+ * Note that we are not reporting any errors when locking and unlocking this
+ * mutex. This is for a couple of reasons:
+ *
+ * 1. We have no real way of reporting any errors with this mutex - we cannot
+ * report it back to the caller, as the failure was not that of the mutex
+ * passed in. We could fail the test, but again this would indicate a problem
+ * with the test code that did not exist.
+ *
+ * 2. Any failure to lock is unlikely to be intermittent, and will thus not
+ * give false test results - the overall result would be to turn off the
+ * testing. This is not a situation that is likely to happen with normal
+ * testing and we still have TSan to fall back on should this happen.
+ */
+mbedtls_threading_mutex_t mbedtls_test_mutex_mutex;
+
+/**
+ * The total number of calls to mbedtls_mutex_init(), minus the total number
+ * of calls to mbedtls_mutex_free().
+ *
+ * Do not read or write without holding mbedtls_test_mutex_mutex (above). Reset
+ * to 0 after each test case.
+ */
+static int live_mutexes;
+
+static void mbedtls_test_mutex_usage_error(mbedtls_threading_mutex_t *mutex,
+ const char *msg)
+{
+ (void) mutex;
+
+ mbedtls_test_set_mutex_usage_error(msg);
+ mbedtls_fprintf(stdout, "[mutex: %s] ", msg);
+ /* Don't mark the test as failed yet. This way, if the test fails later
+ * for a functional reason, the test framework will report the message
+ * and location for this functional reason. If the test passes,
+ * mbedtls_test_mutex_usage_check() will mark it as failed. */
+}
+
+static int mbedtls_test_mutex_can_test(mbedtls_threading_mutex_t *mutex)
+{
+ /* If we attempt to run tests on this mutex then we are going to run into a
+ * couple of problems:
+ * 1. If any test on this mutex fails, we are going to deadlock when
+ * reporting that failure, as we already hold the mutex at that point.
+ * 2. Given the 'global' position of the initialization and free of this
+ * mutex, it will be shown as leaked on the first test run. */
+ if (mutex == mbedtls_test_get_info_mutex()) {
+ return 0;
+ }
+
+ return 1;
+}
+
+static void mbedtls_test_wrap_mutex_init(mbedtls_threading_mutex_t *mutex)
+{
+ mutex_functions.init(mutex);
+
+ if (mbedtls_test_mutex_can_test(mutex)) {
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+ mutex->state = MUTEX_IDLE;
+ ++live_mutexes;
+
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
+ }
+ }
+}
+
+static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex)
+{
+ if (mbedtls_test_mutex_can_test(mutex)) {
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+
+ switch (mutex->state) {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error(mutex, "free without init or double free");
+ break;
+ case MUTEX_IDLE:
+ mutex->state = MUTEX_FREED;
+ --live_mutexes;
+ break;
+ case MUTEX_LOCKED:
+ mbedtls_test_mutex_usage_error(mutex, "free without unlock");
+ break;
+ default:
+ mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+ break;
+ }
+
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
+ }
+ }
+
+ mutex_functions.free(mutex);
+}
+
+static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex)
+{
+ /* Lock the passed in mutex first, so that the only way to change the state
+ * is to hold the passed in and internal mutex - otherwise we create a race
+ * condition. */
+ int ret = mutex_functions.lock(mutex);
+
+ if (mbedtls_test_mutex_can_test(mutex)) {
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+ switch (mutex->state) {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error(mutex, "lock without init");
+ break;
+ case MUTEX_IDLE:
+ if (ret == 0) {
+ mutex->state = MUTEX_LOCKED;
+ }
+ break;
+ case MUTEX_LOCKED:
+ mbedtls_test_mutex_usage_error(mutex, "double lock");
+ break;
+ default:
+ mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+ break;
+ }
+
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
+ }
+ }
+
+ return ret;
+}
+
+static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex)
+{
+ /* Lock the internal mutex first and change state, so that the only way to
+ * change the state is to hold the passed in and internal mutex - otherwise
+ * we create a race condition. */
+ if (mbedtls_test_mutex_can_test(mutex)) {
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+ switch (mutex->state) {
+ case MUTEX_FREED:
+ mbedtls_test_mutex_usage_error(mutex, "unlock without init");
+ break;
+ case MUTEX_IDLE:
+ mbedtls_test_mutex_usage_error(mutex, "unlock without lock");
+ break;
+ case MUTEX_LOCKED:
+ mutex->state = MUTEX_IDLE;
+ break;
+ default:
+ mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+ break;
+ }
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
+ }
+ }
+
+ return mutex_functions.unlock(mutex);
+}
+
+void mbedtls_test_mutex_usage_init(void)
+{
+ mutex_functions.init = mbedtls_mutex_init;
+ mutex_functions.free = mbedtls_mutex_free;
+ mutex_functions.lock = mbedtls_mutex_lock;
+ mutex_functions.unlock = mbedtls_mutex_unlock;
+ mbedtls_mutex_init = &mbedtls_test_wrap_mutex_init;
+ mbedtls_mutex_free = &mbedtls_test_wrap_mutex_free;
+ mbedtls_mutex_lock = &mbedtls_test_wrap_mutex_lock;
+ mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock;
+
+ mutex_functions.init(&mbedtls_test_mutex_mutex);
+}
+
+void mbedtls_test_mutex_usage_check(void)
+{
+ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) {
+ if (live_mutexes != 0) {
+ /* A positive number (more init than free) means that a mutex resource
+ * is leaking (on platforms where a mutex consumes more than the
+ * mbedtls_threading_mutex_t object itself). The (hopefully) rare
+ * case of a negative number means a missing init somewhere. */
+ mbedtls_fprintf(stdout, "[mutex: %d leaked] ", live_mutexes);
+ live_mutexes = 0;
+ mbedtls_test_set_mutex_usage_error("missing free");
+ }
+ if (mbedtls_test_get_mutex_usage_error() != NULL &&
+ mbedtls_test_get_result() != MBEDTLS_TEST_RESULT_FAILED) {
+ /* Functionally, the test passed. But there was a mutex usage error,
+ * so mark the test as failed after all. */
+ mbedtls_test_fail("Mutex usage error", __LINE__, __FILE__);
+ }
+ mbedtls_test_set_mutex_usage_error(NULL);
+
+ mutex_functions.unlock(&mbedtls_test_mutex_mutex);
+ }
+}
+
+void mbedtls_test_mutex_usage_end(void)
+{
+ mbedtls_mutex_init = mutex_functions.init;
+ mbedtls_mutex_free = mutex_functions.free;
+ mbedtls_mutex_lock = mutex_functions.lock;
+ mbedtls_mutex_unlock = mutex_functions.unlock;
+
+ mutex_functions.free(&mbedtls_test_mutex_mutex);
+}
+
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
+
+#endif /* MBEDTLS_THREADING_C */