diff --git a/.github/workflows/oss-history.yml b/.github/workflows/oss-history.yml index e602d8074534..bfa40ab60192 100644 --- a/.github/workflows/oss-history.yml +++ b/.github/workflows/oss-history.yml @@ -41,4 +41,4 @@ jobs: uses: nrfconnect/action-oss-history@main with: workspace: 'ncs' - args: -p zephyr -p wfa-qt-control-app + args: -p zephyr -p hostap -p wfa-qt-control-app diff --git a/CODEOWNERS b/CODEOWNERS index 50ca1c628be0..fed5be0b5d56 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -894,7 +894,6 @@ /tests/bluetooth/bsim/nrf_auraconfig/ @nrfconnect/ncs-audio /tests/bluetooth/bsim/custom_ltk/ @nrfconnect/ncs-paladin /tests/bluetooth/tester/ @carlescufi @nrfconnect/ncs-paladin -/tests/crypto/ @magnev /tests/drivers/audio/ @nrfconnect/ncs-low-level-test /tests/drivers/can/ @nrfconnect/ncs-low-level-test /tests/drivers/dect/dect_mdm/integration/ @nrfconnect/ncs-dect-nr-plus diff --git a/doc/nrf/app_dev/device_guides/kmu_guides/kmu_provisioning_overview.rst b/doc/nrf/app_dev/device_guides/kmu_guides/kmu_provisioning_overview.rst index 7934bed25443..9fabfc0d6379 100644 --- a/doc/nrf/app_dev/device_guides/kmu_guides/kmu_provisioning_overview.rst +++ b/doc/nrf/app_dev/device_guides/kmu_guides/kmu_provisioning_overview.rst @@ -381,7 +381,7 @@ The following example shows how the PSA key attribute values are converted when psa_set_key_usage_flags(&attr, PSA_KEY_USAGE_VERIFY_HASH); psa_set_key_lifetime(&attr, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( CRACEN_KEY_PERSISTENCE_REVOKABLE, PSA_KEY_LOCATION_CRACEN_KMU)); - psa_set_key_id(&attr, PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT( + psa_set_key_id(&attr, PSA_KEY_ID_FROM_CRACEN_KMU_SLOT( CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 226)); #. The CRACEN driver :c:func:`convert_from_psa_attributes` function converts these PSA attributes to the following :c:struct:`kmu_metadata` field values: diff --git a/doc/nrf/app_dev/device_guides/kmu_guides/kmu_psa_crypto_api_prog_model.rst b/doc/nrf/app_dev/device_guides/kmu_guides/kmu_psa_crypto_api_prog_model.rst index 154d2c9a98a0..5854da681dab 100644 --- a/doc/nrf/app_dev/device_guides/kmu_guides/kmu_psa_crypto_api_prog_model.rst +++ b/doc/nrf/app_dev/device_guides/kmu_guides/kmu_psa_crypto_api_prog_model.rst @@ -56,7 +56,7 @@ To identify that the KMU is used as a persistent storage backend for a specific | | Keys that are read-only due to policy restrictions, rather than physical limitations, should not have this persistence level. * - ``key_id`` (``psa_set_key_id``) - - | ``PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(kmu_usage_scheme, kmu_slot_nr)`` + - | ``PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(kmu_usage_scheme, kmu_slot_nr)`` | | For ``kmu_usage_scheme`` values, see :ref:`ug_kmu_guides_key_usage_schemes`. | diff --git a/doc/nrf/conf.py b/doc/nrf/conf.py index a67eee2e7d93..b0dbb58180f8 100644 --- a/doc/nrf/conf.py +++ b/doc/nrf/conf.py @@ -7,7 +7,6 @@ # nrf documentation build configuration file import os -import re import sys from pathlib import Path @@ -21,6 +20,7 @@ ZEPHYR_BASE = utils.get_projdir("zephyr") MCUBOOT_BASE = utils.get_projdir("mcuboot") +MBEDTLS_BASE = NRF_BASE / ".." / "modules" / "crypto" / "mbedtls" # General configuration -------------------------------------------------------- @@ -143,17 +143,11 @@ # create mbedtls config header (needed for Doxygen) _doxyrunner_outdir.mkdir(exist_ok=True, parents=True) -fin_path = NRF_BASE / "subsys" / "nrf_security" / "configs" / "legacy_crypto_config.h.template" +fin_path = MBEDTLS_BASE / "include" / "mbedtls" / "mbedtls_config.h" fout_path = _doxyrunner_outdir / "mbedtls_doxygen_config.h" with open(fin_path) as fin, open(fout_path, "w") as fout: - fout.write( - re.sub( - r"#cmakedefine ([A-Z0-9_-]+)", - r"#define \1", - fin.read() - ) - ) + fout.write(fin.read()) # -- Options for doxybridge plugin --------------------------------------------- diff --git a/doc/nrf/libraries/security/nrf_security/doc/backend_config.rst b/doc/nrf/libraries/security/nrf_security/doc/backend_config.rst index cabd86a95875..da14a97d5765 100644 --- a/doc/nrf/libraries/security/nrf_security/doc/backend_config.rst +++ b/doc/nrf/libraries/security/nrf_security/doc/backend_config.rst @@ -31,8 +31,6 @@ Deprecation of legacy crypto support The following changes have been made to the legacy crypto support with the deprecation announcement: -* Enabling the Kconfig option :kconfig:option:`CONFIG_NRF_SECURITY` replaces using the Kconfig option :kconfig:option:`CONFIG_NORDIC_SECURITY_BACKEND` to enable the legacy crypto support. - Setting :kconfig:option:`CONFIG_NORDIC_SECURITY_BACKEND` also enables :kconfig:option:`CONFIG_MBEDTLS_LEGACY_CRYPTO_C`, which shows a deprecation warning in the build output. * The legacy Mbed TLS APIs no longer support the glued functionality. * Legacy configurations no longer have an effect on the configurations for the secure image of a TF-M build. @@ -49,19 +47,6 @@ These legacy crypto backends are provided as *alternative implementations* of th The legacy crypto configuration only allows one backend to be enabled at the same time. -The following table lists the available legacy crypto backends with their respective Kconfig options and the corresponding hardware platforms. - -+-----------------------------------------------+-----------------------------------------+----------------------------------------------------------+ -| Driver library | Legacy crypto backend | Supported hardware platforms | -+===============================================+=========================================+==========================================================+ -| :ref:`nrf_cc3xx_mbedcrypto_readme` | :kconfig:option:`CONFIG_CC3XX_BACKEND` | nRF52840, nRF5340, nRF91 Series devices | -+-----------------------------------------------+-----------------------------------------+----------------------------------------------------------+ -| :ref:`nrf_oberon ` | :kconfig:option:`CONFIG_OBERON_BACKEND` | nRF devices with Arm Cortex®-M0, -M4, or -M33 processors | -+-----------------------------------------------+-----------------------------------------+----------------------------------------------------------+ - -.. note:: - Enabling the CryptoCell by using :kconfig:option:`CONFIG_CC3XX_BACKEND` in a non-secure image of a TF-M build will have no effect. - AES configuration ***************** @@ -115,8 +100,6 @@ To configure AES cipher modes, set the following Kconfig options: +--------------+----------------------------------------------------+----------------------------------------+ | CBC | :kconfig:option:`CONFIG_MBEDTLS_CIPHER_MODE_CBC` | | +--------------+----------------------------------------------------+----------------------------------------+ -| XTS | :kconfig:option:`CONFIG_MBEDTLS_CIPHER_MODE_XTS` | nrf_oberon only | -+--------------+----------------------------------------------------+----------------------------------------+ .. note:: AES cipher modes are dependent on enabling AES core support according to `AES configuration`_. @@ -169,8 +152,6 @@ Feature support CMAC configuration ****************** -To configure Cipher-based Message Authentication Code (CMAC) support, set the :kconfig:option:`CONFIG_MBEDTLS_CMAC_C` Kconfig option. - Feature support =============== @@ -205,12 +186,6 @@ To configure Authenticated Encryption with Associated Data (AEAD), set the follo +--------------+------------------------------------------------+-----------------------------------------+ | AES GCM | :kconfig:option:`CONFIG_MBEDTLS_GCM_C` | nrf_oberon or nrf_cc312 | +--------------+------------------------------------------------+-----------------------------------------+ -| ChaCha20 | :kconfig:option:`CONFIG_MBEDTLS_CHACHA20_C` | | -+--------------+------------------------------------------------+-----------------------------------------+ -| Poly1305 | :kconfig:option:`CONFIG_MBEDTLS_POLY1305_C` | | -+--------------+------------------------------------------------+-----------------------------------------+ -| ChaCha-Poly | :kconfig:option:`CONFIG_MBEDTLS_CHACHAPOLY_C` | Requires `Poly1305` and `ChaCha20` | -+--------------+------------------------------------------------+-----------------------------------------+ .. note:: * AEAD AES cipher modes are dependent on enabling AES core support according to `AES configuration`_. @@ -267,8 +242,6 @@ Feature support DHM configurations ****************** -To configure Diffie-Hellman-Merkle (DHM) support, set the :kconfig:option:`CONFIG_MBEDTLS_DHM_C` Kconfig option. - Feature support =============== @@ -326,14 +299,6 @@ Feature support ECDH configurations ******************* -To configure Elliptic Curve Diffie-Hellman (ECDH) support, set the :kconfig:option:`CONFIG_MBEDTLS_ECDH_C` Kconfig option. - -+--------------+---------------------------------------------+ -| Algorithm | Configurations | -+==============+=============================================+ -| ECDH | :kconfig:option:`CONFIG_MBEDTLS_ECDH_C` | -+--------------+---------------------------------------------+ - .. note:: * ECDH support depends on `ECC Configurations`_ being enabled. * The :ref:`nrf_cc3xx_mbedcrypto_readme` does not integrate on ECP layer. @@ -420,14 +385,6 @@ Feature support ECJPAKE configurations ********************** -To configure Elliptic Curve, Password Authenticated Key Exchange by Juggling (ECJPAKE) support, set the :kconfig:option:`CONFIG_MBEDTLS_ECJPAKE_C` Kconfig option. - -+--------------+----------------------------------------------+ -| Algorithm | Configurations | -+==============+==============================================+ -| ECJPAKE | :kconfig:option:`CONFIG_MBEDTLS_ECJPAKE_C` | -+--------------+----------------------------------------------+ - .. note:: ECJPAKE support depends upon `ECC Configurations`_ being enabled. @@ -450,26 +407,6 @@ ECC curves configurations It is possible to configure the curves that should be supported in the system depending on the backend selected. -The following curves can be enabled: - -+-----------------------------+------------------------------------------------------------+--------------------------+ -| Curve | Configurations | Note | -+=============================+============================================================+==========================+ -| NIST secp224r1 | :kconfig:option:`CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED` | | -+-----------------------------+------------------------------------------------------------+--------------------------+ -| NIST secp256r1 | :kconfig:option:`CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED` | | -+-----------------------------+------------------------------------------------------------+--------------------------+ -| NIST secp384r1 | :kconfig:option:`CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED` | | -+-----------------------------+------------------------------------------------------------+--------------------------+ -| NIST secp521r1 | :kconfig:option:`CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED` | | -+-----------------------------+------------------------------------------------------------+--------------------------+ -| Koblitz secp224k1 | :kconfig:option:`CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED` | | -+-----------------------------+------------------------------------------------------------+--------------------------+ -| Koblitz secp256k1 | :kconfig:option:`CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED` | | -+-----------------------------+------------------------------------------------------------+--------------------------+ -| Curve25519 | :kconfig:option:`CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED` | | -+-----------------------------+------------------------------------------------------------+--------------------------+ - .. note:: * The :ref:`nrf_oberon_readme` only supports ECC curve secp224r1 and secp256r1. * Choosing the nrf_oberon backend does not allow enabling the rest of the ECC curve types. @@ -520,14 +457,8 @@ To configure the Secure Hash algorithms, set the following Kconfig options: +--------------+--------------------+---------------------------------------------+ | Algorithm | Support | Backend selection | +==============+====================+=============================================+ -| SHA-1 | | :kconfig:option:`CONFIG_MBEDTLS_SHA1_C` | -+--------------+--------------------+---------------------------------------------+ -| SHA-224 | | :kconfig:option:`CONFIG_MBEDTLS_SHA224_C` | -+--------------+--------------------+---------------------------------------------+ | SHA-256 | | :kconfig:option:`CONFIG_MBEDTLS_SHA256_C` | +--------------+--------------------+---------------------------------------------+ -| SHA-384 | | :kconfig:option:`CONFIG_MBEDTLS_SHA384_C` | -+--------------+--------------------+---------------------------------------------+ | SHA-512 | | :kconfig:option:`CONFIG_MBEDTLS_SHA512_C` | +--------------+--------------------+---------------------------------------------+ diff --git a/doc/nrf/releases_and_maturity/known_issues.rst b/doc/nrf/releases_and_maturity/known_issues.rst index ae31821b3162..76ad728ce6fd 100644 --- a/doc/nrf/releases_and_maturity/known_issues.rst +++ b/doc/nrf/releases_and_maturity/known_issues.rst @@ -5023,8 +5023,8 @@ NCSDK-25144: Enabling Kconfig option :kconfig:option:`CONFIG_SECURE_BOOT_CRYPTO` .. rst-class:: v2-4-3 v2-4-2 v2-4-1 v2-4-0 -NCSDK-22091: Selecting both :kconfig:option:`CONFIG_NORDIC_SECURITY_BACKEND` and :kconfig:option:`CONFIG_PSA_CORE` causes a build failure - Selecting both :kconfig:option:`CONFIG_NORDIC_SECURITY_BACKEND` and :kconfig:option:`CONFIG_PSA_CORE` results in a build failure due to undefined references to different structs. +NCSDK-22091: Selecting both ``CONFIG_NORDIC_SECURITY_BACKEND`` and :kconfig:option:`CONFIG_PSA_CORE` causes a build failure + Selecting both ``CONFIG_NORDIC_SECURITY_BACKEND`` and :kconfig:option:`CONFIG_PSA_CORE` results in a build failure due to undefined references to different structs. **Workaround:** Manually define ``PSA_CORE_BUILTIN`` in the file :file:`nrf_security/configs/legacy_crypto_config.h.template`. diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-1.3.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-1.3.0.rst index 26b47a856b20..2cf801d96822 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-1.3.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-1.3.0.rst @@ -435,7 +435,7 @@ In addition to documentation related to the changes listed above, the following * :ref:`ug_nfc` - added * :ref:`ug_bootloader` - added upgradeable bootloader * Cloud client - updated -* :ref:`crypto_test` - added +* Cryptography tests - added * :ref:`libraries` - improved the structure of the library documentation * :ref:`bt_mesh` (and subpages) - added * :ref:`nrf_bt_scan_readme` - updated diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst index d287bbb8b37c..d63a4cb2956b 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst @@ -374,7 +374,7 @@ Thread * Updated: * The default cryptography backend for Thread is now Arm PSA Crypto API instead of Mbed TLS, which was used in earlier versions. - You can still build all examples with deprecated Mbed TLS support by setting the :kconfig:option:`CONFIG_OPENTHREAD_NRF_SECURITY_CHOICE` Kconfig option to ``y``, but you must build the Thread libraries from sources. + You can still build all examples with deprecated Mbed TLS support by setting the ``CONFIG_OPENTHREAD_NRF_SECURITY_CHOICE`` Kconfig option to ``y``, but you must build the Thread libraries from sources. To :ref:`inherit Thread certification ` from Nordic Semiconductor, you must use the PSA Crypto API backend. * nRF5340 SoC targets that do not include :ref:`Trusted Firmware-M ` now use Hardware Unique Key (HUK, see the :ref:`lib_hw_unique_key` library) for PSA Internal Trusted Storage (ITS). diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.7.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.7.0.rst index 4e88b4d3d576..2cb8b638971c 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.7.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.7.0.rst @@ -746,7 +746,7 @@ Cryptography samples * Support for the nRF54L15 PDK board for all crypto samples. * Support for the :zephyr:board:`nrf54h20dk` board in all crypto samples, except :ref:`crypto_persistent_key` and :ref:`crypto_tls`. * Support for the :zephyr:board:`nrf9151dk` board for all crypto samples. - * Support for the :ref:`nRF9161 DK ` board for the :ref:`crypto_test`. + * Support for the :ref:`nRF9161 DK ` board for the Cryptography tests. Common samples -------------- diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.8.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.8.0.rst index 576fe0ab989c..81c8cc22128b 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.8.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.8.0.rst @@ -340,7 +340,7 @@ Security * TF-M support for the :zephyr:board:`nrf54l15dk` (board target ``nrf54l15dk/nrf54l15/cpuapp/ns``), replacing the nRF54L15 PDK (board target ``nrf54l15pdk/nrf54l15/cpuapp/ns``). * The ``west ncs-provision`` command, which allows to provision signature verification keys to the nRF54L15 SoC over the J-Link interface. -* Deprecated legacy Mbed TLS crypto toolbox APIs that are enabled when the :kconfig:option:`CONFIG_NORDIC_SECURITY_BACKEND` Kconfig option is set. +* Deprecated legacy Mbed TLS crypto toolbox APIs that are enabled when the ``CONFIG_NORDIC_SECURITY_BACKEND`` Kconfig option is set. Use the nRF Security (enabled with the :kconfig:option:`CONFIG_NRF_SECURITY` Kconfig option) and PSA crypto APIs instead. Protocols diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-3.2.0-preview3.rst b/doc/nrf/releases_and_maturity/releases/release-notes-3.2.0-preview3.rst index 63485f16a35e..7c4db501c4d0 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-3.2.0-preview3.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-3.2.0-preview3.rst @@ -468,7 +468,7 @@ Cryptography samples * Added: - * Support for ``nrf54lv10dk/nrf54lv10a/cpuapp`` and ``nrf54lv10dk/nrf54lv10a/cpuapp/ns`` board targets to all samples (except :ref:`crypto_test`). + * Support for ``nrf54lv10dk/nrf54lv10a/cpuapp`` and ``nrf54lv10dk/nrf54lv10a/cpuapp/ns`` board targets to all samples (except Cryptography tests). * The :ref:`crypto_kmu_cracen_usage` sample. * :ref:`crypto_aes_ctr` sample: diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-3.2.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-3.2.0.rst index aa8927981557..e09cc5af0765 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-3.2.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-3.2.0.rst @@ -816,7 +816,7 @@ Cryptography samples * Added: - * Support for the ``nrf54lv10dk/nrf54lv10a/cpuapp`` and ``nrf54lv10dk/nrf54lv10a/cpuapp/ns`` board targets to all samples (except :ref:`crypto_test`). + * Support for the ``nrf54lv10dk/nrf54lv10a/cpuapp`` and ``nrf54lv10dk/nrf54lv10a/cpuapp/ns`` board targets to all samples (except Cryptography tests). * Support for the ``nrf54h20dk/nrf54h20/cpuapp`` board target to the :ref:`crypto_persistent_key` sample, demonstrating use of Internal Trusted Storage (ITS) on the nRF54H20 DK. * Support for the ``nrf54lm20dk/nrf54lm20a/cpuapp/ns`` board target in all supported cryptography samples. * Support for the ``nrf54lm20dk/nrf54lm20a/cpuapp`` board target in the following samples: diff --git a/doc/nrf/samples/crypto.rst b/doc/nrf/samples/crypto.rst index c29ae723586e..871b67260436 100644 --- a/doc/nrf/samples/crypto.rst +++ b/doc/nrf/samples/crypto.rst @@ -18,4 +18,3 @@ The samples use :ref:`PSA Crypto API ` and :glob: ../../../samples/crypto/*/README - ../../tests/crypto/README diff --git a/doc/nrf/security/crypto/crypto_supported_features.rst b/doc/nrf/security/crypto/crypto_supported_features.rst index ee0ca64ecb50..665d1f42bd44 100644 --- a/doc/nrf/security/crypto/crypto_supported_features.rst +++ b/doc/nrf/security/crypto/crypto_supported_features.rst @@ -5071,15 +5071,9 @@ The options are grouped by Series and drivers available for the device Series, a * - RSA PKCS#1 v1.5 sign - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - Supported - * - RSA raw PKCS#1 v1.5 sign - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` - - Supported * - RSA PSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - Supported - * - RSA PSS any salt - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` - - Supported * - HSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` - -- @@ -5142,21 +5136,11 @@ The options are grouped by Series and drivers available for the device Series, a - Supported - Supported - Supported - * - RSA raw PKCS#1 v1.5 sign - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` - - Supported - - Supported - - Supported * - RSA PSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - Supported - Supported - Supported - * - RSA PSS any salt - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` - - Supported - - Supported - - Supported * - HSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` - Experimental @@ -5234,15 +5218,9 @@ The options are grouped by Series and drivers available for the device Series, a * - RSA PKCS#1 v1.5 sign - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - Supported - * - RSA raw PKCS#1 v1.5 sign - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` - - Supported * - RSA PSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - Supported - * - RSA PSS any salt - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` - - Supported * - HSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` - -- @@ -5289,15 +5267,9 @@ The options are grouped by Series and drivers available for the device Series, a * - RSA PKCS#1 v1.5 sign - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - Supported - * - RSA raw PKCS#1 v1.5 sign - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` - - Supported * - RSA PSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - Supported - * - RSA PSS any salt - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` - - Supported * - HSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` - Experimental @@ -5326,7 +5298,6 @@ The options are grouped by Series and drivers available for the device Series, a .. note:: - :kconfig:option:`CONFIG_PSA_WANT_ALG_ECDSA` is limited to ECC curve types secp224r1, secp256r1, and secp384r1. - :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` is limited to ECC curve type Ed25519. - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` does not support RSA key pair generation. .. tab:: nRF54H Series @@ -5369,15 +5340,9 @@ The options are grouped by Series and drivers available for the device Series, a * - RSA PKCS#1 v1.5 sign - ``PSA_WANT_ALG_RSA_PKCS1V15_SIGN`` - -- - * - RSA raw PKCS#1 v1.5 sign - - ``PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW`` - - -- * - RSA PSS - ``PSA_WANT_ALG_RSA_PSS`` - -- - * - RSA PSS any salt - - ``PSA_WANT_ALG_RSA_PSS_ANY_SALT`` - - -- * - HSS - ``PSA_WANT_ALG_HSS`` - -- @@ -5478,15 +5443,6 @@ The options are grouped by Series and drivers available for the device Series, a - Supported - Experimental - -- - * - RSA raw PKCS#1 v1.5 sign - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` - - -- - - -- - - -- - - -- - - -- - - -- - - -- * - RSA PSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - Supported @@ -5496,15 +5452,6 @@ The options are grouped by Series and drivers available for the device Series, a - Supported - Experimental - -- - * - RSA PSS any salt - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` - - -- - - -- - - -- - - -- - - -- - - -- - - -- * - HSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` - -- @@ -5629,15 +5576,6 @@ The options are grouped by Series and drivers available for the device Series, a - Supported - Supported - Supported - * - RSA raw PKCS#1 v1.5 sign - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` - - Supported - - Supported - - Supported - - Supported - - Supported - - Supported - - Supported * - RSA PSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - Supported @@ -5647,15 +5585,6 @@ The options are grouped by Series and drivers available for the device Series, a - Supported - Supported - Supported - * - RSA PSS any salt - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` - - Supported - - Supported - - Supported - - Supported - - Supported - - Supported - - Supported * - HSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` - Experimental @@ -5732,7 +5661,6 @@ The options are grouped by Series and drivers available for the device Series, a .. note:: - :kconfig:option:`CONFIG_PSA_WANT_ALG_ECDSA` is limited to ECC curve types secp224r1, secp256r1, and secp384r1. - :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` is limited to ECC curve type Ed25519. - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` does not support RSA key pair generation. .. tab:: nRF91 Series @@ -5794,24 +5722,12 @@ The options are grouped by Series and drivers available for the device Series, a - Supported - Supported - Supported - * - RSA raw PKCS#1 v1.5 sign - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` - - Supported - - Supported - - Supported - - Supported * - RSA PSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - Supported - Supported - Supported - Supported - * - RSA PSS any salt - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` - - Supported - - Supported - - Supported - - Supported * - HSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` - -- @@ -5897,24 +5813,12 @@ The options are grouped by Series and drivers available for the device Series, a - Supported - Supported - Supported - * - RSA raw PKCS#1 v1.5 sign - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` - - Supported - - Supported - - Supported - - Supported * - RSA PSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - Supported - Supported - Supported - Supported - * - RSA PSS any salt - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` - - Supported - - Supported - - Supported - - Supported * - HSS - :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` - Experimental @@ -5967,7 +5871,6 @@ The options are grouped by Series and drivers available for the device Series, a .. note:: - :kconfig:option:`CONFIG_PSA_WANT_ALG_ECDSA` is limited to ECC curve types secp224r1, secp256r1, and secp384r1. - :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` is limited to ECC curve type Ed25519. - - :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` does not support RSA key pair generation. Asymmetric signature driver --------------------------- @@ -5997,9 +5900,7 @@ Based on this setting, Oberon PSA Crypto selects the most appropriate driver for | :kconfig:option:`CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` .. tab:: nrf_oberon @@ -6015,9 +5916,7 @@ Based on this setting, Oberon PSA Crypto selects the most appropriate driver for | :kconfig:option:`CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` (limited to ECC curve type Ed25519) | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` (does not support RSA key pair generation) | :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` | :kconfig:option:`CONFIG_PSA_WANT_ALG_LMS` | :kconfig:option:`CONFIG_PSA_WANT_ALG_ML_DSA` @@ -6044,9 +5943,7 @@ Based on this setting, Oberon PSA Crypto selects the most appropriate driver for | :kconfig:option:`CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` .. tab:: nrf_oberon @@ -6062,9 +5959,7 @@ Based on this setting, Oberon PSA Crypto selects the most appropriate driver for | :kconfig:option:`CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` (limited to ECC curve type Ed25519) | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` (does not support RSA key pair generation) | :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` | :kconfig:option:`CONFIG_PSA_WANT_ALG_LMS` | :kconfig:option:`CONFIG_PSA_WANT_ALG_ML_DSA` @@ -6109,9 +6004,7 @@ Based on this setting, Oberon PSA Crypto selects the most appropriate driver for | :kconfig:option:`CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` (limited to ECC curve type Ed25519) | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` (does not support RSA key pair generation) | :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` | :kconfig:option:`CONFIG_PSA_WANT_ALG_LMS` | :kconfig:option:`CONFIG_PSA_WANT_ALG_ML_DSA` @@ -6138,9 +6031,7 @@ Based on this setting, Oberon PSA Crypto selects the most appropriate driver for | :kconfig:option:`CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` .. tab:: nrf_oberon @@ -6156,9 +6047,7 @@ Based on this setting, Oberon PSA Crypto selects the most appropriate driver for | :kconfig:option:`CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA` | :kconfig:option:`CONFIG_PSA_WANT_ALG_PURE_EDDSA` (limited to ECC curve type Ed25519) | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW` | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS` - | :kconfig:option:`CONFIG_PSA_WANT_ALG_RSA_PSS_ANY_SALT` (does not support RSA key pair generation) | :kconfig:option:`CONFIG_PSA_WANT_ALG_HSS` | :kconfig:option:`CONFIG_PSA_WANT_ALG_LMS` | :kconfig:option:`CONFIG_PSA_WANT_ALG_ML_DSA` diff --git a/doc/nrf/templates/cheat_sheet.rst b/doc/nrf/templates/cheat_sheet.rst index 294111a8b661..86fc271cad2d 100644 --- a/doc/nrf/templates/cheat_sheet.rst +++ b/doc/nrf/templates/cheat_sheet.rst @@ -642,7 +642,7 @@ For C++ elements: Kconfig ======= -Link to library Kconfig options using :kconfig:option:`CONFIG_NORDIC_SECURITY_BACKEND`. +Link to library Kconfig options using :kconfig:option:`CONFIG_SECURE_STORAGE`. For more information on how to link to application-specific configuration options, see :ref:`Configuration options `. Example: :ref:`CONFIG_UDP_DATA_UPLOAD_FREQUENCY_SECONDS `. diff --git a/doc/nrf/test_and_optimize/test_framework/index.rst b/doc/nrf/test_and_optimize/test_framework/index.rst index 74b25a46a1eb..d44c230b2054 100644 --- a/doc/nrf/test_and_optimize/test_framework/index.rst +++ b/doc/nrf/test_and_optimize/test_framework/index.rst @@ -7,7 +7,7 @@ The |NCS| provides support for writing tests using the following methods: * Zephyr's native :ref:`zephyr:test-framework` (Ztest). This framework has features specific to the Zephyr RTOS, such as test scaffolding and setup or teardown functions. - Ztest in the |NCS| by :ref:`crypto_test`, which you can check as reference. + Ztest in the |NCS| by Cryptography tests, which you can check as reference. * The |NCS|'s framework based on Unity and CMock. Read :ref:`ug_unity_testing` for more information. diff --git a/doc/nrfxlib/nrfxlib.doxyfile.in b/doc/nrfxlib/nrfxlib.doxyfile.in index 9f4d3c1f3402..e5f2210fb047 100644 --- a/doc/nrfxlib/nrfxlib.doxyfile.in +++ b/doc/nrfxlib/nrfxlib.doxyfile.in @@ -2403,7 +2403,7 @@ INCLUDE_FILE_PATTERNS = PREDEFINED = __DOXYGEN__ \ "MBEDTLS_CONFIG_FILE=\"@OUTPUT_DIRECTORY@/mbedtls_doxygen_config.h\"" \ - "CONFIG_CC3XX_BACKEND=y" \ + "CONFIG_HW_CC3XX=y" \ "CONFIG_SYS_CLOCK_EXISTS=y" \ "CONFIG_THREAD_MONITOR=y" \ "CONFIG_THREAD_CUSTOM_DATA=y" \ diff --git a/drivers/hw_cc3xx/hw_cc3xx.c b/drivers/hw_cc3xx/hw_cc3xx.c index b4218477e459..062a4cdc39e0 100644 --- a/drivers/hw_cc3xx/hw_cc3xx.c +++ b/drivers/hw_cc3xx/hw_cc3xx.c @@ -17,6 +17,31 @@ #if CONFIG_HW_CC3XX +#if defined(CONFIG_MBEDTLS_THREADING_C) +#include + +extern nrf_cc3xx_platform_mutex_t nrf_cc3xx_platform_heap_mutex; +extern nrf_cc3xx_platform_mutex_t nrf_cc3xx_platform_key_slot_mutex; +extern nrf_cc3xx_platform_mutex_t nrf_cc3xx_platform_psa_globaldata_mutex; +extern nrf_cc3xx_platform_mutex_t nrf_cc3xx_platform_psa_rngdata_mutex; + +mbedtls_threading_mutex_t mbedtls_threading_key_slot_mutex; +mbedtls_threading_mutex_t mbedtls_threading_psa_globaldata_mutex; +mbedtls_threading_mutex_t mbedtls_threading_psa_rngdata_mutex; +mbedtls_threading_mutex_t mbedtls_threading_heap_mutex; + +static void cc3xx_sync_mbedtls_mutexes(void) +{ + mbedtls_threading_key_slot_mutex.MBEDTLS_PRIVATE(mutex) = nrf_cc3xx_platform_key_slot_mutex; + mbedtls_threading_psa_globaldata_mutex.MBEDTLS_PRIVATE(mutex) = + nrf_cc3xx_platform_psa_globaldata_mutex; + mbedtls_threading_psa_rngdata_mutex.MBEDTLS_PRIVATE(mutex) = + nrf_cc3xx_platform_psa_rngdata_mutex; + mbedtls_threading_heap_mutex.MBEDTLS_PRIVATE(mutex) = nrf_cc3xx_platform_heap_mutex; +} + +#endif + static int hw_cc3xx_init_internal(void) { @@ -46,6 +71,11 @@ static int hw_cc3xx_init(void) /* Set the RTOS mutex APIs */ nrf_cc3xx_platform_mutex_init(); +#if defined(CONFIG_MBEDTLS_THREADING_C) + /* Sync the Mbed TLS mutexes with the platform mutexes */ + cc3xx_sync_mbedtls_mutexes(); +#endif + /* Enable the hardware */ res = hw_cc3xx_init_internal(); return res; diff --git a/lib/app_jwt/CMakeLists.txt b/lib/app_jwt/CMakeLists.txt index d5ad620bd09c..d4e890f2be5b 100644 --- a/lib/app_jwt/CMakeLists.txt +++ b/lib/app_jwt/CMakeLists.txt @@ -10,4 +10,4 @@ zephyr_library_sources( app_jwt.c ) -zephyr_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS) +zephyr_link_libraries_ifdef(CONFIG_TF_PSA_CRYPTO_BUILTIN tfpsacrypto) diff --git a/lib/hw_unique_key/hw_unique_key_cracen_kmu.c b/lib/hw_unique_key/hw_unique_key_cracen_kmu.c index 28a9be33b80e..3fe75c4cffff 100644 --- a/lib/hw_unique_key/hw_unique_key_cracen_kmu.c +++ b/lib/hw_unique_key/hw_unique_key_cracen_kmu.c @@ -68,7 +68,7 @@ bool hw_unique_key_are_any_written(void) psa_drv_slot_number_t slot_number; mbedtls_svc_key_id_t key_id; - key_id = mbedtls_svc_key_id_make(0, PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT( + key_id = mbedtls_svc_key_id_make(0, PSA_KEY_ID_FROM_CRACEN_KMU_SLOT( CRACEN_KMU_KEY_USAGE_SCHEME_SEED, CONFIG_CRACEN_IKG_SEED_KMU_SLOT)); return cracen_kmu_get_key_slot(key_id, &lifetime, &slot_number) == PSA_SUCCESS; @@ -85,7 +85,7 @@ int hw_unique_key_write(enum hw_unique_key_slot key_slot, const uint8_t *key) psa_key_attributes_t seed_attr = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_id(&seed_attr, - mbedtls_svc_key_id_make(0, PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT( + mbedtls_svc_key_id_make(0, PSA_KEY_ID_FROM_CRACEN_KMU_SLOT( CRACEN_KMU_KEY_USAGE_SCHEME_SEED, CONFIG_CRACEN_IKG_SEED_KMU_SLOT))); psa_set_key_type(&seed_attr, PSA_KEY_TYPE_RAW_DATA); diff --git a/lib/identity_key/identity_key.c b/lib/identity_key/identity_key.c index c7215bf51ebe..84aa37d428c5 100644 --- a/lib/identity_key/identity_key.c +++ b/lib/identity_key/identity_key.c @@ -23,7 +23,7 @@ LOG_MODULE_REGISTER(identity_key); static int generate_random_secp256r1_private_key(uint8_t *key_buff) { psa_status_t status; - psa_key_handle_t key_handle; + psa_key_id_t key_id; size_t olen; /* Initialize PSA Crypto */ @@ -44,13 +44,13 @@ static int generate_random_secp256r1_private_key(uint8_t *key_buff) psa_set_key_type(&key_attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); psa_set_key_bits(&key_attributes, IDENTITY_KEY_SIZE_BYTES * 8); - status = psa_generate_key(&key_attributes, &key_handle); + status = psa_generate_key(&key_attributes, &key_id); if (status != PSA_SUCCESS) { LOG_ERR("psa_generate_key failed! Error: %d", status); return -IDENTITY_KEY_ERR_GENERATION_FAILED; } - status = psa_export_key(key_handle, key_buff, IDENTITY_KEY_SIZE_BYTES, &olen); + status = psa_export_key(key_id, key_buff, IDENTITY_KEY_SIZE_BYTES, &olen); if (status != PSA_SUCCESS) { LOG_ERR("psa_export_key failed! Error: %d", status); return -IDENTITY_KEY_ERR_GENERATION_FAILED; @@ -61,7 +61,7 @@ static int generate_random_secp256r1_private_key(uint8_t *key_buff) return -IDENTITY_KEY_ERR_GENERATION_FAILED; } - status = psa_destroy_key(key_handle); + status = psa_destroy_key(key_id); if (status != PSA_SUCCESS) { LOG_ERR("psa_destroy_key failed! Error: %d", status); return -IDENTITY_KEY_ERR_GENERATION_FAILED; diff --git a/modules/openthread/platform/crypto_psa.c b/modules/openthread/platform/crypto_psa.c index 30d6cc49d60e..e6c9e60b1cbb 100644 --- a/modules/openthread/platform/crypto_psa.c +++ b/modules/openthread/platform/crypto_psa.c @@ -75,7 +75,7 @@ static otError getKeyRef(otCryptoKeyRef *aInputKeyRef, psa_key_attributes_t *aAt * convert it one by one. Keys starts from 1, so we need to decrease it by 1 to get the * correct slot. */ - *aInputKeyRef = PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT( + *aInputKeyRef = PSA_KEY_ID_FROM_CRACEN_KMU_SLOT( CRACEN_KMU_KEY_USAGE_SCHEME_RAW, CONFIG_OPENTHREAD_KMU_SLOT_START + (*aInputKeyRef - CONFIG_OPENTHREAD_PSA_ITS_NVM_OFFSET) - 1); @@ -827,3 +827,8 @@ otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, uint16_t aPasswo } #endif /* #if CONFIG_OPENTHREAD_ECDSA */ + +void mbedtls_ssl_conf_rng(void) +{ + /* FIXME: need to recompile the OT library without usage of this function */ +} diff --git a/modules/trusted-firmware-m/Kconfig.mbedtls_minimal.defconfig b/modules/trusted-firmware-m/Kconfig.mbedtls_minimal.defconfig index 2814d2ba64d3..f389c07ab018 100644 --- a/modules/trusted-firmware-m/Kconfig.mbedtls_minimal.defconfig +++ b/modules/trusted-firmware-m/Kconfig.mbedtls_minimal.defconfig @@ -11,56 +11,5 @@ config MBEDTLS config MBEDTLS_TLS_VERSION_1_2 default n -config MBEDTLS_CTR_DRBG_ENABLED - default n - -config MBEDTLS_SHA1_C - default n - -config MBEDTLS_SHA512_C - default n - -config MBEDTLS_MD_C - default n if !MBEDTLS_LEGACY_CRYPTO_C - -config MBEDTLS_X509_LIBRARY - default n - -config MBEDTLS_ENABLE_HEAP - default n - -config MBEDTLS_DHM_C - default n - -config MBEDTLS_ECP_C - default n - -config MBEDTLS_CTR_DRBG_C - default n - -config MBEDTLS_CIPHER_MODE_CBC - default n - -config MBEDTLS_CIPHER_MODE_CTR - default n - -config MBEDTLS_CMAC_C - default n - -config MBEDTLS_CCM_C - default n - -config MBEDTLS_GCM_C - default n - -config MBEDTLS_CHACHA20_C - default n - -config MBEDTLS_POLY1305_C - default n - config MBEDTLS_PSA_CRYPTO_STORAGE_C default n - -config MBEDTLS_LEGACY_CRYPTO_C - default n diff --git a/modules/trusted-firmware-m/tfm_boards/external_core.cmake b/modules/trusted-firmware-m/tfm_boards/external_core.cmake index ba437c664648..a891b94966f3 100644 --- a/modules/trusted-firmware-m/tfm_boards/external_core.cmake +++ b/modules/trusted-firmware-m/tfm_boards/external_core.cmake @@ -22,31 +22,14 @@ if(TARGET tfm_api_ns) set(EXTERNAL_CRYPTO_CORE_HANDLED_TFM_API_NS True) target_include_directories(tfm_api_ns PUBLIC - ${OBERON_PSA_CORE_PATH}/include + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include ${INTERFACE_INC_DIR}/crypto_keys ) endif() -# Duplicates that can be removed -#set(TFM_MBEDCRYPTO_CONFIG_PATH ${MBEDTLS_CONFIG_FILE}) -#set(TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH ${MBEDTLS_PSA_CRYPTO_CONFIG_FILE}) -#set(TFM_MBEDCRYPTO_PSA_CRYPTO_USER_CONFIG_PATH ${MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE}) - -# Note: This is a duplicate from nrf_security/CMakeLists.txt -# with additions of the install-target for Oberon-psa-core includes if(TARGET psa_interface) set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_INTERFACE True) - target_include_directories(psa_interface - INTERFACE - ${NRF_SECURITY_ROOT}/include - $ - # Oberon library - ${OBERON_PSA_CORE_PATH}/library - # Mbed TLS (mbedcrypto) PSA headers - ${ARM_MBEDTLS_PATH}/library - ${ARM_MBEDTLS_PATH}/include - ${ARM_MBEDTLS_PATH}/include/library - ) + include(${NRF_SECURITY_DIR}/cmake/psa_interface_include_directories.cmake) endif() # Constructing config libraries in partition/crypto/CMakeLists.txt @@ -56,8 +39,7 @@ if(TARGET psa_crypto_config) set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_CRYPTO_CONFIG True) target_compile_definitions(psa_crypto_config INTERFACE - MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}" - MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" + TF_PSA_CRYPTO_CONFIG_FILE="${CONFIG_TF_PSA_CRYPTO_CONFIG_FILE}" # Give a signal that we are inside TF-M build to prevent check_config.h # complaining about lacking legacy features for Mbed TLS wrapper APIs, TLS/DTLS and X.509. INSIDE_TFM_BUILD @@ -66,8 +48,8 @@ if(TARGET psa_crypto_config) target_include_directories(psa_crypto_config INTERFACE ${PSA_CRYPTO_CONFIG_INTERFACE_PATH} - ${NRF_SECURITY_ROOT}/include - ${OBERON_PSA_CORE_PATH}/include + ${NRF_SECURITY_DIR}/include + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include ${NRF_DIR}/include/tfm ) endif() @@ -77,16 +59,15 @@ if(TARGET psa_crypto_library_config) set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_CRYPTO_LIBRARY_CONFIG True) target_compile_definitions(psa_crypto_library_config INTERFACE - MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}" - MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" - MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE}" + TF_PSA_CRYPTO_CONFIG_FILE="${CONFIG_TF_PSA_CRYPTO_CONFIG_FILE}" + TF_PSA_CRYPTO_USER_CONFIG_FILE="${CONFIG_TF_PSA_CRYPTO_USER_CONFIG_FILE}" ) target_include_directories(psa_crypto_library_config INTERFACE ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} - ${NRF_SECURITY_ROOT}/include - ${OBERON_PSA_CORE_PATH}/include + ${NRF_SECURITY_DIR}/include + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include ${NRF_DIR}/include/tfm ) @@ -111,7 +92,7 @@ if(TARGET ${MBEDTLS_TARGET_PREFIX}mbedcrypto) target_include_directories(${MBEDTLS_TARGET_PREFIX}mbedcrypto PUBLIC # The following is required for psa/error.h - $ + $ ) endif() @@ -119,8 +100,7 @@ if(TARGET tfm_sprt) set(EXTERNAL_CRYPTO_CORE_HANDLED_TFM_SPRT True) target_compile_definitions(tfm_sprt PRIVATE - MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}" - MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" + TF_PSA_CRYPTO_CONFIG_FILE="${CONFIG_TF_PSA_CRYPTO_CONFIG_FILE}" INSIDE_TFM_BUILD ) diff --git a/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake b/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake deleted file mode 100644 index 292d4d8fcbcf..000000000000 --- a/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake +++ /dev/null @@ -1,44 +0,0 @@ - -if(NOT PSA_CRYPTO_EXTERNAL_CORE) - return() -endif() - -install( - FILES - ${OBERON_PSA_CORE_PATH}/include/psa/build_info.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_adjust_auto_enabled.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_adjust_config_key_pair_types.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_adjust_config_synonyms.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_compat.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_driver_common.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_extra.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_legacy.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_platform.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_se_driver.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_sizes.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_struct.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_types.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto_values.h - ${OBERON_PSA_CORE_PATH}/include/psa/crypto.h - # The driver contexts are taken from nrf_security - ${NRF_SECURITY_ROOT}/include/psa/crypto_driver_contexts_key_derivation.h - ${NRF_SECURITY_ROOT}/include/psa/crypto_driver_contexts_primitives.h - ${NRF_SECURITY_ROOT}/include/psa/crypto_driver_contexts_composites.h - DESTINATION ${INSTALL_INTERFACE_INC_DIR}/psa -) - -install( - FILES - ${OBERON_PSA_CORE_PATH}/include/mbedtls/build_info.h - ${OBERON_PSA_CORE_PATH}/include/mbedtls/config_psa.h - DESTINATION - ${INSTALL_INTERFACE_INC_DIR}/mbedtls -) - -install( - FILES - ${PSA_CRYPTO_CONFIG_INTERFACE_PATH}/${MBEDTLS_CONFIG_FILE} - ${PSA_CRYPTO_CONFIG_INTERFACE_PATH}/${MBEDTLS_PSA_CRYPTO_CONFIG_FILE} - DESTINATION - ${INSTALL_INTERFACE_INC_DIR}/ -) diff --git a/samples/cellular/location/boards/thingy91x_nrf9151_ns.conf b/samples/cellular/location/boards/thingy91x_nrf9151_ns.conf index 62ef506deb7a..8b8b1207974c 100644 --- a/samples/cellular/location/boards/thingy91x_nrf9151_ns.conf +++ b/samples/cellular/location/boards/thingy91x_nrf9151_ns.conf @@ -29,7 +29,6 @@ CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y CONFIG_MBEDTLS=n -CONFIG_NORDIC_SECURITY_BACKEND=n # Networking CONFIG_NET_L2_ETHERNET=y diff --git a/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf b/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf index b3c652deade8..4cfb5660dc28 100644 --- a/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf +++ b/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf @@ -35,7 +35,6 @@ CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y CONFIG_MBEDTLS=n -CONFIG_NORDIC_SECURITY_BACKEND=n # Networking CONFIG_NET_L2_ETHERNET=y diff --git a/samples/cellular/lwm2m_client/overlay-assist-wifi.conf b/samples/cellular/lwm2m_client/overlay-assist-wifi.conf index 0de598989022..5452bae96439 100644 --- a/samples/cellular/lwm2m_client/overlay-assist-wifi.conf +++ b/samples/cellular/lwm2m_client/overlay-assist-wifi.conf @@ -48,7 +48,6 @@ CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y #CONFIG_MBEDTLS=n -CONFIG_NORDIC_SECURITY_BACKEND=n # Networking CONFIG_NET_L2_ETHERNET=y diff --git a/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf b/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf index fb4e4660c616..14e07e615cdd 100644 --- a/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf +++ b/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf @@ -52,7 +52,6 @@ CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y CONFIG_MBEDTLS=n -CONFIG_NORDIC_SECURITY_BACKEND=n # Networking CONFIG_NET_L2_ETHERNET=y diff --git a/samples/cellular/nrf_cloud_multi_service/boards/native_sim.conf b/samples/cellular/nrf_cloud_multi_service/boards/native_sim.conf index a319724f5536..b38cc972e79f 100644 --- a/samples/cellular/nrf_cloud_multi_service/boards/native_sim.conf +++ b/samples/cellular/nrf_cloud_multi_service/boards/native_sim.conf @@ -107,7 +107,6 @@ CONFIG_MBEDTLS_HEAP_SIZE=120000 CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=16384 CONFIG_MBEDTLS_PEM_PARSE_C=y CONFIG_MBEDTLS_PEM_WRITE_C=y -CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y @@ -115,10 +114,10 @@ CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y # NET Sockets CONFIG_NET_SOCKETS_SOCKOPT_TLS=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_ECDSA_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y CONFIG_MBEDTLS_X509_CRT_PARSE_C=y CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y @@ -126,18 +125,12 @@ CONFIG_MBEDTLS_TLS_SESSION_TICKETS=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y -CONFIG_MBEDTLS_CIPHER_GCM_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=y - -CONFIG_MBEDTLS_SHA1=y -CONFIG_MBEDTLS_SHA256=y -CONFIG_MBEDTLS_SHA384=y -CONFIG_MBEDTLS_SHA512=y +CONFIG_PSA_WANT_ECC_SECP_R1_384=y +CONFIG_PSA_WANT_ECC_SECP_R1_521=y +CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_256=y +CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_384=y +CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_512=y +CONFIG_PSA_WANT_ECC_MONTGOMERY_255=y CONFIG_MBEDTLS=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y diff --git a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf index d4a4fef18e4e..9c779d48db54 100644 --- a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf +++ b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf @@ -38,7 +38,6 @@ CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y CONFIG_MBEDTLS=n -CONFIG_NORDIC_SECURITY_BACKEND=n # Networking CONFIG_NET_L2_ETHERNET=y diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf index 9d3561b71b86..a16e6be9a103 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf @@ -136,7 +136,14 @@ CONFIG_MQTT_LIB_TLS=n CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y # Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_HEAP_SIZE=80000 @@ -159,10 +166,6 @@ CONFIG_PSA_WANT_ALG_ECDSA=y CONFIG_HOSTAP_CRYPTO_ALT_LEGACY_PSA=y ## Disable unneeded MBEDTLS features to save flash and RAM -CONFIG_MBEDTLS_CHACHA20_C=n -CONFIG_MBEDTLS_CHACHAPOLY_C=n -CONFIG_MBEDTLS_POLY1305_C=n -CONFIG_MBEDTLS_SHA1_C=n CONFIG_MBEDTLS_CIPHER_MODE_CBC=n ## Enable Wi-Fi location tracking diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf index 82432de97362..3b46efcf2449 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf @@ -141,16 +141,19 @@ CONFIG_MBEDTLS_RSA_C=y CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_HEAP_SIZE=80000 # Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y # ECDH/ECDSA are needed for TLS handshake CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_PSA_WANT_ALG_ECDSA=y ## Disable unneeded MBEDTLS features to save flash and RAM -CONFIG_MBEDTLS_CHACHA20_C=n -CONFIG_MBEDTLS_CHACHAPOLY_C=n -CONFIG_MBEDTLS_POLY1305_C=n -CONFIG_MBEDTLS_SHA1_C=n CONFIG_MBEDTLS_CIPHER_MODE_CBC=n CONFIG_MBEDTLS_SSL_SRV_C=n CONFIG_MBEDTLS_SSL_COOKIE_C=n diff --git a/samples/crypto/aes_kw/src/main.c b/samples/crypto/aes_kw/src/main.c index 97fb657d78c6..d22f62a18e8e 100644 --- a/samples/crypto/aes_kw/src/main.c +++ b/samples/crypto/aes_kw/src/main.c @@ -43,7 +43,7 @@ static uint8_t key_buf[SAMPLE_KEY_BUFFER_SIZE]; static size_t key_len; #if defined(CONFIG_SAMPLE_AES_KW_KMU_DEMO) -static psa_key_id_t enc_key_id = PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT( +static psa_key_id_t enc_key_id = PSA_KEY_ID_FROM_CRACEN_KMU_SLOT( CRACEN_KMU_KEY_USAGE_SCHEME_PROTECTED, PSA_KEY_ID_USER_MIN); #else static psa_key_id_t enc_key_id; diff --git a/samples/crypto/kmu_cracen_usage/src/main.c b/samples/crypto/kmu_cracen_usage/src/main.c index e9f494cb4706..3836c3b1b699 100644 --- a/samples/crypto/kmu_cracen_usage/src/main.c +++ b/samples/crypto/kmu_cracen_usage/src/main.c @@ -38,7 +38,7 @@ static sample_key_entry_t m_sample_keys[SAMPLE_MAX_KEY_COUNT] = { */ { /* The key requires 1 KMU slot */ - .key_id = PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_PROTECTED, + .key_id = PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_PROTECTED, PSA_KEY_ID_USER_MIN), .supported_operations = { .gen_key_cb = NULL, @@ -47,7 +47,7 @@ static sample_key_entry_t m_sample_keys[SAMPLE_MAX_KEY_COUNT] = { }, { /* The key requires 2 KMU slots */ - .key_id = PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, + .key_id = PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, PSA_KEY_ID_USER_MIN + 1), .supported_operations = { .gen_key_cb = NULL, @@ -62,7 +62,7 @@ static sample_key_entry_t m_sample_keys[SAMPLE_MAX_KEY_COUNT] = { /* The key requires 1 KMU slot + 2 additional slots *are required since the key is encrypted */ - .key_id = PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_ENCRYPTED, + .key_id = PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_ENCRYPTED, PSA_KEY_ID_USER_MIN + 3), .supported_operations = { .gen_key_cb = key_operations_generate_aes_key, @@ -71,7 +71,7 @@ static sample_key_entry_t m_sample_keys[SAMPLE_MAX_KEY_COUNT] = { }, { /* The key requires 2 KMU slots */ - .key_id = PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, + .key_id = PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, PSA_KEY_ID_USER_MIN + 6), .supported_operations = { .gen_key_cb = key_operations_generate_ecdsa_key_pair, diff --git a/samples/crypto/psa_tls/boards/nrf5340dk_nrf5340_cpuapp_ns.conf b/samples/crypto/psa_tls/boards/nrf5340dk_nrf5340_cpuapp_ns.conf index 37a38a189117..20f29460072e 100644 --- a/samples/crypto/psa_tls/boards/nrf5340dk_nrf5340_cpuapp_ns.conf +++ b/samples/crypto/psa_tls/boards/nrf5340dk_nrf5340_cpuapp_ns.conf @@ -4,7 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_NRF_ENABLE_ICACHE=n -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_PM_PARTITION_SIZE_TFM=0x60000 diff --git a/samples/crypto/psa_tls/boards/nrf54l15dk_nrf54l10_cpuapp_ns.conf b/samples/crypto/psa_tls/boards/nrf54l15dk_nrf54l10_cpuapp_ns.conf index b90e550c3bd2..d124d68e590f 100644 --- a/samples/crypto/psa_tls/boards/nrf54l15dk_nrf54l10_cpuapp_ns.conf +++ b/samples/crypto/psa_tls/boards/nrf54l15dk_nrf54l10_cpuapp_ns.conf @@ -4,7 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_NRF_ENABLE_ICACHE=n -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y # The ECDSA CA certificate is stored persistently with Protected Storage, diff --git a/samples/crypto/psa_tls/boards/nrf54l15dk_nrf54l15_cpuapp_ns.conf b/samples/crypto/psa_tls/boards/nrf54l15dk_nrf54l15_cpuapp_ns.conf index 8645c43caaba..e766ced1d6c5 100644 --- a/samples/crypto/psa_tls/boards/nrf54l15dk_nrf54l15_cpuapp_ns.conf +++ b/samples/crypto/psa_tls/boards/nrf54l15dk_nrf54l15_cpuapp_ns.conf @@ -4,7 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_NRF_ENABLE_ICACHE=n -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y # The ECDSA CA certificate is stored persistently with Protected Storage, diff --git a/samples/crypto/psa_tls/boards/nrf54lc10dk_nrf54lc10a_cpuapp.conf b/samples/crypto/psa_tls/boards/nrf54lc10dk_nrf54lc10a_cpuapp.conf index abc9cbdca5cf..bc22772649e0 100644 --- a/samples/crypto/psa_tls/boards/nrf54lc10dk_nrf54lc10a_cpuapp.conf +++ b/samples/crypto/psa_tls/boards/nrf54lc10dk_nrf54lc10a_cpuapp.conf @@ -4,7 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_NRF_ENABLE_ICACHE=n -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y # The ECDSA CA certificate is stored persistently with Protected Storage, diff --git a/samples/crypto/psa_tls/boards/nrf54lv10dk_nrf54lv10a_cpuapp_ns.conf b/samples/crypto/psa_tls/boards/nrf54lv10dk_nrf54lv10a_cpuapp_ns.conf index 0c39d077ea19..d11995bc0c7f 100644 --- a/samples/crypto/psa_tls/boards/nrf54lv10dk_nrf54lv10a_cpuapp_ns.conf +++ b/samples/crypto/psa_tls/boards/nrf54lv10dk_nrf54lv10a_cpuapp_ns.conf @@ -4,7 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_NRF_ENABLE_ICACHE=n -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y # The ECDSA CA certificate is stored persistently with Protected Storage, diff --git a/samples/crypto/psa_tls/boards/nrf7120dk_nrf7120_cpuapp_ns.conf b/samples/crypto/psa_tls/boards/nrf7120dk_nrf7120_cpuapp_ns.conf index 2fd5d01b2246..9e7c3a952467 100644 --- a/samples/crypto/psa_tls/boards/nrf7120dk_nrf7120_cpuapp_ns.conf +++ b/samples/crypto/psa_tls/boards/nrf7120dk_nrf7120_cpuapp_ns.conf @@ -3,7 +3,6 @@ # # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y # The ECDSA CA certificate is stored persistently with Protected Storage, diff --git a/samples/crypto/psa_tls/boards/nrf9151dk_nrf9151_ns.conf b/samples/crypto/psa_tls/boards/nrf9151dk_nrf9151_ns.conf index 536dd5a59678..e9e1c16abdaf 100644 --- a/samples/crypto/psa_tls/boards/nrf9151dk_nrf9151_ns.conf +++ b/samples/crypto/psa_tls/boards/nrf9151dk_nrf9151_ns.conf @@ -4,7 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_NRF_ENABLE_ICACHE=n -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_NRF_MODEM_LIB=n diff --git a/samples/crypto/psa_tls/boards/nrf9160dk_nrf9160_ns.conf b/samples/crypto/psa_tls/boards/nrf9160dk_nrf9160_ns.conf index 536dd5a59678..e9e1c16abdaf 100644 --- a/samples/crypto/psa_tls/boards/nrf9160dk_nrf9160_ns.conf +++ b/samples/crypto/psa_tls/boards/nrf9160dk_nrf9160_ns.conf @@ -4,7 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_NRF_ENABLE_ICACHE=n -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_NRF_MODEM_LIB=n diff --git a/samples/crypto/psa_tls/boards/nrf9161dk_nrf9161_ns.conf b/samples/crypto/psa_tls/boards/nrf9161dk_nrf9161_ns.conf index 536dd5a59678..e9e1c16abdaf 100644 --- a/samples/crypto/psa_tls/boards/nrf9161dk_nrf9161_ns.conf +++ b/samples/crypto/psa_tls/boards/nrf9161dk_nrf9161_ns.conf @@ -4,7 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_NRF_ENABLE_ICACHE=n -CONFIG_MBEDTLS_USE_PSA_CRYPTO=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_NRF_MODEM_LIB=n diff --git a/samples/crypto/psa_tls/overlays/cc3xx-legacy.conf b/samples/crypto/psa_tls/overlays/cc3xx-legacy.conf deleted file mode 100644 index 45f8a3b21cf9..000000000000 --- a/samples/crypto/psa_tls/overlays/cc3xx-legacy.conf +++ /dev/null @@ -1,9 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -CONFIG_NORDIC_SECURITY_BACKEND=y -CONFIG_PSA_CRYPTO_DRIVER_OBERON=n -CONFIG_CC3XX_BACKEND=y -CONFIG_MBEDTLS_FORCE_LEGACY_MD=y diff --git a/samples/crypto/psa_tls/overlays/ecdsa.conf b/samples/crypto/psa_tls/overlays/ecdsa.conf index a6e04e97b21e..60eeb5f24425 100644 --- a/samples/crypto/psa_tls/overlays/ecdsa.conf +++ b/samples/crypto/psa_tls/overlays/ecdsa.conf @@ -5,4 +5,4 @@ # CONFIG_PSA_TLS_CERTIFICATE_TYPE_ECDSA=y CONFIG_MBEDTLS_ECDSA_C=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_PSA_WANT_ALG_ECDH=y diff --git a/samples/crypto/psa_tls/overlays/ecdsa_secp384r1.conf b/samples/crypto/psa_tls/overlays/ecdsa_secp384r1.conf index 3c6e2d576f8b..ddf47681c672 100644 --- a/samples/crypto/psa_tls/overlays/ecdsa_secp384r1.conf +++ b/samples/crypto/psa_tls/overlays/ecdsa_secp384r1.conf @@ -5,7 +5,7 @@ # CONFIG_PSA_TLS_CERTIFICATE_TYPE_ECDSA=y CONFIG_MBEDTLS_ECDSA_C=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_PSA_WANT_ECC_SECP_R1_384=y CONFIG_PSA_WANT_ECC_SECP_R1_256=n diff --git a/samples/crypto/psa_tls/overlays/oberon-legacy.conf b/samples/crypto/psa_tls/overlays/oberon-legacy.conf deleted file mode 100644 index 8155cfb8882d..000000000000 --- a/samples/crypto/psa_tls/overlays/oberon-legacy.conf +++ /dev/null @@ -1,9 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -CONFIG_NORDIC_SECURITY_BACKEND=y -CONFIG_PSA_CRYPTO_DRIVER_CC3XX=n -CONFIG_OBERON_BACKEND=y -CONFIG_MBEDTLS_FORCE_LEGACY_MD=y diff --git a/samples/crypto/psa_tls/prj.conf b/samples/crypto/psa_tls/prj.conf index 171ddb487bd6..84f7cc95f529 100644 --- a/samples/crypto/psa_tls/prj.conf +++ b/samples/crypto/psa_tls/prj.conf @@ -52,7 +52,6 @@ CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=2304 CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=2304 CONFIG_MBEDTLS_SSL_CLI_C=y CONFIG_MBEDTLS_SSL_CACHE_C=y -CONFIG_MBEDTLS_X509_LIBRARY=y # Enable cryptographic features CONFIG_PSA_WANT_GENERATE_RANDOM=y diff --git a/samples/crypto/psa_tls/sample.yaml b/samples/crypto/psa_tls/sample.yaml index 4d850128afb6..57624564f444 100644 --- a/samples/crypto/psa_tls/sample.yaml +++ b/samples/crypto/psa_tls/sample.yaml @@ -659,172 +659,6 @@ tests: - sysbuild - ci_samples_crypto ################################################################################ - ## Legacy APIs with Cryptocell (secure-only) - ################################################################################ - sample.psa_tls.tls_server.rsa.cc3xx_legacy: - sysbuild: true - extra_args: - EXTRA_CONF_FILE="overlays/server.conf;overlays/rsa.conf;overlays/cc3xx-legacy.conf" - platform_allow: - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9160dk/nrf9160 - - nrf9151dk/nrf9151 - tags: - - ci_build - - legacy - - cc3xx_legacy - - sysbuild - - ci_samples_crypto - sample.psa_tls.tls_client.rsa.cc3xx_legacy: - sysbuild: true - extra_args: - EXTRA_CONF_FILE="overlays/client.conf;overlays/rsa.conf;overlays/cc3xx-legacy.conf" - platform_allow: - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9160dk/nrf9160 - - nrf9151dk/nrf9151 - tags: - - ci_build - - legacy - - cc3xx_legacy - - sysbuild - - ci_samples_crypto - sample.psa_tls.tls_server.ecdsa.cc3xx_legacy: - sysbuild: true - extra_args: - EXTRA_CONF_FILE="overlays/server.conf;overlays/ecdsa.conf;overlays/cc3xx-legacy.conf" - platform_allow: - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9160dk/nrf9160 - - nrf9151dk/nrf9151 - tags: - - ci_build - - legacy - - cc3xx_legacy - - sysbuild - - ci_samples_crypto - sample.psa_tls.tls_client.ecdsa.cc3xx_legacy: - sysbuild: true - extra_args: - EXTRA_CONF_FILE="overlays/client.conf;overlays/ecdsa.conf;overlays/cc3xx-legacy.conf" - platform_allow: - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9160dk/nrf9160 - - nrf9151dk/nrf9151 - tags: - - ci_build - - legacy - - cc3xx_legacy - - sysbuild - - ci_samples_crypto - ################################################################################ - ## Legacy APIs with Oberon (secure-only) - ################################################################################ - sample.psa_tls.tls_server.rsa.oberon_legacy: - sysbuild: true - extra_args: - EXTRA_CONF_FILE="overlays/server.conf;overlays/rsa.conf;overlays/oberon-legacy.conf" - platform_allow: - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9160dk/nrf9160 - - nrf9151dk/nrf9151 - tags: - - ci_build - - legacy - - oberon_legacy - - sysbuild - - ci_samples_crypto - sample.psa_tls.tls_client.rsa.oberon_legacy: - sysbuild: true - extra_args: - EXTRA_CONF_FILE="overlays/client.conf;overlays/rsa.conf;overlays/oberon-legacy.conf" - platform_allow: - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9160dk/nrf9160 - - nrf9151dk/nrf9151 - tags: - - ci_build - - legacy - - oberon_legacy - - sysbuild - - ci_samples_crypto - sample.psa_tls.tls_server.ecdsa.oberon_legacy: - sysbuild: true - extra_args: - EXTRA_CONF_FILE="overlays/server.conf;overlays/ecdsa.conf;overlays/oberon-legacy.conf" - platform_allow: - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9160dk/nrf9160 - - nrf9151dk/nrf9151 - tags: - - ci_build - - legacy - - oberon_legacy - - sysbuild - - ci_samples_crypto - sample.psa_tls.tls_client.ecdsa.oberon_legacy: - sysbuild: true - extra_args: - EXTRA_CONF_FILE="overlays/client.conf;overlays/ecdsa.conf;overlays/oberon-legacy.conf" - platform_allow: - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9160dk/nrf9160 - - nrf9151dk/nrf9151 - tags: - - ci_build - - legacy - - oberon_legacy - - sysbuild - - ci_samples_crypto - ################################################################################ ## PSA APIs with Oberon ################################################################################ sample.psa_tls.tls_server.ecdsa.oberon: diff --git a/samples/crypto/psa_tls/src/main.c b/samples/crypto/psa_tls/src/main.c index cb0025185171..659cf109c194 100644 --- a/samples/crypto/psa_tls/src/main.c +++ b/samples/crypto/psa_tls/src/main.c @@ -42,12 +42,10 @@ int main(void) LOG_INF("PSA TLS app started"); -#if defined(MBEDTLS_USE_PSA_CRYPTO) err = psa_crypto_init(); if (err < 0) { return APP_ERROR; } -#endif err = tls_set_credentials(); if (err < 0) { diff --git a/samples/crypto/rsa/src/main.c b/samples/crypto/rsa/src/main.c index c1bf43488f65..0feb2a1699ca 100644 --- a/samples/crypto/rsa/src/main.c +++ b/samples/crypto/rsa/src/main.c @@ -50,8 +50,8 @@ static char m_plain_text[NRF_CRYPTO_EXAMPLE_RSA_TEXT_SIZE] = { static char m_signature[NRF_CRYPTO_EXAMPLE_RSA_SIGNATURE_SIZE]; static char m_hash[32]; -static psa_key_id_t keypair_handle; -static psa_key_id_t pub_key_handle; +static psa_key_id_t key_pair_id; +static psa_key_id_t pub_key_id; /* ====================================================================== */ int crypto_init(void) @@ -72,13 +72,13 @@ int crypto_finish(void) psa_status_t status; /* Destroy the key handle */ - status = psa_destroy_key(keypair_handle); + status = psa_destroy_key(key_pair_id); if (status != PSA_SUCCESS) { LOG_INF("psa_destroy_key failed! (Error: %d)", status); return APP_ERROR; } - status = psa_destroy_key(pub_key_handle); + status = psa_destroy_key(pub_key_id); if (status != PSA_SUCCESS) { LOG_INF("psa_destroy_key failed! (Error: %d)", status); return APP_ERROR; @@ -107,7 +107,7 @@ int import_rsa_keypair(void) * we can use it to signing/verification the key handle. */ status = psa_import_key(&key_attributes, private_key_der, sizeof(private_key_der), - &keypair_handle); + &key_pair_id); if (status != PSA_SUCCESS) { LOG_INF("psa_import_key failed! (Error: %d)", status); return APP_ERROR; @@ -135,7 +135,7 @@ int import_rsa_pub_key(void) psa_set_key_bits(&key_attributes, 4096); status = psa_import_key(&key_attributes, public_key_der, sizeof(public_key_der), - &pub_key_handle); + &pub_key_id); if (status != PSA_SUCCESS) { LOG_INF("psa_import_key failed! (Error: %d)", status); return APP_ERROR; @@ -165,7 +165,7 @@ int sign_message_rsa(void) } /* Sign the hash using RSA */ - status = psa_sign_hash(keypair_handle, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256), m_hash, + status = psa_sign_hash(key_pair_id, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256), m_hash, sizeof(m_hash), m_signature, sizeof(m_signature), &olen); if (status != PSA_SUCCESS) { LOG_INF("psa_sign_hash failed! (Error: %d)", status); @@ -187,7 +187,7 @@ int verify_message_rsa(void) LOG_INF("Verifying RSA signature..."); /* Verify the hash */ - status = psa_verify_hash(pub_key_handle, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256), m_hash, + status = psa_verify_hash(pub_key_id, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256), m_hash, sizeof(m_hash), m_signature, sizeof(m_signature)); if (status != PSA_SUCCESS) { LOG_INF("psa_verify_hash failed! (Error: %d)", status); diff --git a/samples/debug/memfault/boards/thingy91_nrf9160_ns.conf b/samples/debug/memfault/boards/thingy91_nrf9160_ns.conf index ac87bc9938b7..9c4e58f6881b 100644 --- a/samples/debug/memfault/boards/thingy91_nrf9160_ns.conf +++ b/samples/debug/memfault/boards/thingy91_nrf9160_ns.conf @@ -32,3 +32,8 @@ CONFIG_NRF_MODEM_LIB_NET_IF=y # due to not being properly implemented for offloaded interfaces. CONFIG_NET_IPV6_NBR_CACHE=n CONFIG_NET_IPV6_MLD=n + +# Memfault requires SHA-1 when Mbed TLS is enabled (CONFIG_MBEDTLS_BUILTIN), +# but enabling SHA-1 makes the TF-M image overflow over the 32kB it's given. +CONFIG_MBEDTLS=n +CONFIG_PSA_WANT_ALG_SHA_1=n diff --git a/samples/debug/memfault/boards/thingy91x_nrf9151_ns.conf b/samples/debug/memfault/boards/thingy91x_nrf9151_ns.conf index 04d3389d137c..30dd1409838a 100644 --- a/samples/debug/memfault/boards/thingy91x_nrf9151_ns.conf +++ b/samples/debug/memfault/boards/thingy91x_nrf9151_ns.conf @@ -32,3 +32,8 @@ CONFIG_NRF_MODEM_LIB_NET_IF=y # due to not being properly implemented for offloaded interfaces. CONFIG_NET_IPV6_NBR_CACHE=n CONFIG_NET_IPV6_MLD=n + +# Memfault requires SHA-1 when Mbed TLS is enabled (CONFIG_MBEDTLS_BUILTIN), +# but enabling SHA-1 makes the TF-M image overflow over the 32kB it's given. +CONFIG_MBEDTLS=n +CONFIG_PSA_WANT_ALG_SHA_1=n diff --git a/samples/debug/memfault/prj.conf b/samples/debug/memfault/prj.conf index e8ba4d94ca36..eb4ff0f1cb9d 100644 --- a/samples/debug/memfault/prj.conf +++ b/samples/debug/memfault/prj.conf @@ -45,6 +45,10 @@ CONFIG_MEMFAULT_NCS_LOG_LEVEL_DBG=y CONFIG_MEMFAULT_NCS_INTERNAL_FLASH_BACKED_COREDUMP=y CONFIG_MEMFAULT_COREDUMP_COLLECT_BSS_REGIONS=y +# Memfault wants SHA-1 enabled now that we use CONFIG_MBEDTLS_BUILTIN +CONFIG_PSA_CRYPTO=y +CONFIG_PSA_WANT_ALG_SHA_1=y + # Dependency for Memfaul shell CONFIG_SHELL=y diff --git a/samples/dect/dect_shell/nrf_cloud_coap.conf b/samples/dect/dect_shell/nrf_cloud_coap.conf index 79153d27bdb9..aa61a757cecc 100644 --- a/samples/dect/dect_shell/nrf_cloud_coap.conf +++ b/samples/dect/dect_shell/nrf_cloud_coap.conf @@ -84,7 +84,6 @@ CONFIG_NET_CONTEXT_SNDTIMEO=y CONFIG_MQTT_LIB_TLS=n # nRF Security -CONFIG_NORDIC_SECURITY_BACKEND=n CONFIG_PSA_CRYPTO=y # TF-M crypto configuration @@ -103,14 +102,12 @@ CONFIG_MBEDTLS=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=20480 -CONFIG_MBEDTLS_X509_LIBRARY=y CONFIG_MBEDTLS_PEM_PARSE_C=y CONFIG_MBEDTLS_PSA_KEY_SLOT_COUNT=10 # MBEDTLS DTLS configuration CONFIG_MBEDTLS_DTLS=y CONFIG_MBEDTLS_SSL_CLI_C=y -CONFIG_MBEDTLS_TLS_LIBRARY=y CONFIG_MBEDTLS_TLS_VERSION_1_2=y CONFIG_MBEDTLS_SSL_COOKIE_C=y CONFIG_MBEDTLS_SSL_DTLS_HELLO_VERIFY=y diff --git a/samples/dect/dect_shell/nrf_cloud_mqtt.conf b/samples/dect/dect_shell/nrf_cloud_mqtt.conf index a43a911a99fb..54eb4c8bb87f 100644 --- a/samples/dect/dect_shell/nrf_cloud_mqtt.conf +++ b/samples/dect/dect_shell/nrf_cloud_mqtt.conf @@ -1,12 +1,5 @@ # nRF Cloud MQTT configuration # This overlay enables nRF Cloud connectivity over MQTT/TLS -# -# Why legacy crypto is enabled: -# nRF Cloud MQTT uses `mqtt.nrfcloud.com:8883`, which presents an RSA server -# certificate chain. In our environment we therefore need the legacy mbedTLS -# crypto APIs for RSA/X.509 parsing and verification. This is enabled via -# `CONFIG_NORDIC_SECURITY_BACKEND=y` (legacy backend), which pulls in the legacy -# mbedTLS crypto support required for MQTT/TLS to work with nRF Cloud. # Desh cloud feature CONFIG_SAMPLE_DESH_CLOUD_MQTT=y @@ -76,15 +69,17 @@ CONFIG_MQTT_LIB_TLS=y CONFIG_MQTT_CLEAN_SESSION=y # nRF Security -CONFIG_NORDIC_SECURITY_BACKEND=y +CONFIG_PSA_CRYPTO=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y # MBEDTLS core CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=35000 -CONFIG_MBEDTLS_TLS_LIBRARY=y CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y -CONFIG_MBEDTLS_X509_LIBRARY=y CONFIG_MBEDTLS_RSA_C=y CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n @@ -101,14 +96,7 @@ CONFIG_MBEDTLS_ECP_C=y CONFIG_PSA_WANT_ECC_SECP_R1_256=y # Disable unneeded MBEDTLS features to save flash and RAM -CONFIG_MBEDTLS_CHACHA20_C=n -CONFIG_MBEDTLS_POLY1305_C=n -CONFIG_MBEDTLS_SHA1_C=n CONFIG_MBEDTLS_CIPHER_MODE_CBC=n CONFIG_MBEDTLS_SSL_SRV_C=n CONFIG_MBEDTLS_CTR_DRBG_C=n -CONFIG_MBEDTLS_DHM_C=n -CONFIG_MBEDTLS_CMAC_C=n CONFIG_MBEDTLS_CIPHER_MODE_CTR=n -CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED=n -CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED=n diff --git a/samples/dect/dect_shell/prj.conf b/samples/dect/dect_shell/prj.conf index ab833b30920e..07f3f7080cb2 100644 --- a/samples/dect/dect_shell/prj.conf +++ b/samples/dect/dect_shell/prj.conf @@ -105,8 +105,6 @@ CONFIG_NET_HOSTNAME_UNIQUE=n # Disable TLS by default (can be enabled via overlays if needed) CONFIG_MBEDTLS=n -CONFIG_NORDIC_SECURITY_BACKEND=n -CONFIG_MBEDTLS_TLS_VERSION_1_2=n CONFIG_NET_SOCKETS_SOCKOPT_TLS=n # Shell configuration diff --git a/samples/matter/light_bulb/overlay-aws-iot-integration.conf b/samples/matter/light_bulb/overlay-aws-iot-integration.conf index dcde45ef0ef7..e9535b28d396 100644 --- a/samples/matter/light_bulb/overlay-aws-iot-integration.conf +++ b/samples/matter/light_bulb/overlay-aws-iot-integration.conf @@ -30,7 +30,7 @@ CONFIG_MQTT_CLEAN_SESSION=y # MBed TLS CONFIG_MBEDTLS_HEAP_SIZE=98304 CONFIG_MBEDTLS_RSA_C=y -CONFIG_MBEDTLS_SHA384_C=y +CONFIG_PSA_WANT_ALG_SHA_384=y CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=1024 # PSA diff --git a/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 438568b0b78a..893d752156cd 100644 --- a/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -61,8 +61,11 @@ CONFIG_MQTT_HELPER_PROVISION_CERTIFICATES=y CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=81920 -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/azure_iot_hub/boards/nrf54lm20dk_nrf54lm20a_cpuapp_ns.conf b/samples/net/azure_iot_hub/boards/nrf54lm20dk_nrf54lm20a_cpuapp_ns.conf index b9d8fbef58b3..0eb2f4965d79 100644 --- a/samples/net/azure_iot_hub/boards/nrf54lm20dk_nrf54lm20a_cpuapp_ns.conf +++ b/samples/net/azure_iot_hub/boards/nrf54lm20dk_nrf54lm20a_cpuapp_ns.conf @@ -71,8 +71,14 @@ CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=2 CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=81920 -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/azure_iot_hub/boards/nrf54lm20dk_nrf54lm20b_cpuapp_ns.conf b/samples/net/azure_iot_hub/boards/nrf54lm20dk_nrf54lm20b_cpuapp_ns.conf index b9d8fbef58b3..0eb2f4965d79 100644 --- a/samples/net/azure_iot_hub/boards/nrf54lm20dk_nrf54lm20b_cpuapp_ns.conf +++ b/samples/net/azure_iot_hub/boards/nrf54lm20dk_nrf54lm20b_cpuapp_ns.conf @@ -71,8 +71,14 @@ CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=2 CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=81920 -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index b836c7c9af80..92e0279d9a9a 100644 --- a/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -67,8 +67,14 @@ CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=2 CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=81920 -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/azure_iot_hub/boards/nrf7120dk_nrf7120_cpuapp_ns.conf b/samples/net/azure_iot_hub/boards/nrf7120dk_nrf7120_cpuapp_ns.conf index e121c93d7ee4..b7b07ed04ae5 100644 --- a/samples/net/azure_iot_hub/boards/nrf7120dk_nrf7120_cpuapp_ns.conf +++ b/samples/net/azure_iot_hub/boards/nrf7120dk_nrf7120_cpuapp_ns.conf @@ -56,8 +56,14 @@ CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=2 CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=81920 -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/download/boards/nrf5340dk_nrf5340_cpuapp_ns.conf b/samples/net/download/boards/nrf5340dk_nrf5340_cpuapp_ns.conf index 252de596a2ab..f2b8dc37039c 100644 --- a/samples/net/download/boards/nrf5340dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/download/boards/nrf5340dk_nrf5340_cpuapp_ns.conf @@ -58,7 +58,11 @@ CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=81920 # Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/download/boards/nrf54l15dk_nrf54l15_cpuapp.conf b/samples/net/download/boards/nrf54l15dk_nrf54l15_cpuapp.conf index 291754c01d92..ff90e8d40a03 100644 --- a/samples/net/download/boards/nrf54l15dk_nrf54l15_cpuapp.conf +++ b/samples/net/download/boards/nrf54l15dk_nrf54l15_cpuapp.conf @@ -72,8 +72,14 @@ CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_TLS_CREDENTIALS=y CONFIG_TLS_CREDENTIALS_BACKEND_VOLATILE=y -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/download/boards/nrf54lm20dk_nrf54lm20a_cpuapp.conf b/samples/net/download/boards/nrf54lm20dk_nrf54lm20a_cpuapp.conf index 4acb47954967..eaab63f86039 100644 --- a/samples/net/download/boards/nrf54lm20dk_nrf54lm20a_cpuapp.conf +++ b/samples/net/download/boards/nrf54lm20dk_nrf54lm20a_cpuapp.conf @@ -72,8 +72,14 @@ CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_TLS_CREDENTIALS=y CONFIG_TLS_CREDENTIALS_BACKEND_VOLATILE=y -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/download/boards/nrf54lm20dk_nrf54lm20b_cpuapp.conf b/samples/net/download/boards/nrf54lm20dk_nrf54lm20b_cpuapp.conf index 4acb47954967..eaab63f86039 100644 --- a/samples/net/download/boards/nrf54lm20dk_nrf54lm20b_cpuapp.conf +++ b/samples/net/download/boards/nrf54lm20dk_nrf54lm20b_cpuapp.conf @@ -72,8 +72,14 @@ CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_TLS_CREDENTIALS=y CONFIG_TLS_CREDENTIALS_BACKEND_VOLATILE=y -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 8d02ec70b137..29ebb771b337 100644 --- a/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -57,8 +57,11 @@ CONFIG_NET_SOCKETS_DNS_TIMEOUT=30000 CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=81920 -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/download/boards/nrf7120dk_nrf7120_cpuapp_ns.conf b/samples/net/download/boards/nrf7120dk_nrf7120_cpuapp_ns.conf index a592f4ff4f8e..fc245501c5f8 100644 --- a/samples/net/download/boards/nrf7120dk_nrf7120_cpuapp_ns.conf +++ b/samples/net/download/boards/nrf7120dk_nrf7120_cpuapp_ns.conf @@ -72,8 +72,14 @@ CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_TLS_CREDENTIALS=y CONFIG_TLS_CREDENTIALS_BACKEND_VOLATILE=y -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/http_server/overlay-tls-nrf7002dk.conf b/samples/net/http_server/overlay-tls-nrf7002dk.conf index 57b7e1075650..a52e4a86dd18 100644 --- a/samples/net/http_server/overlay-tls-nrf7002dk.conf +++ b/samples/net/http_server/overlay-tls-nrf7002dk.conf @@ -8,12 +8,17 @@ CONFIG_NET_SOCKETS_SOCKOPT_TLS=y CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=3 -# nRF Security legacy MBed TLS -CONFIG_NORDIC_SECURITY_BACKEND=y +CONFIG_PSA_CRYPTO=y CONFIG_MBEDTLS_HEAP_SIZE=81920 CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/http_server/overlay-tls-nrf91.conf b/samples/net/http_server/overlay-tls-nrf91.conf index 91aeaac229d4..c8754151df9b 100644 --- a/samples/net/http_server/overlay-tls-nrf91.conf +++ b/samples/net/http_server/overlay-tls-nrf91.conf @@ -8,15 +8,16 @@ CONFIG_NET_SOCKETS_SOCKOPT_TLS=y CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=2 -# nRF Security MBed TLS -CONFIG_NORDIC_SECURITY_BACKEND=y +CONFIG_PSA_CRYPTO=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=51200 +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE=y -CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_MBEDTLS=y CONFIG_MBEDTLS_SSL_SRV_C=y CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=4096 @@ -40,14 +41,12 @@ CONFIG_PSA_WANT_ECC_SECP_R1_256=y # Enable ECDSA CONFIG_MBEDTLS_ECDSA_C=y CONFIG_PSA_WANT_ALG_ECDSA=y -CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=y CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA=y CONFIG_PSA_WANT_ALG_HMAC=y # dependency for DETERMINISTIC_ECDSA CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT=y # dependency for DETERMINISTIC_ECDSA # Enable ECDH -CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_PSA_WANT_ALG_ECDH=y # Enable EDCHE @@ -55,7 +54,6 @@ CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED=y # Enable RSA -CONFIG_MBEDTLS_PKCS1_V15=y CONFIG_MBEDTLS_MPI_MAX_SIZE=512 CONFIG_PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY=y CONFIG_PSA_WANT_RSA_KEY_SIZE_2048=y @@ -66,11 +64,4 @@ CONFIG_MBEDTLS_SHA512_C=y # Disable MBEDTLS modules CONFIG_MBEDTLS_CTR_DRBG_C=n -CONFIG_MBEDTLS_CHACHA20_C=n -CONFIG_MBEDTLS_POLY1305_C=n -CONFIG_MBEDTLS_DHM_C=n -CONFIG_MBEDTLS_CMAC_C=n CONFIG_MBEDTLS_CIPHER_MODE_CTR=n -CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED=n -CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED=n -CONFIG_MBEDTLS_SHA1_C=n diff --git a/samples/net/http_server/tls-wifi.conf b/samples/net/http_server/tls-wifi.conf index 57b7e1075650..a52e4a86dd18 100644 --- a/samples/net/http_server/tls-wifi.conf +++ b/samples/net/http_server/tls-wifi.conf @@ -8,12 +8,17 @@ CONFIG_NET_SOCKETS_SOCKOPT_TLS=y CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=3 -# nRF Security legacy MBed TLS -CONFIG_NORDIC_SECURITY_BACKEND=y +CONFIG_PSA_CRYPTO=y CONFIG_MBEDTLS_HEAP_SIZE=81920 CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/https_client/boards/nrf5340dk_nrf5340_cpuapp_ns.conf b/samples/net/https_client/boards/nrf5340dk_nrf5340_cpuapp_ns.conf index 95febb6482ff..4de948421b32 100644 --- a/samples/net/https_client/boards/nrf5340dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/https_client/boards/nrf5340dk_nrf5340_cpuapp_ns.conf @@ -64,16 +64,16 @@ CONFIG_MBEDTLS_HEAP_SIZE=81920 CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_PEM_PARSE_C=y -# Legacy crypto is needed for TF-M NS builds: config_adjust_legacy_from_psa.h -# is gated behind MBEDTLS_PSA_CRYPTO_C (not set on NS side), so MBEDTLS_ECDH_C, -# MBEDTLS_ECDSA_C, MBEDTLS_RSA_C etc. are never auto-derived from PSA_WANT_*. -# Without them the OID sig-alg table and TLS supported_groups are incomplete. -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_MBEDTLS_ECDSA_C=y CONFIG_MBEDTLS_RSA_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y +CONFIG_PSA_WANT_ECC_SECP_R1_384=y # Optimize TF-M CONFIG_TFM_PROFILE_TYPE_SMALL=y diff --git a/samples/net/https_client/boards/nrf54l15dk_nrf54l15_cpuapp.conf b/samples/net/https_client/boards/nrf54l15dk_nrf54l15_cpuapp.conf index a74ab6497b7f..e4eb9d87a024 100644 --- a/samples/net/https_client/boards/nrf54l15dk_nrf54l15_cpuapp.conf +++ b/samples/net/https_client/boards/nrf54l15dk_nrf54l15_cpuapp.conf @@ -71,16 +71,19 @@ CONFIG_TLS_CREDENTIALS_BACKEND_VOLATILE=y CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_PEM_PARSE_C=y -# Legacy crypto is needed for TF-M NS builds: config_adjust_legacy_from_psa.h -# is gated behind MBEDTLS_PSA_CRYPTO_C (not set on NS side), so MBEDTLS_ECDH_C, -# MBEDTLS_ECDSA_C, MBEDTLS_RSA_C etc. are never auto-derived from PSA_WANT_*. -# Without them the OID sig-alg table and TLS supported_groups are incomplete. -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_MBEDTLS_ECDSA_C=y CONFIG_MBEDTLS_RSA_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y +CONFIG_PSA_WANT_ECC_SECP_R1_384=y # Zephyr NET Connection Manager Connectivity layer. CONFIG_L2_WIFI_CONNECTIVITY=y diff --git a/samples/net/https_client/boards/nrf54lm20dk_nrf54lm20a_cpuapp.conf b/samples/net/https_client/boards/nrf54lm20dk_nrf54lm20a_cpuapp.conf index f5584b8c7f6e..b7258eba00ad 100644 --- a/samples/net/https_client/boards/nrf54lm20dk_nrf54lm20a_cpuapp.conf +++ b/samples/net/https_client/boards/nrf54lm20dk_nrf54lm20a_cpuapp.conf @@ -71,16 +71,19 @@ CONFIG_TLS_CREDENTIALS_BACKEND_VOLATILE=y CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_PEM_PARSE_C=y -# Legacy crypto is needed for TF-M NS builds: config_adjust_legacy_from_psa.h -# is gated behind MBEDTLS_PSA_CRYPTO_C (not set on NS side), so MBEDTLS_ECDH_C, -# MBEDTLS_ECDSA_C, MBEDTLS_RSA_C etc. are never auto-derived from PSA_WANT_*. -# Without them the OID sig-alg table and TLS supported_groups are incomplete. -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_MBEDTLS_ECDSA_C=y CONFIG_MBEDTLS_RSA_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y +CONFIG_PSA_WANT_ECC_SECP_R1_384=y # Zephyr NET Connection Manager Connectivity layer. CONFIG_L2_WIFI_CONNECTIVITY=y CONFIG_L2_WIFI_CONNECTIVITY_AUTO_CONNECT=y diff --git a/samples/net/https_client/boards/nrf54lm20dk_nrf54lm20b_cpuapp.conf b/samples/net/https_client/boards/nrf54lm20dk_nrf54lm20b_cpuapp.conf index f5584b8c7f6e..b7258eba00ad 100644 --- a/samples/net/https_client/boards/nrf54lm20dk_nrf54lm20b_cpuapp.conf +++ b/samples/net/https_client/boards/nrf54lm20dk_nrf54lm20b_cpuapp.conf @@ -71,16 +71,19 @@ CONFIG_TLS_CREDENTIALS_BACKEND_VOLATILE=y CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_PEM_PARSE_C=y -# Legacy crypto is needed for TF-M NS builds: config_adjust_legacy_from_psa.h -# is gated behind MBEDTLS_PSA_CRYPTO_C (not set on NS side), so MBEDTLS_ECDH_C, -# MBEDTLS_ECDSA_C, MBEDTLS_RSA_C etc. are never auto-derived from PSA_WANT_*. -# Without them the OID sig-alg table and TLS supported_groups are incomplete. -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_MBEDTLS_ECDSA_C=y CONFIG_MBEDTLS_RSA_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y +CONFIG_PSA_WANT_ECC_SECP_R1_384=y # Zephyr NET Connection Manager Connectivity layer. CONFIG_L2_WIFI_CONNECTIVITY=y CONFIG_L2_WIFI_CONNECTIVITY_AUTO_CONNECT=y diff --git a/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 00f3715c4f58..2513e7725aeb 100644 --- a/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -64,16 +64,19 @@ CONFIG_MBEDTLS_HEAP_SIZE=81920 CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_PEM_PARSE_C=y -# Legacy crypto is needed for TF-M NS builds: config_adjust_legacy_from_psa.h -# is gated behind MBEDTLS_PSA_CRYPTO_C (not set on NS side), so MBEDTLS_ECDH_C, -# MBEDTLS_ECDSA_C, MBEDTLS_RSA_C etc. are never auto-derived from PSA_WANT_*. -# Without them the OID sig-alg table and TLS supported_groups are incomplete. -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_MBEDTLS_ECDSA_C=y CONFIG_MBEDTLS_RSA_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y +CONFIG_PSA_WANT_ECC_SECP_R1_384=y # Optimize TF-M CONFIG_TFM_PROFILE_TYPE_SMALL=y diff --git a/samples/net/https_client/boards/nrf7120dk_nrf7120_cpuapp_ns.conf b/samples/net/https_client/boards/nrf7120dk_nrf7120_cpuapp_ns.conf index 160b6e745cfc..a4bf95750038 100644 --- a/samples/net/https_client/boards/nrf7120dk_nrf7120_cpuapp_ns.conf +++ b/samples/net/https_client/boards/nrf7120dk_nrf7120_cpuapp_ns.conf @@ -70,16 +70,19 @@ CONFIG_TLS_CREDENTIALS_BACKEND_VOLATILE=y CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_PEM_PARSE_C=y -# Legacy crypto is needed for TF-M NS builds: config_adjust_legacy_from_psa.h -# is gated behind MBEDTLS_PSA_CRYPTO_C (not set on NS side), so MBEDTLS_ECDH_C, -# MBEDTLS_ECDSA_C, MBEDTLS_RSA_C etc. are never auto-derived from PSA_WANT_*. -# Without them the OID sig-alg table and TLS supported_groups are incomplete. -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y -CONFIG_MBEDTLS_ECDH_C=y +CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_MBEDTLS_ECDSA_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y +CONFIG_PSA_WANT_ECC_SECP_R1_384=y # POSIX API memory optimizations CONFIG_POSIX_FD_MGMT=n diff --git a/samples/net/https_client/overlay-tfm-nrf91.conf b/samples/net/https_client/overlay-tfm-nrf91.conf index 1eb387570c46..7e6a0645665f 100644 --- a/samples/net/https_client/overlay-tfm-nrf91.conf +++ b/samples/net/https_client/overlay-tfm-nrf91.conf @@ -17,8 +17,14 @@ CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=4096 CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=4096 CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y CONFIG_MBEDTLS_HEAP_SIZE=32768 -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y @@ -29,9 +35,7 @@ CONFIG_MBEDTLS_MPI_MAX_SIZE=512 # ECDH/ECDSA are needed for TLS handshake CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_PSA_WANT_ALG_ECDSA=y -CONFIG_MBEDTLS_X509_LIBRARY=y CONFIG_MBEDTLS_PKCS1_V15=y -CONFIG_NORDIC_SECURITY_BACKEND=y CONFIG_PSA_CRYPTO=y CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y CONFIG_PSA_WANT_ALG_SHA_1=y diff --git a/samples/net/mqtt/tls-nrf54l-nrf70.conf b/samples/net/mqtt/tls-nrf54l-nrf70.conf index 2a45ee4bb4ee..f3bebbdf1a02 100644 --- a/samples/net/mqtt/tls-nrf54l-nrf70.conf +++ b/samples/net/mqtt/tls-nrf54l-nrf70.conf @@ -30,8 +30,14 @@ CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/mqtt/tls-nrf7002.conf b/samples/net/mqtt/tls-nrf7002.conf index 074f20e2188d..1d832cbb53e5 100644 --- a/samples/net/mqtt/tls-nrf7002.conf +++ b/samples/net/mqtt/tls-nrf7002.conf @@ -21,8 +21,14 @@ CONFIG_MQTT_HELPER_CERTIFICATES_FOLDER="src/modules/transport/credentials" CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=81920 -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y diff --git a/samples/net/mqtt/tls-nrf7120.conf b/samples/net/mqtt/tls-nrf7120.conf index 68d74ae37e99..8b676f043811 100644 --- a/samples/net/mqtt/tls-nrf7120.conf +++ b/samples/net/mqtt/tls-nrf7120.conf @@ -30,8 +30,14 @@ CONFIG_MBEDTLS=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y -# Legacy API is required for RSA -CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y +CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS=y +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_RSA_C=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y @@ -43,5 +49,4 @@ CONFIG_MBEDTLS_MPI_MAX_SIZE=512 CONFIG_PSA_WANT_ALG_ECDH=y CONFIG_PSA_WANT_ALG_ECDSA=y CONFIG_MBEDTLS_HEAP_SIZE=48000 -CONFIG_MBEDTLS_DHM_C=y CONFIG_MBEDTLS_ECP_C=y diff --git a/samples/openthread/coap_client/prj.conf b/samples/openthread/coap_client/prj.conf index 9797b53d6d98..3c7a9cff021a 100644 --- a/samples/openthread/coap_client/prj.conf +++ b/samples/openthread/coap_client/prj.conf @@ -33,7 +33,6 @@ CONFIG_ZVFS_POLL_MAX=4 # Same network Master Key for client and server CONFIG_OPENTHREAD_NETWORKKEY="00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff" -CONFIG_MBEDTLS_SHA1_C=n CONFIG_FPU=y # Increase main stack size to meet networking requirements diff --git a/samples/openthread/coap_server/prj.conf b/samples/openthread/coap_server/prj.conf index 82850bc17018..52ae2dca9d5d 100644 --- a/samples/openthread/coap_server/prj.conf +++ b/samples/openthread/coap_server/prj.conf @@ -25,7 +25,6 @@ CONFIG_PM_PARTITION_SIZE_SETTINGS_STORAGE=0x8000 # Same network Master Key for client and server CONFIG_OPENTHREAD_NETWORKKEY="00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff" -CONFIG_MBEDTLS_SHA1_C=n CONFIG_FPU=y # Increase main stack size to meet networking requirements diff --git a/samples/wifi/p2p/prj.conf b/samples/wifi/p2p/prj.conf index 6099c6eb41a5..11a914f93cec 100644 --- a/samples/wifi/p2p/prj.conf +++ b/samples/wifi/p2p/prj.conf @@ -45,7 +45,7 @@ CONFIG_NET_CONFIG_INIT_TIMEOUT=0 CONFIG_ZVFS_POLL_MAX=10 -CONFIG_MBEDTLS_DHM_C=y +CONFIG_PSA_WANT_ALG_ECDH=y # Memories CONFIG_MAIN_STACK_SIZE=5200 diff --git a/samples/wifi/provisioning/softap/prj.conf b/samples/wifi/provisioning/softap/prj.conf index 31d4930627a3..fa6579b722d8 100644 --- a/samples/wifi/provisioning/softap/prj.conf +++ b/samples/wifi/provisioning/softap/prj.conf @@ -105,7 +105,7 @@ CONFIG_MBEDTLS_HEAP_SIZE=49152 # MBEDTLS_ERR_X509_INVALID_FORMAT (-0x2180). CONFIG_MBEDTLS_PEM_PARSE_C=y -# Embedded PEMs are ECDSA P-256 (prime256v1). With CONFIG_MBEDTLS_USE_PSA_CRYPTO, PSA must list +# Embedded PEMs are ECDSA P-256 (prime256v1). PSA must list # secp256r1 and ECDSA/ECDH or mbedtls_x509_crt_parse() returns MBEDTLS_ERR_X509_INVALID_FORMAT # (-0x2180). TLS server ECDHE uses psa_generate_key() then psa_export_public_key() for the # ephemeral key; without PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE / EXPORT, those calls map to diff --git a/samples/wifi/shell/overlay-openthread.conf b/samples/wifi/shell/overlay-openthread.conf index ff0568b210dd..080a7b56e030 100644 --- a/samples/wifi/shell/overlay-openthread.conf +++ b/samples/wifi/shell/overlay-openthread.conf @@ -30,7 +30,7 @@ CONFIG_LTO=y CONFIG_ISR_TABLES_LOCAL_DECLARATION=y # Required by WIFI -CONFIG_MBEDTLS_SHA1_C=y +CONFIG_PSA_WANT_ALG_SHA_1=y # Disable extra logging and advanced features to fit in flash CONFIG_NRF70_LOG_VERBOSE=n diff --git a/samples/wifi/shell/overlay-scan-only.conf b/samples/wifi/shell/overlay-scan-only.conf index 27e5b5c1953d..2807f717d841 100644 --- a/samples/wifi/shell/overlay-scan-only.conf +++ b/samples/wifi/shell/overlay-scan-only.conf @@ -3,7 +3,6 @@ CONFIG_WIFI_NM_WPA_SUPPLICANT=n # In 9160 default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y CONFIG_MBEDTLS=n -CONFIG_NORDIC_SECURITY_BACKEND=n # Zephyr NET Connection Manager Connectivity layer. CONFIG_NET_CONNECTION_MANAGER=n diff --git a/samples/wifi/thread_coex/prj.conf b/samples/wifi/thread_coex/prj.conf index ea6da31663ef..17e2f13603ba 100644 --- a/samples/wifi/thread_coex/prj.conf +++ b/samples/wifi/thread_coex/prj.conf @@ -106,7 +106,7 @@ CONFIG_NET_IF_MAX_IPV6_COUNT=2 CONFIG_NET_IF_MAX_IPV4_COUNT=2 CONFIG_NET_MGMT_EVENT_QUEUE_SIZE=8 # Required by WIFI -CONFIG_MBEDTLS_SHA1_C=y +CONFIG_PSA_WANT_ALG_SHA_1=y # Optimized networking settings for performance CONFIG_NET_PKT_RX_COUNT=2 diff --git a/scripts/quarantine.yaml b/scripts/quarantine.yaml index 51545f597da6..913681e76142 100644 --- a/scripts/quarantine.yaml +++ b/scripts/quarantine.yaml @@ -99,6 +99,50 @@ - nrf7120dk/nrf7120/cpuapp comment: "https://nordicsemi.atlassian.net/browse/NCSDK-39364" +- scenarios: + - sample.cellular.nidd + - sample.cellular.uicc_lwm2m + - sample.cellular.modem_shell_modem_uart_trace + - sample.cellular.modem_shell.thingy91 + - sample.cellular.lwm2m_client + - sample.cellular.nrf_cloud_multi_service.mqtt.provisioning.trace + - sample.cellular.location + - sample.cellular.nrf_cloud_multi_service.mqtt + - sample.debug.memfault + - sample.debug.memfault.etb + - sample.net.mqtt.nrf91.tls + - sample.sensor.bh1749 + - sample.sensor.bme68x.polling + platforms: + - thingy91/nrf9160/ns + comment: "https://nordicsemi.atlassian.net/browse/NCSDK-39450" + +- scenarios: + - applications.nrf_desktop.zrelease + platforms: + - nrf52820dongle/nrf52820 + - nrf52833dk/nrf52820 + comment: "https://nordicsemi.atlassian.net/browse/NCSDK-39450" + +- scenarios: + - sample.nrf7002_eb.thingy53.shell + platforms: + - thingy53/nrf5340/cpuapp + comment: "https://nordicsemi.atlassian.net/browse/NCSDK-39450" + +- scenarios: + - sample.tfm.psa_template + - tfm.psa_test_initial_attestation_lvl1 + - tfm.psa_test_initial_attestation_lvl2 + platforms: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9160dk@0.14.0/nrf9160/ns + - nrf9161dk@0.9.0/nrf9161/ns + - nrf9161dk/nrf9161/ns + comment: "NCSDK-30608 - Incompatible with Mbed TLS v4, unquarantine with TF-M v2.3.0" + - scenarios: - nrf.extended.drivers.clock.nrf_clock_control platforms: diff --git a/scripts/quarantine_zephyr.yaml b/scripts/quarantine_zephyr.yaml index d4d589b0deb6..b3cdc7c781e9 100644 --- a/scripts/quarantine_zephyr.yaml +++ b/scripts/quarantine_zephyr.yaml @@ -233,26 +233,6 @@ - nrf9160dk@0.14.0/nrf9160 comment: "https://nordicsemi.atlassian.net/browse/NCSDK-38955" -- scenarios: - - wifi.build.ap - - wifi.build.crypto_alt - - wifi.build.crypto_enterprise - - wifi.build.crypto_psa - - wifi.build.disable_advanced_feat - - wifi.build.dpp - - wifi.build.enterprise_runtime - - wifi.build.hostapd_ap - - wifi.build.hostapd_ap_enterprise - - wifi.build.hostapd_dpp - - wifi.build.hostapd_wps - - wifi.build.p2p - - wifi.build.roaming - - wifi.build.wpa3 - - wifi.build.wps - platforms: - - native_sim/native - comment: "https://nordicsemi.atlassian.net/browse/NCSDK-39122" - - scenarios: - sample.edk.app - sample.llext.shell diff --git a/subsys/bluetooth/fast_pair/fp_crypto/fp_crypto_psa.c b/subsys/bluetooth/fast_pair/fp_crypto/fp_crypto_psa.c index 54120b86bbe7..3c8ac5117342 100644 --- a/subsys/bluetooth/fast_pair/fp_crypto/fp_crypto_psa.c +++ b/subsys/bluetooth/fast_pair/fp_crypto/fp_crypto_psa.c @@ -217,7 +217,7 @@ static psa_key_id_t import_ecdh_priv_key(const uint8_t *data) } int fp_crypto_psa_ecdh_shared_secret(uint8_t *secret_key, const uint8_t *public_key, - psa_key_handle_t priv_key_id) + psa_key_id_t priv_key_id) { /* Marker of the uncompressed binary format for a point on an elliptic curve. */ static const uint8_t uncompressed_format_marker = 0x04; @@ -252,7 +252,7 @@ int fp_crypto_ecdh_shared_secret(uint8_t *secret_key, const uint8_t *public_key, { int err = 0; - psa_key_handle_t priv_key_id; + psa_key_id_t priv_key_id; psa_status_t status; priv_key_id = import_ecdh_priv_key(private_key); diff --git a/subsys/bluetooth/mesh/CMakeLists.txt b/subsys/bluetooth/mesh/CMakeLists.txt index 0a8020630f21..7e7710bde3d0 100644 --- a/subsys/bluetooth/mesh/CMakeLists.txt +++ b/subsys/bluetooth/mesh/CMakeLists.txt @@ -83,6 +83,4 @@ zephyr_library_sources_ifdef(CONFIG_BT_MESH_RPL_STORAGE_MODE_EMDS rpl.c) zephyr_library_sources_ifdef(CONFIG_BT_MESH_KEY_IMPORTER key_importer.c) -if(CONFIG_PSA_CRYPTO_PROVIDER_MBEDTLS AND (NOT CONFIG_SOC_FAMILY_NORDIC_NRF)) - zephyr_library_link_libraries(mbedTLS) -endif() +zephyr_library_link_libraries_ifdef(CONFIG_TF_PSA_CRYPTO_BUILTIN tfpsacrypto) diff --git a/subsys/bootloader/bl_crypto/bl_crypto_ed25519.c b/subsys/bootloader/bl_crypto/bl_crypto_ed25519.c index b05f45621997..0c3864fd62a8 100644 --- a/subsys/bootloader/bl_crypto/bl_crypto_ed25519.c +++ b/subsys/bootloader/bl_crypto/bl_crypto_ed25519.c @@ -17,7 +17,7 @@ LOG_MODULE_REGISTER(sb_crypto, CONFIG_SB_CRYPTO_LOG_LEVEL); /* List of KMU stored key ids available for NSIB */ #define MAKE_PSA_KMU_KEY_ID(id) \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, id) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, id) static psa_key_id_t kmu_key_ids[] = { MAKE_PSA_KMU_KEY_ID(242), diff --git a/subsys/net/lib/hostap_crypto/CMakeLists.txt b/subsys/net/lib/hostap_crypto/CMakeLists.txt index 8cf15f39ee3e..a27bff09e2a4 100644 --- a/subsys/net/lib/hostap_crypto/CMakeLists.txt +++ b/subsys/net/lib/hostap_crypto/CMakeLists.txt @@ -15,6 +15,10 @@ set(HOSTAP_BASE ${ZEPHYR_HOSTAP_MODULE_DIR}) set(WIFI_NM_WPA_SUPPLICANT_BASE ${HOSTAP_BASE}/wpa_supplicant) set(HOSTAP_SRC_BASE ${HOSTAP_BASE}/src) set(WIFI_NM_HOSTAPD_BASE ${HOSTAP_BASE}/hostapd) +# Same layout as Zephyr MBEDTLS_REMOVED_MODULES_PATH (modules/mbedtls/legacy_support.cmake); +# TF-PSA / Oberon drop DES from the core tree; hostap still needs mbedtls/des.h and des.c for +# crypto_mbedtls_alt.c (e.g. des_encrypt) even without Enterprise. +set(MBEDTLS_REMOVED_MODULES_PATH "${HOSTAP_BASE}/port/mbedtls/removed") set(CMAKE_EXE_LINKER_FLAGS "--specs=nosys.specs -lnosys") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DMISSING_SYSCALL_NAMES") @@ -24,11 +28,15 @@ target_link_libraries(hostap_crypto INTERFACE hostap) if(DEFINED CONFIG_HOSTAP_CRYPTO_ALT_LEGACY_PSA) zephyr_include_directories( + ${MBEDTLS_REMOVED_MODULES_PATH} ${HOSTAP_BASE}/port/mbedtls ) zephyr_library_sources( + ${MBEDTLS_REMOVED_MODULES_PATH}/des.c + ${MBEDTLS_REMOVED_MODULES_PATH}/dhm.c ${HOSTAP_SRC_BASE}/crypto/crypto_mbedtls_alt.c + ${HOSTAP_BASE}/port/mbedtls/supp_psa_api.c ${HOSTAP_SRC_BASE}/crypto/rc4.c ${HOSTAP_SRC_BASE}/crypto/aes-wrap.c ${HOSTAP_SRC_BASE}/crypto/aes-unwrap.c @@ -42,7 +50,6 @@ if(DEFINED CONFIG_HOSTAP_CRYPTO_ALT_LEGACY_PSA) ) zephyr_library_sources_ifdef(CONFIG_HOSTAP_CRYPTO_ENTERPRISE - ${HOSTAP_SRC_BASE}/crypto/des-internal.c ${HOSTAP_SRC_BASE}/crypto/ms_funcs.c ${HOSTAP_SRC_BASE}/crypto/aes-eax.c ${HOSTAP_SRC_BASE}/crypto/md4-internal.c @@ -55,6 +62,12 @@ if(DEFINED CONFIG_HOSTAP_CRYPTO_ALT_LEGACY_PSA) zephyr_library_sources_ifndef(CONFIG_HOSTAP_CRYPTO_ENTERPRISE ${HOSTAP_SRC_BASE}/crypto/tls_none.c ) + + zephyr_library_sources_ifndef(CONFIG_PSA_WANT_ALG_HKDF + ${HOSTAP_SRC_BASE}/crypto/sha256-kdf.c + ${HOSTAP_SRC_BASE}/crypto/sha384-kdf.c + ${HOSTAP_SRC_BASE}/crypto/sha512-kdf.c + ) endif() if(DEFINED CONFIG_HOSTAP_CRYPTO_ALT_PSA) @@ -64,10 +77,13 @@ if(DEFINED CONFIG_HOSTAP_CRYPTO_ALT_PSA) ) zephyr_include_directories( + ${MBEDTLS_REMOVED_MODULES_PATH} ${HOSTAP_BASE}/port/mbedtls ) zephyr_library_sources( + ${MBEDTLS_REMOVED_MODULES_PATH}/des.c + ${MBEDTLS_REMOVED_MODULES_PATH}/dhm.c ${HOSTAP_SRC_BASE}/crypto/aes-wrap.c ${HOSTAP_SRC_BASE}/crypto/aes-unwrap.c ${HOSTAP_SRC_BASE}/crypto/aes-internal-dec.c @@ -75,11 +91,16 @@ if(DEFINED CONFIG_HOSTAP_CRYPTO_ALT_PSA) ${HOSTAP_SRC_BASE}/crypto/aes-internal-enc.c ${HOSTAP_SRC_BASE}/crypto/rc4.c ${HOSTAP_SRC_BASE}/crypto/crypto_mbedtls_alt.c - ${HOSTAP_SRC_BASE}/crypto/sha256-kdf.c ${HOSTAP_BASE}/port/mbedtls/supp_psa_api.c ${HOSTAP_SRC_BASE}/crypto/tls_none.c ) + zephyr_library_sources_ifndef(CONFIG_PSA_WANT_ALG_HKDF + ${HOSTAP_SRC_BASE}/crypto/sha256-kdf.c + ${HOSTAP_SRC_BASE}/crypto/sha384-kdf.c + ${HOSTAP_SRC_BASE}/crypto/sha512-kdf.c + ) + if(CONFIG_HOSTAP_CRYPTO_WPA3_PSA) zephyr_library_sources( wpa3_psa.c @@ -90,3 +111,11 @@ if(DEFINED CONFIG_HOSTAP_CRYPTO_ALT_PSA) ) endif() endif() + +if(DEFINED CONFIG_HOSTAP_CRYPTO_ALT_LEGACY_PSA OR DEFINED CONFIG_HOSTAP_CRYPTO_ALT_PSA) + zephyr_library_compile_definitions( + MBEDTLS_DES_C + MBEDTLS_DHM_C + ) + zephyr_include_directories(${ZEPHYR_MBEDTLS_MODULE_DIR}/include) +endif() diff --git a/subsys/net/lib/hostap_crypto/Kconfig b/subsys/net/lib/hostap_crypto/Kconfig index 20bc7e8e0ce7..d984b5c35aec 100644 --- a/subsys/net/lib/hostap_crypto/Kconfig +++ b/subsys/net/lib/hostap_crypto/Kconfig @@ -21,39 +21,41 @@ choice HOSTAP_CRYPTO_BACKEND config HOSTAP_CRYPTO_ALT_LEGACY_PSA bool "Legacy Crypto support for WiFi using nRF security" - select MBEDTLS - select NORDIC_SECURITY_BACKEND + select PSA_CRYPTO + select PSA_WANT_ALG_CMAC + select PSA_WANT_ALG_ECB_NO_PADDING + select PSA_WANT_ALG_SHA_1 # Enable for non-TF-M builds to keep it simple, no overhead select PSA_WANT_GENERATE_RANDOM - select MBEDTLS_CIPHER_MODE_CBC - select MBEDTLS_CIPHER_MODE_CTR - select MBEDTLS_LEGACY_CRYPTO_C - select MBEDTLS_SHA1_C + select MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS + select MBEDTLS_BIGNUM_C + select MBEDTLS_MD_C + select MBEDTLS_HMAC_DRBG_C + select MBEDTLS_SHA256_C + select MBEDTLS_AES_C select MBEDTLS_ECP_C + # HostAP mbedtls alt (SAE, EAP-PWD, DPP) uses mbedtls_ecp_muladd from builtin ECP. + select PSA_WANT_ECC_SECP_R1_256 select MBEDTLS_CTR_DRBG_C select MBEDTLS_PK_C select MBEDTLS_PKCS5_C select MBEDTLS_PK_PARSE_C - select MBEDTLS_CMAC_C - select MBEDTLS_CIPHER_PADDING_PKCS7 select MBEDTLS_PK_WRITE_C - select MBEDTLS_KEY_EXCHANGE_ALL_ENABLED - select MBEDTLS_MD5_C select MBEDTLS_ENTROPY_C - select MBEDTLS_DHM_C config HOSTAP_CRYPTO_ALT_PSA bool "PSA Crypto support for WiFi WPA2 using nRF security" depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE - select MBEDTLS select PSA_CRYPTO - select PSA_WANT_GENERATE_RANDOM + # HostAP mbedtls alt still uses legacy MPI/cipher symbols from TF-PSA-Crypto. + select MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS + select MBEDTLS_BIGNUM_C select MBEDTLS_PK_C select MBEDTLS_PK_PARSE_C select MBEDTLS_MD_C select MBEDTLS_PK_WRITE_C select MBEDTLS_ENABLE_HEAP - select MBEDTLS_USE_PSA_CRYPTO + select PSA_WANT_GENERATE_RANDOM select PSA_WANT_ALG_HMAC select PSA_WANT_ALG_CMAC select PSA_WANT_ALG_ECB_NO_PADDING @@ -87,9 +89,13 @@ if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE config HOSTAP_CRYPTO_ENTERPRISE bool "Enterprise Crypto support for WiFi using nRF security" - select MBEDTLS_ECDH_C + depends on HOSTAP_CRYPTO_ALT_LEGACY_PSA + default y + select MBEDTLS + select PSA_WANT_ALG_ECDH + select PSA_WANT_ECC_SECP_R1_256 + select MBEDTLS_ECP_C select MBEDTLS_ECDSA_C - select MBEDTLS_DHM_C select MBEDTLS_MD_C select MBEDTLS_SSL_TLS_C select MBEDTLS_SSL_SRV_C @@ -100,8 +106,6 @@ config HOSTAP_CRYPTO_ENTERPRISE select MBEDTLS_TLS_VERSION_1_2 select MBEDTLS_RSA_C select MBEDTLS_SSL_SERVER_NAME_INDICATION - select MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME - default y endif diff --git a/subsys/net/openthread/Kconfig b/subsys/net/openthread/Kconfig index d45831a690dc..3e5278731188 100644 --- a/subsys/net/openthread/Kconfig +++ b/subsys/net/openthread/Kconfig @@ -18,17 +18,13 @@ config OPENTHREAD_NRF_SECURITY_PSA_CHOICE bool "nRF Security with PSA crypto enabled" select OPENTHREAD_NRF_SECURITY_PSA -config OPENTHREAD_NRF_SECURITY_CHOICE - bool "[DEPRECATED] nRF Security" - select DEPRECATED - select OPENTHREAD_NRF_SECURITY - endchoice config OPENTHREAD_NRF_SECURITY_PSA bool + select MBEDTLS select MBEDTLS_ENABLE_HEAP if (!OPENTHREAD_COPROCESSOR_RCP && !BUILD_WITH_TFM && !PSA_SSF_CRYPTO_CLIENT) - select MBEDTLS_TLS_LIBRARY if (OPENTHREAD_JOINER || OPENTHREAD_COMMISSIONER || OPENTHREAD_COAPS || OPENTHREAD_BLE_TCAT) + select MBEDTLS_TLS_LIBRARY if (OPENTHREAD_JOINER || OPENTHREAD_COMMISSIONER || OPENTHREAD_COAPS || OPENTHREAD_BLE_TCAT || OPENTHREAD_SHELL) select MBEDTLS_PEM_PARSE_C if (OPENTHREAD_COAPS || OPENTHREAD_BLE_TCAT) select PSA_CRYPTO select PSA_WANT_ALG_HKDF @@ -76,34 +72,8 @@ endchoice # TRUSTED_STORAGE_BACKEND_AEAD_KEY endif # (OPENTHREAD_NRF_SECURITY_PSA && (BUILD_WITH_TFM || (!SOC_NRF5340_CPUAPP && !SOC_SERIES_NRF54L))) -config OPENTHREAD_NRF_SECURITY - bool - select DEPRECATED - select MBEDTLS_AES_C - select MBEDTLS_ENABLE_HEAP - select MBEDTLS_CCM_C - select MBEDTLS_CMAC_C - select MBEDTLS_CTR_DRBG_C - select MBEDTLS_ECDH_C if OPENTHREAD_ECDSA - select MBEDTLS_ECDSA_C if OPENTHREAD_ECDSA - select MBEDTLS_PK_C if OPENTHREAD_ECDSA - select MBEDTLS_PK_WRITE_C if OPENTHREAD_ECDSA - select MBEDTLS_ECJPAKE_C if (OPENTHREAD_JOINER || OPENTHREAD_COMMISSIONER) - select MBEDTLS_ECP_C - select MBEDTLS_ECP_DP_SECP256R1_ENABLED - select MBEDTLS_HMAC_DRBG_C - select MBEDTLS_TLS_LIBRARY if (OPENTHREAD_JOINER || OPENTHREAD_COMMISSIONER || OPENTHREAD_COAPS) - select NORDIC_SECURITY_BACKEND - select OBERON_BACKEND if !CC3XX_BACKEND - help - Enables nrf_security module for use by OpenThread. This allows - OpenThread to make use of hardware accelerated cryptography functions - if available as well as fast oberon backend for software encryption. - - [DEPRECATED] use OPENTHREAD_NRF_SECURITY_PSA instead. - config OPENTHREAD_MBEDTLS_LIB_NAME - default "mbedtls_external" if OPENTHREAD_NRF_SECURITY || OPENTHREAD_NRF_SECURITY_PSA + default "mbedtls_external" if OPENTHREAD_NRF_SECURITY_PSA config OPENTHREAD_MBEDTLS_DEBUG bool "MbedTLS logs for OpenThread" diff --git a/subsys/net/openthread/Kconfig.defconfig b/subsys/net/openthread/Kconfig.defconfig index 45226e0c9512..fafae272fdcb 100644 --- a/subsys/net/openthread/Kconfig.defconfig +++ b/subsys/net/openthread/Kconfig.defconfig @@ -19,7 +19,8 @@ config OPENTHREAD_LIBRARY_AVAILABLE # Switch: # - To `y` when libraries for the current OpenThread revision are provided # - To `n` on the next OpenThread upmerge - default y + # Temporarily setting to n as the libraries need to be rebuilt to align with Mbed TLS v4. + default n depends on OPENTHREAD_THREAD_VERSION_1_4 depends on (OPENTHREAD_NORDIC_LIBRARY_MASTER && (SOC_NRF52840 || SOC_SERIES_NRF54L)) || \ OPENTHREAD_NORDIC_LIBRARY_FTD || OPENTHREAD_NORDIC_LIBRARY_MTD @@ -30,13 +31,6 @@ choice OPENTHREAD_IMPLEMENTATION default OPENTHREAD_LIBRARY if OPENTHREAD_LIBRARY_AVAILABLE endchoice -if (OPENTHREAD_COAPS || OPENTHREAD_BLE_TCAT) - -config MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME - default y - -endif - config OPENTHREAD_PLATFORM_PKT_TXTIME default y if NET_PKT_TXTIME default y if !NET_L2_OPENTHREAD @@ -145,36 +139,6 @@ config MBEDTLS_MPI_MAX_SIZE config MBEDTLS_ENTROPY_C default y -config MBEDTLS_CIPHER_MODE_CBC - default n - -config MBEDTLS_CIPHER_MODE_CTR - default n - -config MBEDTLS_CHACHA20_C - default n - -config MBEDTLS_POLY1305_C - default n - -config MBEDTLS_CHACHAPOLY_C - default n - -config MBEDTLS_DHM_C - default n - -config MBEDTLS_RSA_C - default n - -config MBEDTLS_SHA512_C - default n - -config MBEDTLS_GCM_C - default n - -config MBEDTLS_CIPHER_MODE_XTS - default n - if !(OPENTHREAD_BORDER_AGENT || OPENTHREAD_COMMISSIONER || OPENTHREAD_COAPS || OPENTHREAD_BLE_TCAT) config MBEDTLS_SSL_SRV_C diff --git a/subsys/nrf_security/CMakeLists.txt b/subsys/nrf_security/CMakeLists.txt index d16356be910f..dadcce3344c6 100644 --- a/subsys/nrf_security/CMakeLists.txt +++ b/subsys/nrf_security/CMakeLists.txt @@ -28,15 +28,14 @@ if(CONFIG_SSF_SERVER_PSA_CRYPTO_SERVICE_ENABLED) set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER True) else() # MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be disabled for Zephyr - # builds or when MBEDTLS_USE_PSA_CRYPTO is enabled (e.g. for TLS/DTLS - # and x.509 support) Note: This configuration is internal and may be - # removed with a new mbed TLS version + # builds or e.g. TLS/DTLS and x.509 support) + # Note: This configuration is internal and may be removed with a new mbed TLS version set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER False) endif() if(CONFIG_BUILD_WITH_TFM) # Execute Cmake logic to forward configurations to TF-M build - include(${NRF_SECURITY_ROOT}/cmake/config_to_tf-m.cmake) + include(${NRF_SECURITY_DIR}/cmake/config_to_tf-m.cmake) endif() if(CONFIG_BUILD_WITH_TFM OR CONFIG_PSA_SSF_CRYPTO_CLIENT) @@ -45,43 +44,19 @@ if(CONFIG_BUILD_WITH_TFM OR CONFIG_PSA_SSF_CRYPTO_CLIENT) # Add replacement platform.c for NS build list(APPEND src_zephyr - ${ARM_MBEDTLS_PATH}/library/platform.c + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/platform/platform.c ) # The current version of the mbed TLS deliverables requires mbedcrypto built # and linked in the NS image (e.g. for mbedtls and mbedx509 library). - # If CC3XX_BACKEND is enabled, configurations need to be converted to - # OBERON_BACKEND (enabled by default). get_cmake_property(all_vars VARIABLES) - # 1. Non-secure should not build the PSA core or drivers - set(CONFIG_MBEDTLS_PSA_CRYPTO_C False) - - # 2. Enable OBERON_BACKEND, disable CC3XX_BACKEND set(CONFIG_NRF_OBERON True) - set(CONFIG_OBERON_BACKEND True) - set(CONFIG_CC3XX_BACKEND False) - set(CONFIG_CC310_BACKEND False) - set(CONFIG_CC312_BACKEND False) set(CONFIG_NRF_CC3XX_PLATFORM False) set(CONFIG_PSA_CRYPTO_DRIVER_CC3XX False) - # 3. Special case: _ALT in CC3XX, not in OBERON (set to False) - set(CONFIG_MBEDTLS_AES_ALT False) - set(CONFIG_MBEDTLS_CCM_ALT False) - set(CONFIG_MBEDTLS_CHACHAPOLY_ALT False) - set(CONFIG_MBEDTLS_CMAC_ALT False) - set(CONFIG_MBEDTLS_ECP_ALT False) - set(CONFIG_MBEDTLS_GCM_ALT False) - set(CONFIG_MBEDTLS_DHM_ALT False) - set(CONFIG_MBEDTLS_RSA_ALT False) - - # 4. Special case: _ALT in ECJPAKE (only in OBERON, set to True) - # Only has effect if ECJPAKE is enabled - set(CONFIG_MBEDTLS_ECJPAKE_ALT True) - - # 5. Special case: Handle platform specific configurations + # Special case: Handle platform specific configurations set(CONFIG_MBEDTLS_PLATFORM_EXIT_ALT False) set(CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT False) else() @@ -95,8 +70,7 @@ add_library(psa_crypto_config INTERFACE) # Add config files required for PSA crypto interface target_compile_definitions(psa_crypto_config INTERFACE - -DMBEDTLS_CONFIG_FILE="${CONFIG_MBEDTLS_CONFIG_FILE}" - -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" + -DTF_PSA_CRYPTO_CONFIG_FILE="${CONFIG_TF_PSA_CRYPTO_CONFIG_FILE}" ) # Add library for crypto configs (S-only or Secure image build) @@ -106,30 +80,18 @@ add_library(psa_crypto_library_config INTERFACE) # Add config files required for PSA core target_compile_definitions(psa_crypto_library_config INTERFACE - -DMBEDTLS_CONFIG_FILE="${CONFIG_MBEDTLS_CONFIG_FILE}" - -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" - -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE}" + -DTF_PSA_CRYPTO_CONFIG_FILE="${CONFIG_TF_PSA_CRYPTO_CONFIG_FILE}" + -DTF_PSA_CRYPTO_USER_CONFIG_FILE="${CONFIG_TF_PSA_CRYPTO_USER_CONFIG_FILE}" ) # Add a library for crypto includes for the PSA interface (NS, S-only and TF-M) # The name and intent of this comes from TF-M distribution add_library(psa_interface INTERFACE) -# Add the includes from nrf_security, Oberon PSA core, and Arm Mbed TLS -# to the psa_interface library -target_include_directories(psa_interface - INTERFACE - # Oberon PSA headers - ${OBERON_PSA_CORE_PATH}/include - ${OBERON_PSA_CORE_PATH}/library - # Mbed TLS (mbedcrypto) PSA headers - ${ARM_MBEDTLS_PATH}/library - ${ARM_MBEDTLS_PATH}/include - ${ARM_MBEDTLS_PATH}/include/library -) +include(cmake/psa_interface_include_directories.cmake) # Finally adding the crypto lib -add_subdirectory(${NRFXLIB_DIR}/crypto crypto_copy) +add_subdirectory(${ZEPHYR_NRFXLIB_MODULE_DIR}/crypto crypto_copy) # Add mbed TLS Libraries add_subdirectory(src) diff --git a/subsys/nrf_security/Kconfig b/subsys/nrf_security/Kconfig index b61499fd4059..66811cf799ab 100644 --- a/subsys/nrf_security/Kconfig +++ b/subsys/nrf_security/Kconfig @@ -6,18 +6,6 @@ menu "nRF Security" -config NORDIC_SECURITY_BACKEND - bool "Use nRF Security with Mbed TLS legacy crypto APIs support" - depends on SOC_FAMILY_NORDIC_NRF - select PSA_CRYPTO - select MBEDTLS_LEGACY_CRYPTO_C - select OBERON_BACKEND if BUILD_WITH_TFM - help - Using this configuration enables legacy support for mbed TLS APIs - This configuration is not to be used for PSA API support. - Note that this will enable nrf_oberon by default. Multiple backends is - not supported. - config PSA_CRYPTO default y if DT_HAS_ZEPHYR_PSA_CRYPTO_RNG_ENABLED \ && !IS_BOOTLOADER_IMG && GEN_ISR_TABLES @@ -28,7 +16,7 @@ endchoice config PSA_CRYPTO_PROVIDER_CUSTOM depends on !BUILD_WITH_TFM - select MBEDTLS_PSA_CRYPTO_C + select MBEDTLS_PSA_CRYPTO_C if !PSA_SSF_CRYPTO_CLIENT config NRF_SECURITY def_bool y @@ -52,7 +40,8 @@ rsource "Kconfig.tf-psa-crypto" # Include PSA Crypto configurations rsource "Kconfig.psa" -# Include Legacy mbed TLS configurations +# Include legacy Mbed TLS configurations +rsource "Kconfig.tf-psa-crypto.deprecated" rsource "Kconfig.legacy" config MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS @@ -62,28 +51,12 @@ config MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS Promptless option used to control if the PSA Crypto core should have support for builtin keys or not. config MBEDTLS_CONFIG_FILE + depends on MBEDTLS default "nrf-config.h" -config MBEDTLS_PSA_CRYPTO_CONFIG - bool - default y - -config MBEDTLS_PSA_CRYPTO_CONFIG_FILE - string - default "nrf-psa-crypto-config.h" - help - Name of the base PSA Crypto configuration file. Used for PSA_WANT_* configurations. - This file is auto-generated with the values of the relevant Kconfig options. - -config MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE - string - default "nrf-psa-crypto-user-config.h" - help - Name of the additional PSA Crypto configuration file. Used for PSA_NEED_* configurations. - This file is auto-generated with the values of the relevant Kconfig options. - config MBEDTLS_ENABLE_HEAP bool "Global heap for mbed TLS" + select MBEDTLS_MEMORY_BUFFER_ALLOC_C help This option enables the mbedtls to use the heap. This setting must be global so that various applications and libraries in Zephyr do not @@ -95,7 +68,6 @@ if MBEDTLS_ENABLE_HEAP config MBEDTLS_HEAP_SIZE int "Heap size for mbed TLS" - default 15360 if OPENTHREAD_NRF_SECURITY default 512 help Heap size for mbed TLS in bytes. @@ -114,19 +86,6 @@ config MBEDTLS_MEMORY_DEBUG endif # MBEDTLS_ENABLE_HEAP -config MBEDTLS_ENTROPY_POLL - bool - default y - depends on !NRF_CC3XX_PLATFORM - depends on !BUILD_WITH_TFM - depends on ENTROPY_GENERATOR - help - Add entropy_poll only if NRF_CC3XX_PLATFORM is not added. - This is because the nrf_cc3xx_platform library contains an - implementation of mbedtls_hardware_poll function. - This file is not useful for TF-M build where entropy should come - from SPE image, using psa_generate_random - # This Kconfig symbol is referenced in nrf_security CMake code but is # configured out-of-tree. Define it here to satisfy the linter and ensure # it is always defined. @@ -135,9 +94,6 @@ config SSF_SERVER_PSA_CRYPTO_SERVICE_ENABLED endif # NRF_SECURITY -menu "Zephyr legacy configurations" - depends on MBEDTLS_LIBRARY_NRF_SECURITY - config MBEDTLS_TLS_VERSION_1_2 bool "Support for TLS 1.2 (DTLS 1.2)" select PSA_WANT_ALG_SHA_1 @@ -231,21 +187,4 @@ config MBEDTLS_ENTROPY_ENABLED config MBEDTLS_GENPRIME_ENABLED bool "Prime-number generation code" -endmenu # Zephyr legacy configurations - -# -# Provide a new choice to override the mbedtls_external library completely -# and not have to provide a "dummy" path for the implementation -# -choice MBEDTLS_IMPLEMENTATION - default MBEDTLS_LIBRARY_NRF_SECURITY - -config MBEDTLS_LIBRARY_NRF_SECURITY - bool "Use nRF Security mbedTLS version" - depends on NRF_SECURITY - help - Use Mbed TLS library from Nordic provided security backend - -endchoice - endmenu diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index 691bda173c10..fc4fe85bcfa6 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -22,7 +22,7 @@ config MBEDTLS_MEMORY_BUFFER_ALLOC_C config MBEDTLS_THREADING_C bool "Threading support for Mbed TLS and PSA crypto" - default y if CC3XX_BACKEND || MBEDTLS_PSA_CRYPTO_C + default y if MBEDTLS_PSA_CRYPTO_C depends on MULTITHREADING help Threading support is used when PSA crypto is built locally or @@ -34,17 +34,13 @@ config MBEDTLS_BASE64_C bool default y -config MBEDTLS_OID_C - bool - default y - config MBEDTLS_ASN1_WRITE_C bool - default y if MBEDTLS_PEM_WRITE_C || MBEDTLS_USE_PSA_CRYPTO + default y if MBEDTLS_PEM_WRITE_C || MBEDTLS_PK_WRITE_C config MBEDTLS_ASN1_PARSE_C bool - default y if MBEDTLS_PEM_PARSE_C || MBEDTLS_USE_PSA_CRYPTO + default y if MBEDTLS_PEM_PARSE_C || MBEDTLS_PK_PARSE_C # Platform configurations for _ALT defines config MBEDTLS_PLATFORM_EXIT_ALT @@ -61,210 +57,15 @@ config MBEDTLS_PLATFORM_SNPRINTF_ALT config MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT bool - default y if CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX + default y if HW_CC3XX || PSA_CRYPTO_DRIVER_CC3XX depends on !BUILD_WITH_TFM -config MBEDTLS_ENTROPY_HARDWARE_ALT - bool - default y - config MBEDTLS_THREADING_ALT bool - default y if CC3XX_BACKEND || MBEDTLS_PSA_CRYPTO_C + default y if HW_CC3XX || MBEDTLS_PSA_CRYPTO_C depends on !BUILD_WITH_TFM depends on MBEDTLS_THREADING_C -# Legacy configurations for _ALT defines -config MBEDTLS_AES_SETKEY_ENC_ALT - bool - depends on OBERON_ONLY_ENABLED - default y - -config MBEDTLS_AES_SETKEY_DEC_ALT - bool - depends on OBERON_ONLY_ENABLED - default y - -config MBEDTLS_AES_ENCRYPT_ALT - bool - depends on OBERON_ONLY_ENABLED - default y - -config MBEDTLS_AES_DECRYPT_ALT - bool - depends on OBERON_ONLY_ENABLED - default y - -config MBEDTLS_AES_ALT - bool - depends on CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_CMAC_ALT - bool - depends on CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_CCM_ALT - bool - depends on CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_GCM_ALT - bool - depends on CC312_BACKEND || \ - (PSA_CRYPTO_DRIVER_CC3XX && HAS_HW_NRF_CC312) - default y - -config MBEDTLS_CHACHA20_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_POLY1305_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_CHACHAPOLY_ALT - bool - depends on CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - depends on MBEDTLS_CHACHA20_ALT - -config MBEDTLS_DHM_ALT - bool - depends on CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_ECP_ALT - bool - depends on CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_ECDH_GEN_PUBLIC_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_ECDH_COMPUTE_SHARED_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_ECDSA_GENKEY_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_ECDSA_SIGN_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_ECDSA_VERIFY_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_ECJPAKE_ALT - bool - depends on OBERON_ONLY_ENABLED - default y - -config MBEDTLS_RSA_ALT - bool - depends on CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_SHA1_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_SHA224_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_SHA256_ALT - bool - depends on OBERON_BACKEND || PSA_CRYPTO_DRIVER_OBERON || \ - CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX - default y - -config MBEDTLS_SHA384_ALT - bool - -config MBEDTLS_SHA512_ALT - bool - -# Legacy configurations required for RNG in Legacy and PSA scope - -config MBEDTLS_ENTROPY_FORCE_SHA256 - bool - default y - help - Enforcing usage of SHA-256 for concatenating entropy from multiple sources - by default. - -config MBEDTLS_ENTROPY_MAX_SOURCES - int - default 1 - help - Max entropy sources (Defaults to 1) - -config MBEDTLS_NO_PLATFORM_ENTROPY - bool - default y - -# End items required for non CryptoCell RNG in PSA scope - -# Prompt-less configuration to state what is missing - -config CC310_ONLY_PSA_ENABLED - bool - default y - depends on HAS_HW_NRF_CC310 && !PSA_CRYPTO_DRIVER_OBERON - -config CC312_ONLY_PSA_ENABLED - bool - default y - depends on HAS_HW_NRF_CC312 && !PSA_CRYPTO_DRIVER_OBERON - -config CC310_ONLY_ENABLED - bool - default y - depends on (CC310_BACKEND && !OBERON_BACKEND) || \ - CC310_ONLY_PSA_ENABLED - -config CC312_ONLY_ENABLED - bool - default y - depends on (CC312_BACKEND && !OBERON_BACKEND) || \ - CC312_ONLY_PSA_ENABLED - -config OBERON_ONLY_PSA_ENABLED - bool - default y - depends on (PSA_CRYPTO_DRIVER_OBERON && !PSA_CRYPTO_DRIVER_CC3XX && !PSA_CRYPTO_DRIVER_CRACEN) && \ - !CC3XX_BACKEND - -config OBERON_ONLY_ENABLED - bool - default y - depends on (OBERON_BACKEND && !CC3XX_BACKEND) || \ - OBERON_ONLY_PSA_ENABLED - menu "Legacy mbed TLS crypto APIs" config MBEDTLS_MPI_WINDOW_SIZE @@ -278,525 +79,18 @@ config MBEDTLS_MPI_WINDOW_SIZE config MBEDTLS_MPI_MAX_SIZE int - prompt "Maximum number of bytes for usable MPIs." if !(CC312_BACKEND || CC310_BACKEND) - default 256 if CC310_BACKEND - default 384 if CC312_BACKEND + prompt "Maximum number of bytes for usable MPIs." default 384 # Needed to support RSA 3072 range 256 2048 -config MBEDTLS_LEGACY_CRYPTO_C_SILENCE_DEPRECATION - bool - help - Prompt-less configuration that can be set by subsystems that still are - dependent on legacy Mbed TLS APIs to build and run. Setting this - removes warnings for the deprecated MBEDTLS_LEGACY_CRYPTO_C Kconfig. - -config MBEDTLS_LEGACY_CRYPTO_C - bool "(Legacy) mbed TLS crypto APIs" - select DEPRECATED if !MBEDTLS_LEGACY_CRYPTO_C_SILENCE_DEPRECATION - help - Enable support for legacy mbed TLS APIs. - Note that this is a configuration that will be removed. - It is only provided during a transition period while PSA Crypto APIs become - the defacto front-end. Enabling this will enable nrf_oberon for all features that - are supported and builtin for the remaining functionality. - -if MBEDTLS_LEGACY_CRYPTO_C - -config CC310_BACKEND - bool - depends on HAS_HW_NRF_CC310 && !BUILD_WITH_TFM && \ - (PSA_CRYPTO_DRIVER_CC3XX || CC3XX_BACKEND) - default y - help - Convenience configuration to state explicitly that CryptoCell CC310 is enabled. - -config CC312_BACKEND - bool - depends on HAS_HW_NRF_CC312 && !BUILD_WITH_TFM && \ - (PSA_CRYPTO_DRIVER_CC3XX || CC3XX_BACKEND) - default y - help - Convenience configuration to state explicitly that CryptoCell CC312 is enabled. - -config CC3XX_BACKEND_FORCED - bool - -config OBERON_BACKEND_FORCED - bool - -config CC3XX_BACKEND - bool - depends on HAS_HW_NRF_CC3XX && !OBERON_BACKEND_FORCED - prompt "Configuration to enable CryptoCell CC3XX for legacy mbed TLS APIs" - help - This configuration enables legacy mbed TLS APIs using cc3xx. - PSA_CRYPTO_DRIVER_CC3XX should be used instead, and will replace this once - PSA crypto APIs are standardized. - -config OBERON_BACKEND - bool "Configuration to enable nrf_oberon for legacy mbed TLS APIs" - select NRF_OBERON - depends on !(CC3XX_BACKEND_FORCED || CC3XX_BACKEND) - help - This configuration enables legacy mbed TLS APIs using nrf_oberon. - PSA_CRYPTO_DRIVER_OBERON should be used instead and will replace this once - PSA crypto APIs are standardized. - -config MBEDTLS_CTR_DRBG_C - bool "PRNG using CTR_DRBG" - select MBEDTLS_AES_C - default y if !HAS_HW_NRF_CC3XX - help - This setting will enable CTR_DRBG APIs in mbed TLS. - Corresponds to MBEDTLS_CTR_DRBG_C setting in mbed TLS config file. - -config MBEDTLS_CTR_DRBG_USE_128_BIT_KEY - bool - default y if HAS_HW_NRF_CC310 - help - Use 128 bit AES instead of 256 bit for CTR_DRBG. - -config MBEDTLS_HMAC_DRBG_C - bool "PRNG using HMAC_DRBG" - default y - select MBEDTLS_SHA256_C - help - This setting will enable HMAC_DRBG APIs in mbed TLS. - Corresponds to MBEDTLS_HMAC_DRBG_C setting in mbed TLS config file. - -config MBEDTLS_ENTROPY_C - bool "Entropy gathering" - depends on !MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG - default y if !HAS_HW_NRF_CC3XX - help - Enable this setting to build entropy APIs usable to gather entropy - form external sources. Only in use for devices that doesn't have - CryptoCell. - -menuconfig MBEDTLS_AES_C - bool "AES - Advanced Encryption Standard" - default y if !MBEDTLS_USE_PSA_CRYPTO - help - This setting will enable AES block cipher, including ECB - Electronic Code Book. - Enabling AES will provide a sub-menu which allows for fine grained - configuration of specific cipher support. - Corresponds to MBEDTLS_AES_C setting in mbed TLS config file. - -if MBEDTLS_AES_C - -comment "Cipher Selection" - -config MBEDTLS_CIPHER_MODE_CBC - bool "AES-CBC - AES Cipher Block Chaining mode" - default y if !OPENTHREAD - select PSA_WANT_ALG_CBC_NO_PADDING if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT - help - Enable the AES Cipher Block Chaining (CBC) mode, - MBEDTLS_CIPHER_MODE_CBC setting in mbed TLS config file. - -menu "CBC cipher padding modes" - depends on MBEDTLS_CIPHER_MODE_CBC - -config MBEDTLS_CIPHER_PADDING_PKCS7 - bool "MBEDTLS_CIPHER_PADDING_PKCS7" - default y if !OPENTHREAD - select PSA_WANT_ALG_CBC_PKCS7 if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT - help - Enable support for PKCS7 padding for CBC cipher functions in mbedTLS. - That is, fill buffer with ll bytes, where ll is padding length. - -config MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS - bool "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS" - default y - help - Enable support for one and zeros padding for CBC cipher functions in mbedTLS. - That is, fill buffer with 80 00 .. 00. - -config MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN - bool "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN" - default y - help - Enable support for zeros and length padding for CBC cipher functions in mbedTLS. - That is, fill buffer with 00 .. 00 ll, where ll is padding length. - -config MBEDTLS_CIPHER_PADDING_ZEROS - bool "MBEDTLS_CIPHER_PADDING_ZEROS" - default y - help - Enable support for zeros padding for CBC cipher functions in mbedTLS. - That is, fill buffer with 00 .. 00. - -config MBEDTLS_AES_FEWER_TABLES - bool "Use fewer tables for AES" - depends on !(OBERON_BACKEND || CC3XX_BACKEND) - -config MBEDTLS_AES_ROM_TABLES - bool "Use AES tables in ROM" - depends on !(OBERON_BACKEND || CC3XX_BACKEND) - -endmenu # CBC cipher padding modes - -config MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH - bool "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" - help - Enable AES operations to support only 128-bit keys to reduce ROM usage. - -config MBEDTLS_CIPHER_MODE_CTR - bool "AES-CTR - AES Counter Block Cipher mode" - default y - select PSA_WANT_ALG_CTR if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT - help - Enable the AES Counter Block Cipher mode (CTR) mode, - MBEDTLS_CIPHER_MODE_CTR setting in mbed TLS config file. - -config MBEDTLS_CIPHER_MODE_XTS - bool "AES-XTS - AES Xor-encrypt-xor with ciphertext stealing mode" - depends on OBERON_BACKEND - # default y - Currently not supported - help - Enable the AES Xor-encrypt-xor with ciphertext stealing mode (XTS) mode, - MBEDTLS_CIPHER_MODE_XTS setting in mbed TLS config file. - -config MBEDTLS_CMAC_C - bool "AES-CMAC - AES Cipher-based Message Authentication Code mode for block ciphers" - default y if !MBEDTLS_USE_PSA_CRYPTO - select PSA_WANT_ALG_CMAC if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_ECB_NO_PADDING - select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT - help - Enable AES CMAC support. - -endif # MBEDTLS_AES_C - -menu "AEAD - Authenticated Encryption with Associated Data" - -config MBEDTLS_CCM_C - bool "AES-CCM - AES Counter with CBC-MAC mode" - depends on MBEDTLS_AES_C - default y if !MBEDTLS_USE_PSA_CRYPTO - select PSA_WANT_ALG_CCM if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT - help - Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - This also includes CCM* - MBEDTLS_CCM_C setting in mbed TLS config file. - -config MBEDTLS_GCM_C - bool "AES-GCM - AES Galois/Counter Mode support" - default y if !(OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) - select PSA_WANT_ALG_GCM if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT - help - Enable the GCM module. - MBEDTLS_GCM_C setting in mbed TLS config file. - -config MBEDTLS_CHACHA20_C - bool "CHACHA20 stream cipher support" - default y if !(OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) - select PSA_WANT_ALG_CHACHA20 if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_STREAM_CIPHER if PSA_CRYPTO_CLIENT - help - Enable the CHACHA20 stream cipher. - MBEDTLS_CHACHA20_C setting in mbed TLS config file. - -config MBEDTLS_POLY1305_C - bool "POLY1305 module support" - default y if !(OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) - select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT - help - Enable the POLY1305 module. - MBEDTLS_POLY1305_C setting in mbed TLS config file. - -config MBEDTLS_CHACHAPOLY_C - bool "CHACHA-POLY module support" - depends on (MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C) - default y if !(OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) - select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT - help - Enable the CHACHA-POLY module. - MBEDTLS_CHACHAPOLY_C setting in mbed TLS config file. - -endmenu # AEAD - Authenticated Encryption with Associated Data - -config MBEDTLS_DHM_C - bool "DHM - Diffie-Hellman-Merkel" - default y if MBEDTLS_TLS_LIBRARY - help - Enable the DHM module. - MBEDTLS_DHM_C setting in mbed TLS config file. - -menuconfig MBEDTLS_ECP_C - bool "ECC - Elliptic Curve Cryptography" - default y - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE if PSA_CRYPTO_CLIENT - help - Enable low level APIs for elliptic curves for - additional functionality (besides ECDH and ECDSA) - Enabling ECC will provide a sub-menu which allows for fine grained - configuration of ECC based features and specific cipher support. - Corresponds to MBEDTLS_ECP_C setting in mbed TLS config file. - -if MBEDTLS_ECP_C - -config MBEDTLS_ECDH_C - bool "ECDH - Elliptic Curve Diffie-Hellman" - default y if !MBEDTLS_USE_PSA_CRYPTO - select PSA_WANT_ALG_ECDH if PSA_CRYPTO_CLIENT - help - Enable the ECDH module. - MBEDTLS_ECDH_C setting in mbed TLS config file. - -config MBEDTLS_ECDSA_C - bool "ECDSA - Elliptic Curve Digital Signature Algorithm" - default y if !MBEDTLS_USE_PSA_CRYPTO - select PSA_WANT_ALG_ECDSA if PSA_CRYPTO_CLIENT - help - Enable the ECDSA module. - MBEDTLS_ECDSA_C setting in mbed TLS config file. - -config MBEDTLS_ECDSA_DETERMINISTIC - bool "Deterministic ECDSA (RFC 6979)" - select MBEDTLS_HMAC_DRBG_C if !PSA_CRYPTO_CLIENT - depends on MBEDTLS_ECDSA_C - default y if !MBEDTLS_USE_PSA_CRYPTO - select PSA_WANT_ALG_DETERMINISTIC_ECDSA if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_HMAC if PSA_CRYPTO_CLIENT - -config MBEDTLS_ECJPAKE_C - bool "ECJPAKE - Elliptic curve J-PAKE" - default y if !MBEDTLS_USE_PSA_CRYPTO - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY - help - Enable support for ECJPAKE - -menu "ECC curves" - -config MBEDTLS_ECP_DP_SECP224R1_ENABLED - bool "NIST curve secp224r1" - select PSA_WANT_ECC_SECP_R1_224 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_SECP224R1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_SECP256R1_ENABLED - bool "NIST curve secp256r1" - default y - select PSA_WANT_ECC_SECP_R1_256 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_SECP256R1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_SECP384R1_ENABLED - bool "NIST curve secp384r1" - depends on !OBERON_BACKEND - select PSA_WANT_ECC_SECP_R1_384 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_SECP384R1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_SECP521R1_ENABLED - bool "NIST curve secp521r1" - depends on !OBERON_BACKEND - select PSA_WANT_ECC_SECP_R1_521 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_SECP521R1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_SECP224K1_ENABLED - bool "Koblitz curve secp224k1" - depends on !OBERON_BACKEND - select PSA_WANT_ECC_SECP_K1_224 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_SECP224K1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_SECP256K1_ENABLED - bool "Koblitz curve secp256k1" - depends on !OBERON_BACKEND - select PSA_WANT_ECC_SECP_K1_256 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_SECP256K1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_BP256R1_ENABLED - bool "Brainpool curve bp256r1" - depends on !OBERON_BACKEND - depends on !CC3XX_BACKEND - select PSA_WANT_ECC_BRAINPOOL_P_R1_256 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_BP256R1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_BP384R1_ENABLED - bool "Brainpool curve bp384r1" - depends on !OBERON_BACKEND - depends on !CC3XX_BACKEND - select PSA_WANT_ECC_BRAINPOOL_P_R1_384 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_BP384R1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_BP512R1_ENABLED - bool "Brainpool curve bp512r1" - depends on !OBERON_BACKEND - depends on !CC3XX_BACKEND - select PSA_WANT_ECC_BRAINPOOL_P_R1_512 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_BP512R1_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_CURVE25519_ENABLED - bool "Curve25519" - depends on !OBERON_BACKEND - select PSA_WANT_ECC_MONTGOMERY_255 if PSA_CRYPTO_CLIENT - - help - MBEDTLS_ECP_DP_CURVE25519_ENABLED setting in mbed TLS config file. - -config MBEDTLS_ECP_DP_CURVE448_ENABLED - bool "Curve448" - depends on !OBERON_BACKEND - depends on !CC3XX_BACKEND - select PSA_WANT_ECC_MONTGOMERY_448 if PSA_CRYPTO_CLIENT - help - MBEDTLS_ECP_DP_CURVE448_ENABLED setting in mbed TLS config file. - -endmenu # ECC curves - -endif # MBEDTLS_ECP_C - -config MBEDTLS_HKDF_C - bool "HKDF support" - default y if !MBEDTLS_USE_PSA_CRYPTO - select PSA_WANT_ALG_HMAC if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_HKDF if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_TLS12_PRF if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY - select PSA_WANT_ALG_TLS12_PSK_TO_MS if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY - help - Enable HKDF support. - MBEDTLS_HKDF_C setting in mbed TLS config file. - -config MBEDTLS_RSA_C - bool "RSA - Rivest-Shamir-Adleman cryptosystem" - select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT - select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE if PSA_CRYPTO_CLIENT - select PSA_WANT_RSA_KEY_SIZE_2048 if PSA_CRYPTO_CLIENT - help - Enable RSA cryptosystem support. - MBEDTLS_RSA_C setting in mbed TLS config file. - -if MBEDTLS_RSA_C - -comment "RSA Encoding Selection" - -config MBEDTLS_GENPRIME - bool - default y - select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT - -config MBEDTLS_PKCS1_V15 - bool "PKCS1 v1.5 support" - default y - select PSA_WANT_ALG_RSA_PKCS1V15_CRYPT if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_RSA_PKCS1V15_SIGN if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW if PSA_CRYPTO_CLIENT - -config MBEDTLS_PKCS1_V21 - bool "PKCS1 v2.1 support" - default y - select PSA_WANT_ALG_RSA_PSS if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_RSA_PSS_ANY_SALT if PSA_CRYPTO_CLIENT - select PSA_WANT_ALG_RSA_OAEP if PSA_CRYPTO_CLIENT - -endif # MBEDTLS_RSA_C - -menu "SHA - Secure Hash Algorithm" - -config MBEDTLS_MD5_C - bool - default y if NET_TCP - help - MD5 hash functionality. - MD5 is not recommended for general use as a secure hash algorithm. - -config MBEDTLS_SHA1_C - bool "SHA-1 hash functionality" - default y if !(OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) - select PSA_WANT_ALG_SHA_1 if PSA_CRYPTO_CLIENT - help - SHA-1 hash functionality. - -config MBEDTLS_SHA224_C - bool "SHA-224 hash functionality" - default y if !(OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) - select PSA_WANT_ALG_SHA_224 if PSA_CRYPTO_CLIENT - help - SHA-224 hash functionality. - -config MBEDTLS_SHA256_C - bool "SHA-256 hash functionality" - default y if !MBEDTLS_USE_PSA_CRYPTO - select PSA_WANT_ALG_SHA_256 if PSA_CRYPTO_CLIENT - help - SHA-256 hash functionality. - -config MBEDTLS_SHA256_SMALLER - bool "Use smaller SHA-256 implementation" - depends on !(OBERON_BACKEND || CC3XX_BACKEND) - depends on MBEDTLS_SHA256_C - -config MBEDTLS_SHA384_C - bool "SHA-384 hash functionality" - select MBEDTLS_SHA512_C - default y if !(OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) - select PSA_WANT_ALG_SHA_384 if PSA_CRYPTO_CLIENT - help - SHA-384 hash functionality. - -config MBEDTLS_SHA512_C - bool "SHA-512 hash functionality" - default y if !(OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) - select PSA_WANT_ALG_SHA_512 if PSA_CRYPTO_CLIENT - help - SHA-512 hash functionality. - -config MBEDTLS_512_SMALLER - bool "Use smaller SHA-512 implementation" - depends on !(OBERON_BACKEND || CC3XX_BACKEND) - depends on MBEDTLS_SHA512_C - -endmenu # SHA - Secure Hash Algorithm - -config MBEDTLS_FORCE_LEGACY_MD - bool "Force using legacy crypto for MD" - default y if BUILD_WITH_TFM && TFM_PROFILE_TYPE_MINIMAL - help - Should only be used when TF-M MINIMAL profile is used - -config MBEDTLS_FORCE_LEGACY_CIPHER - bool "Force using legacy crypto for cipher" - default y if BUILD_WITH_TFM && TFM_PROFILE_TYPE_MINIMAL - help - Should only be used when TF-M MINIMAL profile is used - -endif #MBEDTLS_LEGACY_CRYPTO_C - -config MBEDTLS_CIPHER_C - bool "Cipher support" - default y if MBEDTLS_LEGACY_CRYPTO_C - config MBEDTLS_MD_C bool "MD support" - default y if MBEDTLS_LEGACY_CRYPTO_C || MBEDTLS_TLS_LIBRARY + default y if MBEDTLS_TLS_LIBRARY config MBEDTLS_PK_C bool "PK support" - default y if MBEDTLS_TLS_LIBRARY - select PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY if MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_ECP_C + default y if MBEDTLS_TLS_LIBRARY && \ + (PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) config MBEDTLS_PKCS5_C bool "PKCS5 support" @@ -826,8 +120,4 @@ config MBEDTLS_PEM_WRITE_C bool "Support writing PEM files" select MBEDTLS_BASE64_C -config MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME - bool - depends on WIFI_NM_WPA_SUPPLICANT - endmenu # Legacy mbed TLS crypto APIs diff --git a/subsys/nrf_security/Kconfig.psa b/subsys/nrf_security/Kconfig.psa index 1dc58586f353..7a7edfa83be3 100644 --- a/subsys/nrf_security/Kconfig.psa +++ b/subsys/nrf_security/Kconfig.psa @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -if PSA_CRYPTO_CLIENT +if PSA_CRYPTO config MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER bool @@ -29,8 +29,8 @@ menu "PSA API support" config MBEDTLS_PSA_CRYPTO_SPM bool help - Configation that enables alternate naming of mbedcrypto symbols in - scope of TF-M build (Prefixes with mbedcrypto__) + Configation that enables alternate naming of PSA Crypto symbols in + scope of TF-M secure build (prefixes with mbedcrypto__). config MBEDTLS_PSA_CRYPTO_STORAGE_C bool "PSA storage for persistent keys" @@ -39,9 +39,6 @@ config MBEDTLS_PSA_CRYPTO_STORAGE_C help Corresponds to MBEDTLS_PSA_CRYPTO_STORAGE_C setting in mbed TLS config file. -config MBEDTLS_USE_PSA_CRYPTO - default n if MBEDTLS_LEGACY_CRYPTO_C - config MBEDTLS_PSA_KEY_SLOT_COUNT int "Number of PSA key slots available" default 32 @@ -73,4 +70,4 @@ config PSA_CRYPTO_DRIVER_ALG_PRNG_TEST endmenu # PSA API support -endif # PSA_CRYPTO_CLIENT +endif # PSA_CRYPTO diff --git a/subsys/nrf_security/Kconfig.psa.nordic b/subsys/nrf_security/Kconfig.psa.nordic index 3e6a3174dd6a..5cde7807400b 100644 --- a/subsys/nrf_security/Kconfig.psa.nordic +++ b/subsys/nrf_security/Kconfig.psa.nordic @@ -39,9 +39,7 @@ config PSA_HAS_ASYM_SIGN_SUPPORT PSA_WANT_ALG_ED448PH || \ PSA_WANT_ALG_PURE_EDDSA || \ PSA_WANT_ALG_RSA_PKCS1V15_SIGN || \ - PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW || \ PSA_WANT_ALG_RSA_PSS || \ - PSA_WANT_ALG_RSA_PSS_ANY_SALT || \ PSA_WANT_ALG_HSS || \ PSA_WANT_ALG_LMS || \ PSA_WANT_ALG_XMSS || \ @@ -255,14 +253,6 @@ config PSA_WANT_ALG_ML_KEM config PSA_WANT_ALG_PURE_EDDSA bool "PSA PURE_EDDSA support" if !PSA_PROMPTLESS -config PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW - bool "PSA RSA raw PKCS#1 v1.5 message signature support, without hashing)" if !PSA_PROMPTLESS - default y if PSA_CRYPTO_ENABLE_ALL - -config PSA_WANT_ALG_RSA_PSS_ANY_SALT - bool "PSA RSA PSS message signature support, any salt length" if !PSA_PROMPTLESS - default y if PSA_CRYPTO_ENABLE_ALL - config PSA_WANT_ALG_SHA_256_192 bool "PSA SHA-256/192 support" if !PSA_PROMPTLESS default y if PSA_CRYPTO_ENABLE_ALL @@ -318,7 +308,7 @@ config PSA_WANT_ALG_XTS config PSA_WANT_ALG_ECB_NO_PADDING bool "PSA ECB support" if !PSA_PROMPTLESS default y if PSA_CRYPTO_ENABLE_ALL - default y if MBEDTLS_BUILTIN && !MBEDTLS_FORCE_LEGACY_CIPHER && \ + default y if TF_PSA_CRYPTO_BUILTIN && \ PSA_WANT_KEY_TYPE_AES && (PSA_WANT_ALG_GCM || PSA_WANT_ALG_CCM) config PSA_WANT_ALG_CHACHA20 diff --git a/subsys/nrf_security/Kconfig.tf-psa-crypto b/subsys/nrf_security/Kconfig.tf-psa-crypto index f9089dca04d4..b87bca6d5950 100644 --- a/subsys/nrf_security/Kconfig.tf-psa-crypto +++ b/subsys/nrf_security/Kconfig.tf-psa-crypto @@ -4,6 +4,23 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +# We use MBEDTLS_BUILTIN, but with nrf_security we bring our own TF-PSA-Crypto (Oberon PSA Crypto). +choice TF_PSA_CRYPTO_IMPLEMENTATION + default TF_PSA_CRYPTO_CUSTOM +endchoice + +config TF_PSA_CRYPTO_MODULE_DIR + default "${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}" + +configdefault TF_PSA_CRYPTO_CONFIG_FILE + default "nrf-psa-crypto-config.h" + +configdefault TF_PSA_CRYPTO_USER_CONFIG_FILE + default "nrf-psa-crypto-user-config.h" + +config MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS + select DEPRECATED + # Make sure that MBEDTLS_PSA_CRYPTO_RNG_SOURCE is available even when !MBEDTLS_PSA_CRYPTO_C # (when building TF-M) so that MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is always enabled. # This is needed because without this symbol the Oberon PSA core defaults to legacy RNG. diff --git a/subsys/nrf_security/Kconfig.tf-psa-crypto.deprecated b/subsys/nrf_security/Kconfig.tf-psa-crypto.deprecated new file mode 100644 index 000000000000..8640b002f677 --- /dev/null +++ b/subsys/nrf_security/Kconfig.tf-psa-crypto.deprecated @@ -0,0 +1,113 @@ +# +# Copyright (c) 2026 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +if MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS + +config MBEDTLS_AES_C + bool "AES - Advanced Encryption Standard [DEPRECATED]" + select DEPRECATED + select PSA_WANT_KEY_TYPE_AES + imply MBEDTLS_CIPHER_MODE_CBC if !OPENTHREAD + imply MBEDTLS_CIPHER_PADDING_PKCS7 if !OPENTHREAD + imply MBEDTLS_CIPHER_MODE_CTR + +if MBEDTLS_AES_C + +config MBEDTLS_CIPHER_MODE_CBC + bool "AES-CBC - AES Cipher Block Chaining mode [DEPRECATED]" + select DEPRECATED + select PSA_WANT_ALG_CBC_NO_PADDING + +config MBEDTLS_CIPHER_PADDING_PKCS7 + bool "MBEDTLS_CIPHER_PADDING_PKCS7 [DEPRECATED]" + select DEPRECATED + select PSA_WANT_ALG_CBC_PKCS7 + +config MBEDTLS_CIPHER_MODE_CTR + bool "AES-CTR - AES Counter Block Cipher mode [DEPRECATED]" + select DEPRECATED + select PSA_WANT_ALG_CTR + +endif # MBEDTLS_AES_C + +config MBEDTLS_CCM_C + bool "AES-CCM - AES Counter with CBC-MAC mode [DEPRECATED]" + select DEPRECATED + select PSA_WANT_ALG_CCM + select PSA_WANT_KEY_TYPE_AES + +config MBEDTLS_GCM_C + bool "AES-GCM - AES Galois/Counter Mode support [DEPRECATED]" + select DEPRECATED + select PSA_WANT_ALG_GCM + select PSA_WANT_KEY_TYPE_AES + +config MBEDTLS_SHA256_C + bool "SHA-256 hash functionality [DEPRECATED]" + select DEPRECATED + select PSA_WANT_ALG_SHA_256 + +config MBEDTLS_SHA256_SMALLER + bool "Use smaller SHA-256 implementation" + depends on PSA_WANT_ALG_SHA_256 + default y + +config MBEDTLS_SHA512_C + bool "SHA-512 hash functionality [DEPRECATED]" + select DEPRECATED + select PSA_WANT_ALG_SHA_512 + +config MBEDTLS_ECP_C + bool "ECC - Elliptic Curve Cryptography [DEPRECATED]" + select DEPRECATED + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + select MBEDTLS_BIGNUM_C + +if MBEDTLS_ECP_C + +config MBEDTLS_ECDSA_C + bool "ECDSA - Elliptic Curve Digital Signature Algorithm" + select PSA_WANT_ALG_ECDSA + +endif # MBEDTLS_ECP_C + +config MBEDTLS_BIGNUM_C + bool "Prime number generation [DEPRECATED]" + select DEPRECATED + +config MBEDTLS_RSA_C + bool "RSA - Rivest-Shamir-Adleman cryptosystem [DEPRECATED]" + select DEPRECATED + select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT + select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT + select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE + select PSA_WANT_RSA_KEY_SIZE_2048 + +if MBEDTLS_RSA_C + +config MBEDTLS_GENPRIME + bool + default y + select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE + +config MBEDTLS_PKCS1_V15 + bool "PKCS1 v1.5 support" + default y + select PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + select PSA_WANT_ALG_RSA_PKCS1V15_SIGN + +config MBEDTLS_PKCS1_V21 + bool "PKCS1 v2.1 support" + default y + select PSA_WANT_ALG_RSA_PSS + select PSA_WANT_ALG_RSA_OAEP + +endif # MBEDTLS_RSA_C + +endif # MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS diff --git a/subsys/nrf_security/Kconfig.tls b/subsys/nrf_security/Kconfig.tls index 29a6c5123429..2f66c216de8c 100644 --- a/subsys/nrf_security/Kconfig.tls +++ b/subsys/nrf_security/Kconfig.tls @@ -4,12 +4,10 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -menuconfig MBEDTLS_X509_LIBRARY - bool "Create mbed TLS x509 library" +config MBEDTLS_X509_LIBRARY + bool select MBEDTLS_PK_C - default y if PSA_CRYPTO_CLIENT && (MBEDTLS_ECDSA_C || MBEDTLS_ECDH_C) - help - Create the mbed x509 library for handling of certificates. + default y if MBEDTLS_ECDSA_C || PSA_WANT_ALG_ECDH if MBEDTLS_X509_LIBRARY @@ -84,15 +82,13 @@ config MBEDTLS_PKCS7_C endif # MBEDTLS_X509_LIBRARY -menuconfig MBEDTLS_TLS_LIBRARY - bool "Create mbed TLS transport layer security library" +config MBEDTLS_TLS_LIBRARY + bool + select MBEDTLS select MBEDTLS_X509_LIBRARY imply PSA_WANT_ALG_TLS12_PRF imply PSA_WANT_ALG_TLS12_PSK_TO_MS default y if NET_SOCKETS_SOCKOPT_TLS - help - Create the mbed SSL/TLS library in addition to the mbed crypto - library. if MBEDTLS_TLS_LIBRARY @@ -122,8 +118,6 @@ endif # MBEDTLS_SSL_TLS_C config MBEDTLS_SSL_PROTO_TLS1_2 bool "TLS version 1.2 protocol" default y - depends on (MBEDTLS_SHA1_C || MBEDTLS_SHA256_C || MBEDTLS_SHA512_C) || \ - PSA_CRYPTO_CLIENT help Enable the TLS 1.2 protocol Corresponds to MBEDTLS_SSL_PROTO_TLS1_2 in mbed TLS config file @@ -221,15 +215,6 @@ config MBEDTLS_SSL_DTLS_BADMAC_LIMIT endif # MBEDTLS_SSL_PROTO_DTLS -# This config can be set only for OpenThread's TCAT and CoAPs, because these are isolated cases, -# when X.509 certificate-based handshake is done in an internal network with full trust. -# KRKNWK-20181 -config MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME - bool - depends on OPENTHREAD_BLE_TCAT || OPENTHREAD_COAPS - help - Allow weak certificate verification without hostname check. - config MBEDTLS_SSL_ALL_ALERT_MESSAGES bool "All SSL alert messages" default y @@ -290,7 +275,6 @@ config MBEDTLS_SSL_CACHE_C config MBEDTLS_SSL_TICKET_C bool "SSL - tickets" - depends on MBEDTLS_CIPHER_C help Enable an implementation of TLS server-side callbacks for session tickets. @@ -304,7 +288,7 @@ config MBEDTLS_SSL_OUT_CONTENT_LEN int prompt "Max length for TLS outgoing fragments" range 0 16384 - default 900 if OPENTHREAD_NRF_SECURITY || OPENTHREAD_NRF_SECURITY_PSA + default 900 if OPENTHREAD_NRF_SECURITY_PSA default 2048 if NET_TEST default 16384 @@ -312,7 +296,7 @@ config MBEDTLS_SSL_IN_CONTENT_LEN prompt "Max length for TLS outgoing fragments" int range 0 16384 - default 900 if OPENTHREAD_NRF_SECURITY || OPENTHREAD_NRF_SECURITY_PSA + default 900 if OPENTHREAD_NRF_SECURITY_PSA default 2048 if NET_TEST default 16384 @@ -373,7 +357,7 @@ config MBEDTLS_HAS_CCM_CIPHERSUITE_REQUIREMENTS config MBEDTLS_HAS_CHACHAPOLY_CIPHERSUITE_REQUIREMENTS bool default y - depends on MBEDTLS_CHACHAPOLY_C || PSA_WANT_ALG_CHACHA20_POLY1305 + depends on PSA_WANT_ALG_CHACHA20_POLY1305 config MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS bool @@ -386,15 +370,13 @@ config MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS config MBEDTLS_HAS_ECDH_CIPHERSUITE_REQUIREMENTS bool default y - depends on (MBEDTLS_ECP_C && MBEDTLS_ECDH_C && MBEDTLS_SHA256_C) || \ - (PSA_WANT_ALG_ECDH && MBEDTLS_USE_PSA_CRYPTO) - + depends on PSA_WANT_ALG_ECDH config MBEDTLS_HAS_ECDSA_CIPHERSUITE_REQUIREMENTS bool default y depends on (MBEDTLS_ECP_C && MBEDTLS_ECDSA_C && MBEDTLS_SHA256_C) || \ - (PSA_WANT_ALG_ECDSA && PSA_WANT_ALG_SHA_256 && MBEDTLS_USE_PSA_CRYPTO) + (PSA_WANT_ALG_ECDSA && PSA_WANT_ALG_SHA_256) config MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS @@ -405,38 +387,19 @@ config MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS config MBEDTLS_HAS_ECJPAKE_CIPHERSUITE_REQUIREMENTS bool default y - depends on (MBEDTLS_ECP_C && MBEDTLS_ECJPAKE_C && MBEDTLS_SHA256_C ) || \ - (PSA_WANT_ALG_JPAKE && PSA_WANT_ALG_SHA_256 && MBEDTLS_USE_PSA_CRYPTO) + depends on PSA_WANT_ALG_JPAKE && PSA_WANT_ALG_SHA_256 config MBEDTLS_KEY_EXCHANGE_PSK_ENABLED bool "PSK" default y if OPENTHREAD_COAPS || !OPENTHREAD depends on MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS -config MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - bool "DHE PSK" - default y if !OPENTHREAD - depends on MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS && \ - MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS - config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED bool "ECDHE PSK" default y if !OPENTHREAD depends on MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS && \ MBEDTLS_HAS_ECDH_CIPHERSUITE_REQUIREMENTS -config MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - bool "RSA PSK" - default y if !OPENTHREAD - depends on MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS && \ - MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS - -config MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - bool "DHE RSA" - default y if !OPENTHREAD - depends on MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS && \ - MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS - config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED bool "ECDHE RSA" default y if !OPENTHREAD @@ -451,40 +414,11 @@ config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_HAS_ECDH_CIPHERSUITE_REQUIREMENTS && \ MBEDTLS_HAS_ECDSA_CIPHERSUITE_REQUIREMENTS -config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - bool "ECDH ECDSA" - default y if !OPENTHREAD - depends on MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS && \ - MBEDTLS_HAS_ECDH_CIPHERSUITE_REQUIREMENTS && \ - MBEDTLS_HAS_ECDSA_CIPHERSUITE_REQUIREMENTS - -config MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - bool "ECDH RSA" - default y if !OPENTHREAD - depends on MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS && \ - MBEDTLS_HAS_ECDH_CIPHERSUITE_REQUIREMENTS && \ - MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS - config MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED bool "ECJPAKE" default y depends on MBEDTLS_HAS_ECJPAKE_CIPHERSUITE_REQUIREMENTS -config MBEDTLS_CIPHERSUITE_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - select MBEDTLS_LEGACY_CRYPTO_C - select MBEDTLS_RSA_C - select MBEDTLS_PKCS1_V15 - -config MBEDTLS_CIPHERSUITE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - select MBEDTLS_LEGACY_CRYPTO_C - select MBEDTLS_RSA_C - select MBEDTLS_PKCS1_V15 - -config MBEDTLS_CIPHERSUITE_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - select MBEDTLS_LEGACY_CRYPTO_C - select MBEDTLS_RSA_C - select MBEDTLS_PKCS1_V15 - endmenu # TLS/DTLS cipher suites endif # MBEDTLS_TLS_LIBRARY diff --git a/subsys/nrf_security/cmake/config_to_tf-m.cmake b/subsys/nrf_security/cmake/config_to_tf-m.cmake index f7045ad744e1..3d4233e3a2ad 100644 --- a/subsys/nrf_security/cmake/config_to_tf-m.cmake +++ b/subsys/nrf_security/cmake/config_to_tf-m.cmake @@ -10,7 +10,7 @@ set_property(TARGET zephyr_property_target PROPERTY TFM_CMAKE_OPTIONS -DNRF_SECURITY_SETTINGS=\"ZEPHYR_DOTCONFIG=${DOTCONFIG} GCC_M_CPU=${GCC_M_CPU} - ARM_MBEDTLS_PATH=${ARM_MBEDTLS_PATH} + ZEPHYR_MBEDTLS_MODULE_DIR=${ZEPHYR_MBEDTLS_MODULE_DIR} ZEPHYR_AUTOCONF=${AUTOCONF_H}\" ) diff --git a/subsys/nrf_security/cmake/generate_configs.cmake b/subsys/nrf_security/cmake/generate_configs.cmake index a7dcc238db15..7cb03463b4dc 100644 --- a/subsys/nrf_security/cmake/generate_configs.cmake +++ b/subsys/nrf_security/cmake/generate_configs.cmake @@ -44,15 +44,12 @@ macro(generate_mbedcrypto_interface_configs) # Empty out previous versions of interface config-files file(REMOVE_RECURSE ${generated_include_path}) - # Generate MBEDCRYPTO_CONFIG_FILE - if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C) - include(${NRF_SECURITY_ROOT}/cmake/legacy_crypto_config.cmake) - else() - include(${NRF_SECURITY_ROOT}/cmake/nrf_config.cmake) + if(CONFIG_MBEDTLS) + include(${NRF_SECURITY_DIR}/cmake/nrf_config.cmake) endif() # Generate the PSA_CRYPTO_CONFIG_FILE (PSA_WANT_XXXX configurations) - include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_want_config.cmake) + include(${NRF_SECURITY_DIR}/cmake/psa_crypto_want_config.cmake) # Note: Interface doesn't need PSA_CRYPTO_USER_CONFIG_FILE @@ -85,7 +82,6 @@ macro(generate_mbedcrypto_library_configs) kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_C) kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) - kconfig_backup_current_config(CONFIG_MBEDTLS_USE_PSA_CRYPTO) kconfig_backup_current_config(CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT) kconfig_backup_current_config(CONFIG_MBEDTLS_THREADING_C) kconfig_backup_current_config(CONFIG_MBEDTLS_THREADING_ALT) @@ -109,8 +105,6 @@ macro(generate_mbedcrypto_library_configs) set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER True) # CONFIG_MBEDTLS_PSA_CRYPTO_SPM must be set for the library build in TF-M set(CONFIG_MBEDTLS_PSA_CRYPTO_SPM True) - # CONFIG_MBEDTLS_USE_PSA_CRYPTO must be unset for library build in TF-M - set(CONFIG_MBEDTLS_USE_PSA_CRYPTO False) # CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT must be set for the library build in TF-M set(CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT True) # Disable threading for the PSA interface used in TF-M build (NS and S image) @@ -128,24 +122,20 @@ macro(generate_mbedcrypto_library_configs) set(CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION False) endif() - # Generate MBEDCRYPTO_CONFIG_FILE - if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C) - include(${NRF_SECURITY_ROOT}/cmake/legacy_crypto_config.cmake) - else() - include(${NRF_SECURITY_ROOT}/cmake/nrf_config.cmake) + if(CONFIG_MBEDTLS) + include(${NRF_SECURITY_DIR}/cmake/nrf_config.cmake) endif() # Generate the PSA_CRYPTO_CONFIG_FILE (PSA_WANT_XXXX configurations) - include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_want_config.cmake) + include(${NRF_SECURITY_DIR}/cmake/psa_crypto_want_config.cmake) # Generate the PSA_CRYPTO_USER_CONFIG_FILE (PSA_NEED configurations) - include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_config.cmake) + include(${NRF_SECURITY_DIR}/cmake/psa_crypto_config.cmake) # Restore the backup configurations kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_C) kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) - kconfig_restore_backup_config(CONFIG_MBEDTLS_USE_PSA_CRYPTO) kconfig_restore_backup_config(CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT) kconfig_restore_backup_config(CONFIG_MBEDTLS_THREADING_C) kconfig_restore_backup_config(CONFIG_MBEDTLS_THREADING_ALT) diff --git a/subsys/nrf_security/cmake/legacy_crypto_config.cmake b/subsys/nrf_security/cmake/legacy_crypto_config.cmake deleted file mode 100644 index 9514d8e91abb..000000000000 --- a/subsys/nrf_security/cmake/legacy_crypto_config.cmake +++ /dev/null @@ -1,275 +0,0 @@ -# -# Copyright (c) 2021 Nordic Semiconductor -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -# Convert all standard Kconfig variables for mbed TLS (strip CONFIG_) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_MEMORY) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_C) -kconfig_check_and_set_base(MBEDTLS_MEMORY_C) -kconfig_check_and_set_base(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -kconfig_check_and_set_base(MBEDTLS_CIPHER_C) -kconfig_check_and_set_base(MBEDTLS_NO_PLATFORM_ENTROPY) -kconfig_check_and_set_base(MBEDTLS_ENTROPY_C) -kconfig_check_and_set_base(MBEDTLS_CTR_DRBG_C) -kconfig_check_and_set_base(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) -kconfig_check_and_set_base(MBEDTLS_HMAC_DRBG_C) -kconfig_check_and_set_base(MBEDTLS_ENTROPY_FORCE_SHA256) -kconfig_check_and_set_base(MBEDTLS_AES_C) -kconfig_check_and_set_base(MBEDTLS_AES_ALT) -kconfig_check_and_set_base(MBEDTLS_AES_SETKEY_ENC_ALT) -kconfig_check_and_set_base(MBEDTLS_AES_SETKEY_DEC_ALT) -kconfig_check_and_set_base(MBEDTLS_AES_ENCRYPT_ALT) -kconfig_check_and_set_base(MBEDTLS_AES_DECRYPT_ALT) -kconfig_check_and_set_base(MBEDTLS_CIPHER_MODE_CBC) -kconfig_check_and_set_base(MBEDTLS_CIPHER_PADDING_PKCS7) -kconfig_check_and_set_base(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) -kconfig_check_and_set_base(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) -kconfig_check_and_set_base(MBEDTLS_CIPHER_PADDING_ZEROS) - -kconfig_check_and_set_base(MBEDTLS_AES_FEWER_TABLES) -kconfig_check_and_set_base(MBEDTLS_AES_ROM_TABLES) -kconfig_check_and_set_base(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) - -kconfig_check_and_set_base(MBEDTLS_CIPHER_MODE_CTR) -kconfig_check_and_set_base(MBEDTLS_CIPHER_MODE_XTS) -kconfig_check_and_set_base(MBEDTLS_CMAC_C) -kconfig_check_and_set_base(MBEDTLS_CMAC_ALT) -kconfig_check_and_set_base(MBEDTLS_CCM_C) -kconfig_check_and_set_base(MBEDTLS_CCM_ALT) -kconfig_check_and_set_base(MBEDTLS_GCM_C) -kconfig_check_and_set_base(MBEDTLS_GCM_ALT) -kconfig_check_and_set_base(MBEDTLS_CHACHA20_ALT) -kconfig_check_and_set_base(MBEDTLS_CHACHA20_C) -kconfig_check_and_set_base(MBEDTLS_POLY1305_ALT) -kconfig_check_and_set_base(MBEDTLS_POLY1305_C) -kconfig_check_and_set_base(MBEDTLS_CHACHAPOLY_C) -kconfig_check_and_set_base(MBEDTLS_CHACHAPOLY_ALT) -kconfig_check_and_set_base(MBEDTLS_DHM_C) -kconfig_check_and_set_base(MBEDTLS_DHM_ALT) -kconfig_check_and_set_base(MBEDTLS_ECP_C) -kconfig_check_and_set_base(MBEDTLS_ECP_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDH_C) -kconfig_check_and_set_base(MBEDTLS_ECDH_GEN_PUBLIC_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDSA_C) -kconfig_check_and_set_base(MBEDTLS_ECDSA_DETERMINISTIC) -kconfig_check_and_set_base(MBEDTLS_ECDSA_GENKEY_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDSA_SIGN_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDSA_VERIFY_ALT) -kconfig_check_and_set_base(MBEDTLS_ECJPAKE_C) -kconfig_check_and_set_base(MBEDTLS_ECJPAKE_ALT) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_SECP224K1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_SECP256K1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_BP256R1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_BP384R1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_BP512R1_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -kconfig_check_and_set_base(MBEDTLS_ECP_DP_CURVE448_ENABLED) -kconfig_check_and_set_base(MBEDTLS_RSA_C) -kconfig_check_and_set_base(MBEDTLS_RSA_ALT) -kconfig_check_and_set_base(MBEDTLS_GENPRIME) -kconfig_check_and_set_base(MBEDTLS_PKCS1_V15) -kconfig_check_and_set_base(MBEDTLS_PKCS1_V21) -kconfig_check_and_set_base(MBEDTLS_MD5_C) -kconfig_check_and_set_base(MBEDTLS_SHA1_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA1_C) -kconfig_check_and_set_base(MBEDTLS_SHA224_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA224_C) -kconfig_check_and_set_base(MBEDTLS_SHA256_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA256_C) -kconfig_check_and_set_base(MBEDTLS_SHA384_C) -kconfig_check_and_set_base(MBEDTLS_SHA384_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA512_C) -kconfig_check_and_set_base(MBEDTLS_SHA512_ALT) -kconfig_check_and_set_base(MBEDTLS_HKDF_C) -kconfig_check_and_set_base(MBEDTLS_MD_C) -kconfig_check_and_set_base(MBEDTLS_PK_C) -kconfig_check_and_set_base(MBEDTLS_PKCS5_C) -kconfig_check_and_set_base(MBEDTLS_PK_PARSE_C) -kconfig_check_and_set_base(MBEDTLS_PK_PARSE_EC_EXTENDED) -kconfig_check_and_set_base(MBEDTLS_PK_WRITE_C) -kconfig_check_and_set_base(MBEDTLS_DEBUG_C) -kconfig_check_and_set_base(MBEDTLS_MEMORY_DEBUG) - -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_SPM) - -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_CLIENT) -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_C) -kconfig_check_and_set_base(MBEDTLS_USE_PSA_CRYPTO) -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - -kconfig_check_and_set_base_int(MBEDTLS_PSA_KEY_SLOT_COUNT) -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_STATIC_KEY_SLOTS) - -kconfig_check_and_set_base(MBEDTLS_PLATFORM_EXIT_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_FPRINTF_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_PRINTF_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_SNPRINTF_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) -kconfig_check_and_set_base(MBEDTLS_ENTROPY_HARDWARE_ALT) -kconfig_check_and_set_base(MBEDTLS_THREADING_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_ZEROIZE_ALT) - -kconfig_check_and_set_base(MBEDTLS_X509_USE_C) -kconfig_check_and_set_base(MBEDTLS_X509_CHECK_KEY_USAGE) -kconfig_check_and_set_base(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) -kconfig_check_and_set_base(MBEDTLS_X509_CREATE_C) -kconfig_check_and_set_base(MBEDTLS_X509_CRL_PARSE_C) -kconfig_check_and_set_base(MBEDTLS_X509_CRT_PARSE_C) -kconfig_check_and_set_base(MBEDTLS_X509_CSR_PARSE_C) -kconfig_check_and_set_base(MBEDTLS_X509_CSR_WRITE_C) -kconfig_check_and_set_base(MBEDTLS_X509_CRT_WRITE_C) -kconfig_check_and_set_base(MBEDTLS_X509_REMOVE_INFO) -kconfig_check_and_set_base(MBEDTLS_PKCS7_C) - -kconfig_check_and_set_base(MBEDTLS_SSL_CLI_C) -kconfig_check_and_set_base(MBEDTLS_SSL_SRV_C) -kconfig_check_and_set_base(MBEDTLS_SSL_TLS_C) -kconfig_check_and_set_base(MBEDTLS_SSL_PROTO_TLS1_2) -kconfig_check_and_set_base(MBEDTLS_SSL_PROTO_TLS1_3) -kconfig_check_and_set_base(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE) -kconfig_check_and_set_base(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) -kconfig_check_and_set_base(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) -kconfig_check_and_set_base(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) -kconfig_check_and_set_base(MBEDTLS_SSL_KEYING_MATERIAL_EXPORT) -kconfig_check_and_set_base(MBEDTLS_SSL_COOKIE_C) -kconfig_check_and_set_base(MBEDTLS_SSL_PROTO_DTLS) -kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_HELLO_VERIFY) -kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_SRTP) -kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) -kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_CONNECTION_ID) -kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - -kconfig_check_and_set_base(MBEDTLS_SSL_ALL_ALERT_MESSAGES) -kconfig_check_and_set_base(MBEDTLS_SSL_CONTEXT_SERIALIZATION) -kconfig_check_and_set_base(MBEDTLS_SSL_DEBUG_ALL) -kconfig_check_and_set_base(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) -kconfig_check_and_set_base(MBEDTLS_SSL_RENEGOTIATION) -kconfig_check_and_set_base(MBEDTLS_SSL_SESSION_TICKETS) -kconfig_check_and_set_base(MBEDTLS_SSL_SERVER_NAME_INDICATION) -kconfig_check_and_set_base(MBEDTLS_SSL_CACHE_C) -kconfig_check_and_set_base(MBEDTLS_SSL_TICKET_C) -kconfig_check_and_set_base(MBEDTLS_SSL_EXPORT_KEYS) -kconfig_check_and_set_base(MBEDTLS_SSL_CIPHERSUITES) -kconfig_check_and_set_base(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - -# Set integer values from Kconfig -kconfig_check_and_set_base_int(MBEDTLS_SSL_OUT_CONTENT_LEN) -kconfig_check_and_set_base_int(MBEDTLS_SSL_IN_CONTENT_LEN) -kconfig_check_and_set_base_int(MBEDTLS_ENTROPY_MAX_SOURCES) -kconfig_check_and_set_base_int(MBEDTLS_MPI_WINDOW_SIZE) -kconfig_check_and_set_base_int(MBEDTLS_MPI_MAX_SIZE) - -# Set all enabled TLS/DTLS key exchange methods -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) -kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -kconfig_check_and_set_base(MBEDTLS_PK_PARSE_EC_EXTENDED) - -# Threading configurations for CryptoCell and locally built PSA core -kconfig_check_and_set_base(MBEDTLS_THREADING_C) -kconfig_check_and_set_base(MBEDTLS_THREADING_ALT) - -# Convert defines required even in PSA mode -kconfig_check_and_set_base_depends(MBEDTLS_SHA1_C - PSA_WANT_ALG_SHA_1 -) - -kconfig_check_and_set_base_depends(MBEDTLS_SHA256_C - PSA_WANT_ALG_SHA_256 -) - -kconfig_check_and_set_base_depends(MBEDTLS_SHA512_C - PSA_WANT_ALG_SHA_512 -) - -kconfig_check_and_set_base_depends(MBEDTLS_ECP_C - PSA_WANT_ALG_ECDH -) - -kconfig_check_and_set_base_depends(MBEDTLS_ECDH_C - PSA_WANT_ALG_ECDH -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECDSA_C - PSA_WANT_ALG_ECDSA -) - -kconfig_check_and_set_base_depends(MBEDTLS_ECP_C - PSA_WANT_ALG_ECDSA -) - -kconfig_check_and_set_base_depends(MBEDTLS_ECDSA_DETERMINISTIC - PSA_WANT_ALG_DETERMINISTIC_ECDSA - PSA_WANT_ALG_HMAC_DRBG -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_SECP224R1_ENABLED - PSA_WANT_ECC_SECP_R1_224 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_SECP256R1_ENABLED - PSA_WANT_ECC_SECP_R1_256 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_SECP384R1_ENABLED - PSA_WANT_ECC_SECP_R1_384 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_SECP521R1_ENABLED - PSA_WANT_ECC_SECP_R1_521 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_SECP224K1_ENABLED - PSA_WANT_ECC_SECP_K1_224 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_SECP256K1_ENABLED - PSA_WANT_ECC_SECP_K1_256 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_BP256R1_ENABLED - PSA_WANT_ECC_BRAINPOOL_P_R1_256 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_BP384R1_ENABLED - PSA_WANT_ECC_BRAINPOOL_P_R1_384 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_BP512R1_ENABLED - PSA_WANT_ECC_BRAINPOOL_P_R1_512 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_CURVE25519_ENABLED - PSA_WANT_ECC_MONTGOMERY_255 -) - -Kconfig_check_and_set_base_depends(MBEDTLS_ECP_DP_CURVE448_ENABLED - PSA_WANT_ECC_MONTGOMERY_448 -) - -# Ensure that MBEDTLS_SHA224_C is set if MBEDTLS_SHA256_C -# to prevent build errors. -kconfig_check_and_set_base_depends(MBEDTLS_SHA224_C - MBEDTLS_SHA256_C -) - -configure_file(${NRF_SECURITY_ROOT}/configs/legacy_crypto_config.h.template - ${generated_include_path}/${CONFIG_MBEDTLS_CONFIG_FILE} -) diff --git a/subsys/nrf_security/cmake/nrf_config.cmake b/subsys/nrf_security/cmake/nrf_config.cmake index 9af10a796242..32678f831847 100644 --- a/subsys/nrf_security/cmake/nrf_config.cmake +++ b/subsys/nrf_security/cmake/nrf_config.cmake @@ -6,94 +6,14 @@ # Convert all platform and TLS/DTLS and X.509 Kconfig variables for Mbed TLS # (strip CONFIG_) -# TF-M -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_SPM) - -# PSA core configurations -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_CLIENT) -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_C) -kconfig_check_and_set_base(MBEDTLS_USE_PSA_CRYPTO) -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - # Platform -kconfig_check_and_set_base(MBEDTLS_PLATFORM_C) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_MEMORY) -kconfig_check_and_set_base(MBEDTLS_NO_PLATFORM_ENTROPY) -kconfig_check_and_set_base(MBEDTLS_MEMORY_BUFFER_ALLOC_C) kconfig_check_and_set_base(MBEDTLS_DEBUG_C) -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - -# Threading configurations for CryptoCell and locally built PSA core -kconfig_check_and_set_base(MBEDTLS_THREADING_C) -kconfig_check_and_set_base(MBEDTLS_THREADING_ALT) - -# Platform configurations for _ALT defines -kconfig_check_and_set_base(MBEDTLS_PLATFORM_EXIT_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_FPRINTF_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_PRINTF_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_SNPRINTF_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) -kconfig_check_and_set_base(MBEDTLS_ENTROPY_HARDWARE_ALT) -kconfig_check_and_set_base(MBEDTLS_THREADING_ALT) -kconfig_check_and_set_base(MBEDTLS_PLATFORM_ZEROIZE_ALT) - -# Legacy configurations for _ALT defines -kconfig_check_and_set_base(MBEDTLS_AES_SETKEY_ENC_ALT) -kconfig_check_and_set_base(MBEDTLS_AES_SETKEY_DEC_ALT) -kconfig_check_and_set_base(MBEDTLS_AES_ENCRYPT_ALT) -kconfig_check_and_set_base(MBEDTLS_AES_DECRYPT_ALT) -kconfig_check_and_set_base(MBEDTLS_AES_ALT) -kconfig_check_and_set_base(MBEDTLS_CMAC_ALT) -kconfig_check_and_set_base(MBEDTLS_CCM_ALT) -kconfig_check_and_set_base(MBEDTLS_GCM_ALT) -kconfig_check_and_set_base(MBEDTLS_CHACHA20_ALT) -kconfig_check_and_set_base(MBEDTLS_POLY1305_ALT) -kconfig_check_and_set_base(MBEDTLS_CHACHAPOLY_ALT) -kconfig_check_and_set_base(MBEDTLS_DHM_ALT) -kconfig_check_and_set_base(MBEDTLS_ECP_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDH_GEN_PUBLIC_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDSA_GENKEY_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDSA_SIGN_ALT) -kconfig_check_and_set_base(MBEDTLS_ECDSA_VERIFY_ALT) -kconfig_check_and_set_base(MBEDTLS_ECJPAKE_ALT) -kconfig_check_and_set_base(MBEDTLS_RSA_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA1_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA224_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA256_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA384_ALT) -kconfig_check_and_set_base(MBEDTLS_SHA512_ALT) - -# Legacy configurations for RNG -kconfig_check_and_set_base(MBEDTLS_ENTROPY_FORCE_SHA256) -kconfig_check_and_set_base(MBEDTLS_NO_PLATFORM_ENTROPY) -kconfig_check_and_set_base_int(MBEDTLS_ENTROPY_MAX_SOURCES) - -# Nordic defines for library support. -kconfig_check_and_set_base(MBEDTLS_LEGACY_CRYPTO_C) -kconfig_check_and_set_base(MBEDTLS_TLS_LIBRARY) -kconfig_check_and_set_base(MBEDTLS_X509_LIBRARY) - -# Still required for some things in psa_util? -kconfig_check_and_set_base(MBEDTLS_MD_C) # Guard against setting legacy configurations in TF-M image if(NOT MBEDTLS_PSA_CRYPTO_SPM) - # Platform configuration - kconfig_check_and_set_base(MBEDTLS_ASN1_PARSE_C) - kconfig_check_and_set_base(MBEDTLS_ASN1_WRITE_C) - kconfig_check_and_set_base(MBEDTLS_BASE64_C) - kconfig_check_and_set_base(MBEDTLS_OID_C) # PKI configurations kconfig_check_and_set_base(MBEDTLS_CIPHER_C) - kconfig_check_and_set_base(MBEDTLS_PK_C) - kconfig_check_and_set_base(MBEDTLS_PKCS5_C) - kconfig_check_and_set_base(MBEDTLS_PK_PARSE_C) - kconfig_check_and_set_base(MBEDTLS_PK_WRITE_C) - kconfig_check_and_set_base(MBEDTLS_PEM_PARSE_C) - kconfig_check_and_set_base(MBEDTLS_PEM_WRITE_C) # TLS/DTLS configurations kconfig_check_and_set_base(MBEDTLS_SSL_ALL_ALERT_MESSAGES) @@ -135,9 +55,6 @@ if(NOT MBEDTLS_PSA_CRYPTO_SPM) kconfig_check_and_set_base(MBEDTLS_SSL_CIPHERSUITES) kconfig_check_and_set_base(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - kconfig_check_and_set_base_int(MBEDTLS_MPI_WINDOW_SIZE) - kconfig_check_and_set_base_int(MBEDTLS_MPI_MAX_SIZE) - # x509 configurations kconfig_check_and_set_base(MBEDTLS_X509_RSASSA_PSS_SUPPORT) kconfig_check_and_set_base(MBEDTLS_X509_USE_C) @@ -149,25 +66,15 @@ if(NOT MBEDTLS_PSA_CRYPTO_SPM) kconfig_check_and_set_base(MBEDTLS_X509_CSR_WRITE_C) kconfig_check_and_set_base(MBEDTLS_PKCS7_C) - # KRKNWK-20181 - kconfig_check_and_set_base(MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME) - # TLS key exchange kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) endif() -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_CONFIG) - # Generate the Mbed TLS config file (default nrf-config.h) -configure_file(${NRF_SECURITY_ROOT}/configs/nrf-config.h.template +configure_file(${NRF_SECURITY_DIR}/configs/nrf-config.h.template ${generated_include_path}/${CONFIG_MBEDTLS_CONFIG_FILE} ) diff --git a/subsys/nrf_security/cmake/psa_crypto_config.cmake b/subsys/nrf_security/cmake/psa_crypto_config.cmake index baaa852a5f08..23559e8cb5e0 100644 --- a/subsys/nrf_security/cmake/psa_crypto_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_config.cmake @@ -5,8 +5,27 @@ # # Convert all standard Kconfig variables for mbed TLS (strip CONFIG_) -# PSA Core implementation -kconfig_check_and_set_base_to_one(PSA_CORE_OBERON) +# PSA core +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_DRIVERS) +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_STORAGE_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_STATIC_KEY_SLOTS) +kconfig_check_and_set_base_int(MBEDTLS_PSA_KEY_SLOT_COUNT) + +# Platform _ALT +kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_EXIT_ALT) +kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_FPRINTF_ALT) +kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_PRINTF_ALT) +kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) +kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_SNPRINTF_ALT) + +# TF-M +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_SPM) + +# RSA +kconfig_check_and_set_base_int(PSA_MAX_RSA_KEY_BITS) # Convert CRACEN driver configuration kconfig_check_and_set_base_to_one(PSA_CRYPTO_DRIVER_CRACEN) @@ -499,7 +518,6 @@ kconfig_check_and_set_base_to_one(PSA_NEED_OBERON_ASCON_XOF128) kconfig_check_and_set_base_to_one(PSA_NEED_OBERON_ASCON_CXOF128) kconfig_check_and_set_base_to_one(PSA_NEED_OBERON_XOF_DRIVER) - # Convert NRF_RNG driver configuration kconfig_check_and_set_base_to_one(PSA_NEED_NRF_RNG_ENTROPY_DRIVER) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_TRNG_DRIVER) @@ -513,13 +531,7 @@ kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_IKG_INTERRUPT_WORKAROUND) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_RNG_NO_ENTROPY_WORKAROUND) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_ECC_KEY_GEN_PKE) -# PSA and Drivers -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_STORAGE_C) -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_DRIVERS) -kconfig_check_and_set_base_int(MBEDTLS_PSA_KEY_SLOT_COUNT) -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_STATIC_KEY_SLOTS) - # Generate the PSA config file (default nrf-psa-crypto-config.h) -configure_file(${NRF_SECURITY_ROOT}/configs/psa_crypto_config.h.template - ${generated_include_path}/${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE} +configure_file(${NRF_SECURITY_DIR}/configs/psa_crypto_config.h.template + ${generated_include_path}/${CONFIG_TF_PSA_CRYPTO_USER_CONFIG_FILE} ) diff --git a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake index e136186917ed..682e8d652c0a 100644 --- a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake @@ -3,7 +3,32 @@ # # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# Convert all PSA_WANT_XXXX Kconfig variables for Mbed TLS (strip CONFIG_) + +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_CLIENT) + +kconfig_check_and_set_base_to_one(MBEDTLS_ASN1_PARSE_C) +kconfig_check_and_set_base_to_one(MBEDTLS_ASN1_WRITE_C) +kconfig_check_and_set_base_to_one(MBEDTLS_BASE64_C) +kconfig_check_and_set_base_to_one(MBEDTLS_MD_C) +kconfig_check_and_set_base_to_one(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +kconfig_check_and_set_base_int(MBEDTLS_MPI_MAX_SIZE) +kconfig_check_and_set_base_int(MBEDTLS_MPI_WINDOW_SIZE) +kconfig_check_and_set_base_to_one(MBEDTLS_PEM_PARSE_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PEM_WRITE_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_MEMORY) +kconfig_check_and_set_base_to_one(MBEDTLS_PK_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PK_PARSE_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PK_WRITE_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PKCS5_C) +kconfig_check_and_set_base_to_one(MBEDTLS_THREADING_ALT) +kconfig_check_and_set_base_to_one(MBEDTLS_THREADING_C) + +kconfig_check_and_set_base_to_one(MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS) +kconfig_check_and_set_base_to_one(MBEDTLS_BIGNUM_C) +kconfig_check_and_set_base_to_one(MBEDTLS_ECP_C) +kconfig_check_and_set_base_to_one(MBEDTLS_SHA256_SMALLER) kconfig_check_and_set_base_to_one(PSA_WANT_AES_KEY_SIZE_128) kconfig_check_and_set_base_to_one(PSA_WANT_AES_KEY_SIZE_192) @@ -37,9 +62,7 @@ kconfig_check_and_set_base_to_one(PSA_WANT_ALG_PURE_EDDSA) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_OAEP) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_PSS) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_PSS_ANY_SALT) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA3_224) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA3_256) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA3_384) @@ -133,9 +156,7 @@ kconfig_check_and_set_base_to_one(PSA_WANT_ALG_HASH_ML_DSA) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_AES_KW) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_AES_KWP) -kconfig_check_and_set_base_int(PSA_MAX_RSA_KEY_BITS) - # Create the Mbed TLS PSA crypto config file (Contains all the PSA_WANT definitions) -configure_file(${NRF_SECURITY_ROOT}/configs/psa_crypto_want_config.h.template - ${generated_include_path}/${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE} +configure_file(${NRF_SECURITY_DIR}/configs/psa_crypto_want_config.h.template + ${generated_include_path}/${CONFIG_TF_PSA_CRYPTO_CONFIG_FILE} ) diff --git a/subsys/nrf_security/cmake/psa_interface_include_directories.cmake b/subsys/nrf_security/cmake/psa_interface_include_directories.cmake new file mode 100644 index 000000000000..1a9dd61d36d1 --- /dev/null +++ b/subsys/nrf_security/cmake/psa_interface_include_directories.cmake @@ -0,0 +1,14 @@ +# +# Copyright (c) 2026 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +target_include_directories(psa_interface + INTERFACE + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/core + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/dispatch + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/platform + ${NRF_SECURITY_DIR}/include +) diff --git a/subsys/nrf_security/configs/config_extra.cmake.in b/subsys/nrf_security/configs/config_extra.cmake.in index ccd855195b96..a4643bd16b9a 100644 --- a/subsys/nrf_security/configs/config_extra.cmake.in +++ b/subsys/nrf_security/configs/config_extra.cmake.in @@ -11,17 +11,17 @@ set(PSA_CRYPTO_EXTERNAL_CORE ON CACHE BOOL "Enable buil # This file is populated with paths needed building nrf_security with and without TF-M # It is added to circumvent issues with install-targets inside TF-M and to unify the # CMake code with Zephyr builds -set(NRFXLIB_DIR ${ZEPHYR_NRFXLIB_MODULE_DIR} CACHE STRING "nrfxlib folder") -set(NRF_SECURITY_ROOT ${NRF_DIR}/subsys/nrf_security CACHE STRING "nrf_security root folder") -set(OBERON_PSA_CORE_PATH ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR} CACHE STRING "oberon-psa-core folder") -set(ARM_MBEDTLS_PATH ${ZEPHYR_MBEDTLS_MODULE_DIR} CACHE STRING "Mbed TLS folder") -set(NRF_DIR ${NRF_DIR} CACHE STRING "NRF folder") -set(TFM_BOARDS_NRF_DIR ${NRF_DIR}/modules/trusted-firmware-m/tfm_boards CACHE STRING "tfm_boards folder") +set(NRF_DIR ${NRF_DIR} CACHE STRING "nrf folder") +set(NRF_SECURITY_DIR ${NRF_DIR}/subsys/nrf_security CACHE STRING "nrf_security folder") +set(TFM_BOARDS_NRF_DIR ${NRF_DIR}/modules/trusted-firmware-m/tfm_boards CACHE STRING "tfm_boards folder") +set(ZEPHYR_NRFXLIB_MODULE_DIR ${ZEPHYR_NRFXLIB_MODULE_DIR} CACHE STRING "nrfxlib folder") +set(ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR} CACHE STRING "oberon-psa-crypto folder") +set(ZEPHYR_MBEDTLS_MODULE_DIR ${ZEPHYR_MBEDTLS_MODULE_DIR} CACHE STRING "mbedtls folder") # This file is populated with the Mbed TLS config file names -set(MBEDTLS_CONFIG_FILE ${CONFIG_MBEDTLS_CONFIG_FILE} CACHE STRING "Mbed TLS Config file") -set(MBEDTLS_PSA_CRYPTO_CONFIG_FILE ${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE} CACHE STRING "PSA Crypto config file (PSA_WANT)") -set(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE ${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE} CACHE STRING "PSA Crypto config file (PSA_NEED)") +set(CONFIG_MBEDTLS_CONFIG_FILE ${CONFIG_MBEDTLS_CONFIG_FILE} CACHE STRING "Mbed TLS config file") +set(CONFIG_TF_PSA_CRYPTO_CONFIG_FILE ${CONFIG_TF_PSA_CRYPTO_CONFIG_FILE} CACHE STRING "TF-PSA-Crypto config file (PSA_WANT)") +set(CONFIG_TF_PSA_CRYPTO_USER_CONFIG_FILE ${CONFIG_TF_PSA_CRYPTO_USER_CONFIG_FILE} CACHE STRING "TF-PSA-Crypto user config file (PSA_NEED)") # This file is populated with the generated include-folders for PSA interface (for main app, ns-services) as # well as the include-folder for library build of the crypto toolbo with or without TF-M diff --git a/subsys/nrf_security/configs/legacy_crypto_config.h.template b/subsys/nrf_security/configs/legacy_crypto_config.h.template deleted file mode 100644 index cb0fd5d3a841..000000000000 --- a/subsys/nrf_security/configs/legacy_crypto_config.h.template +++ /dev/null @@ -1,4363 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - * - */ - -#ifndef LEGACY_CRYPTO_CONFIG_H -#define LEGACY_CRYPTO_CONFIG_H - -/** - * \file mbedtls_config.h - * - * \brief Configuration options (set of defines) - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - */ - -/** - * This is an optional version symbol that enables compatibility handling of - * config files. - * - * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that - * introduced the config format we want to be compatible with. - */ -//#define MBEDTLS_CONFIG_VERSION 0x03000000 - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def MBEDTLS_HAVE_ASM - * - * The compiler has support for asm(). - * - * Requires support for asm() in compiler. - * - * Used in: - * library/aesni.h - * library/aria.c - * library/bn_mul.h - * library/constant_time.c - * library/padlock.h - * - * Required by: - * MBEDTLS_AESCE_C - * MBEDTLS_AESNI_C (on some platforms) - * MBEDTLS_PADLOCK_C - * - * Comment to disable the use of assembly code. - */ -#define MBEDTLS_HAVE_ASM - -/** - * \def MBEDTLS_NO_UDBL_DIVISION - * - * The platform lacks support for double-width integer division (64-bit - * division on a 32-bit platform, 128-bit division on a 64-bit platform). - * - * Used in: - * include/mbedtls/bignum.h - * library/bignum.c - * - * The bignum code uses double-width division to speed up some operations. - * Double-width division is often implemented in software that needs to - * be linked with the program. The presence of a double-width integer - * type is usually detected automatically through preprocessor macros, - * but the automatic detection cannot know whether the code needs to - * and can be linked with an implementation of division for that type. - * By default division is assumed to be usable if the type is present. - * Uncomment this option to prevent the use of double-width division. - * - * Note that division for the native integer type is always required. - * Furthermore, a 64-bit type is always required even on a 32-bit - * platform, but it need not support multiplication or division. In some - * cases it is also desirable to disable some double-width operations. For - * example, if double-width division is implemented in software, disabling - * it can reduce code size in some embedded targets. - */ -//#define MBEDTLS_NO_UDBL_DIVISION - -/** - * \def MBEDTLS_NO_64BIT_MULTIPLICATION - * - * The platform lacks support for 32x32 -> 64-bit multiplication. - * - * Used in: - * library/poly1305.c - * - * Some parts of the library may use multiplication of two unsigned 32-bit - * operands with a 64-bit result in order to speed up computations. On some - * platforms, this is not available in hardware and has to be implemented in - * software, usually in a library provided by the toolchain. - * - * Sometimes it is not desirable to have to link to that library. This option - * removes the dependency of that library on platforms that lack a hardware - * 64-bit multiplier by embedding a software implementation in Mbed TLS. - * - * Note that depending on the compiler, this may decrease performance compared - * to using the library function provided by the toolchain. - */ -//#define MBEDTLS_NO_64BIT_MULTIPLICATION - -/** - * \def MBEDTLS_HAVE_SSE2 - * - * CPU supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - */ -//#define MBEDTLS_HAVE_SSE2 - -/** - * \def MBEDTLS_HAVE_TIME - * - * System has time.h and time(). - * The time does not need to be correct, only time differences are used, - * by contrast with MBEDTLS_HAVE_TIME_DATE - * - * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, - * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and - * MBEDTLS_PLATFORM_STD_TIME. - * - * Comment if your system does not support time functions. - * - * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing - * interface - timing.c will include time.h on suitable platforms - * regardless of the setting of MBEDTLS_HAVE_TIME, unless - * MBEDTLS_TIMING_ALT is used. See timing.c for more information. - */ -//#define MBEDTLS_HAVE_TIME - -/** - * \def MBEDTLS_HAVE_TIME_DATE - * - * System has time.h, time(), and an implementation for - * mbedtls_platform_gmtime_r() (see below). - * The time needs to be correct (not necessarily very accurate, but at least - * the date should be correct). This is used to verify the validity period of - * X.509 certificates. - * - * Comment if your system does not have a correct clock. - * - * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that - * behaves similarly to the gmtime_r() function from the C standard. Refer to - * the documentation for mbedtls_platform_gmtime_r() for more information. - * - * \note It is possible to configure an implementation for - * mbedtls_platform_gmtime_r() at compile-time by using the macro - * MBEDTLS_PLATFORM_GMTIME_R_ALT. - */ -//#define MBEDTLS_HAVE_TIME_DATE - -/** - * \def MBEDTLS_PLATFORM_MEMORY - * - * Enable the memory allocation layer. - * - * By default Mbed TLS uses the system-provided calloc() and free(). - * This allows different allocators (self-implemented or provided) to be - * provided to the platform abstraction layer. - * - * Enabling #MBEDTLS_PLATFORM_MEMORY without the - * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide - * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and - * free() function pointer at runtime. - * - * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying - * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the - * alternate function at compile time. - * - * An overview of how the value of mbedtls_calloc is determined: - * - * - if !MBEDTLS_PLATFORM_MEMORY - * - mbedtls_calloc = calloc - * - if MBEDTLS_PLATFORM_MEMORY - * - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): - * - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO - * - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): - * - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. - * - How is MBEDTLS_PLATFORM_STD_CALLOC handled? - * - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: - * - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; - * - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; - * - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: - * - if MBEDTLS_PLATFORM_STD_CALLOC is present: - * - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; - * - if !MBEDTLS_PLATFORM_STD_CALLOC: - * - MBEDTLS_PLATFORM_STD_CALLOC = calloc - * - * - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. - * - if !MBEDTLS_PLATFORM_STD_CALLOC - * - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc - * - * - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. - * - * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. - * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. - * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, - * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. - * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. - * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Enable this layer to allow use of alternative memory allocators. - */ -#define MBEDTLS_PLATFORM_MEMORY - -/** - * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - * - * Do not assign standard functions in the platform layer (e.g. calloc() to - * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) - * - * This makes sure there are no linking errors on platforms that do not support - * these functions. You will HAVE to provide alternatives, either at runtime - * via the platform_set_xxx() functions or at compile time by setting - * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a - * MBEDTLS_PLATFORM_XXX_MACRO. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Uncomment to prevent default assignment of standard functions in the - * platform layer. - */ -#cmakedefine MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - -/** - * \def MBEDTLS_PLATFORM_EXIT_ALT - * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the - * function in the platform abstraction layer. - * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will - * provide a function "mbedtls_platform_set_printf()" that allows you to set an - * alternative printf function pointer. - * - * All these define require MBEDTLS_PLATFORM_C to be defined! - * - * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; - * it will be enabled automatically by check_config.h - * - * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as - * MBEDTLS_PLATFORM_XXX_MACRO! - * - * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME - * - * Uncomment a macro to enable alternate implementation of specific base - * platform function - */ -//#define MBEDTLS_PLATFORM_SETBUF_ALT -#cmakedefine MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_TIME_ALT -#cmakedefine MBEDTLS_PLATFORM_FPRINTF_ALT -#cmakedefine MBEDTLS_PLATFORM_PRINTF_ALT -#cmakedefine MBEDTLS_PLATFORM_SNPRINTF_ALT -//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT -//#define MBEDTLS_PLATFORM_NV_SEED_ALT -#cmakedefine MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT -//#define MBEDTLS_PLATFORM_MS_TIME_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces - * the default implementation in platform_util.c. - * - * By default, the library uses a system function such as memset_s() - * (optional feature of C11), explicit_bzero() (BSD and compatible), or - * SecureZeroMemory (Windows). If no such function is detected, the library - * falls back to a plain C implementation. Compilers are technically - * permitted to optimize this implementation out, meaning that the memory is - * not actually wiped. The library tries to prevent that, but the C language - * makes it impossible to guarantee that the memory will always be wiped. - * - * If your platform provides a guaranteed method to wipe memory which - * `platform_util.c` does not detect, define this macro to the name of - * a function that takes two arguments, a `void *` pointer and a length, - * and wipes that many bytes starting at the specified address. For example, - * if your platform has explicit_bzero() but `platform_util.c` does not - * detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be - * `explicit_bzero` to use that function as mbedtls_platform_zeroize(). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * \def MBEDTLS_DEPRECATED_WARNING - * - * Mark deprecated functions and features so that they generate a warning if - * used. Functionality deprecated in one version will usually be removed in the - * next version. You can enable this to help you prepare the transition to a - * new major version by making sure your code is not using this functionality. - * - * This only works with GCC and Clang. With other compilers, you may want to - * use MBEDTLS_DEPRECATED_REMOVED - * - * Uncomment to get warnings on using deprecated functions and features. - */ -#cmakedefine MBEDTLS_DEPRECATED_WARNING - -/** - * \def MBEDTLS_DEPRECATED_REMOVED - * - * Remove deprecated functions and features so that they generate an error if - * used. Functionality deprecated in one version will usually be removed in the - * next version. You can enable this to help you prepare the transition to a - * new major version by making sure your code is not using this functionality. - * - * Uncomment to get errors on using deprecated functions and features. - */ -#cmakedefine MBEDTLS_DEPRECATED_REMOVED - -/** \} name SECTION: System support */ - -/** - * \name SECTION: Mbed TLS feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def MBEDTLS_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for - * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() - * - * Only works if you have MBEDTLS_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define MBEDTLS_TIMING_ALT - -/** - * \def MBEDTLS_AES_ALT - * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your - * alternate core implementation of a symmetric crypto, an arithmetic or hash - * module (e.g. platform specific assembly optimized implementations). Keep - * in mind that the function prototypes should remain the same. - * - * This replaces the whole module. If you only want to replace one of the - * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer - * provide the "struct mbedtls_aes_context" definition and omit the base - * function declarations and implementations. "aes_alt.h" will be included from - * "aes.h" to include the new function definitions. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * module. - * - * \warning MD5, DES and SHA-1 are considered weak and their - * use constitutes a security risk. If possible, we recommend - * avoiding dependencies on them, and considering stronger message - * digests and ciphers instead. - * - */ -#cmakedefine MBEDTLS_AES_ALT -//#define MBEDTLS_ARIA_ALT -//#define MBEDTLS_CAMELLIA_ALT -#cmakedefine MBEDTLS_CCM_ALT -#cmakedefine MBEDTLS_CHACHA20_ALT -#cmakedefine MBEDTLS_CHACHAPOLY_ALT -#cmakedefine MBEDTLS_CMAC_ALT -//#define MBEDTLS_DES_ALT -#cmakedefine MBEDTLS_DHM_ALT -#cmakedefine MBEDTLS_ECJPAKE_ALT -#cmakedefine MBEDTLS_GCM_ALT -//#define MBEDTLS_NIST_KW_ALT -//#define MBEDTLS_MD5_ALT -#cmakedefine MBEDTLS_POLY1305_ALT -//#define MBEDTLS_RIPEMD160_ALT -#cmakedefine MBEDTLS_RSA_ALT -#cmakedefine MBEDTLS_SHA1_ALT -#cmakedefine MBEDTLS_SHA256_ALT -#cmakedefine MBEDTLS_SHA512_ALT - -/* - * When replacing the elliptic curve module, please consider, that it is - * implemented with two .c files: - * - ecp.c - * - ecp_curves.c - * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT - * macros as described above. The only difference is that you have to make sure - * that you provide functionality for both .c files. - */ -#cmakedefine MBEDTLS_ECP_ALT - -/** - * \def MBEDTLS_SHA256_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from Mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * \note If you use the AES_xxx_ALT macros, then it is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - * - * \warning MD5, DES and SHA-1 are considered weak and their use - * constitutes a security risk. If possible, we recommend avoiding - * dependencies on them, and considering stronger message digests - * and ciphers instead. - * - * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are - * enabled, then the deterministic ECDH signature functions pass the - * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore - * alternative implementations should use the RNG only for generating - * the ephemeral key and nothing else. If this is not possible, then - * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative - * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). - * - */ -//#define MBEDTLS_MD5_PROCESS_ALT -//#define MBEDTLS_RIPEMD160_PROCESS_ALT -//#define MBEDTLS_SHA1_PROCESS_ALT -//#define MBEDTLS_SHA256_PROCESS_ALT -//#define MBEDTLS_SHA512_PROCESS_ALT -//#define MBEDTLS_DES_SETKEY_ALT -//#define MBEDTLS_DES_CRYPT_ECB_ALT -//#define MBEDTLS_DES3_CRYPT_ECB_ALT -#cmakedefine MBEDTLS_AES_SETKEY_ENC_ALT -#cmakedefine MBEDTLS_AES_SETKEY_DEC_ALT -#cmakedefine MBEDTLS_AES_ENCRYPT_ALT -#cmakedefine MBEDTLS_AES_DECRYPT_ALT -#cmakedefine MBEDTLS_ECDH_GEN_PUBLIC_ALT -#cmakedefine MBEDTLS_ECDH_COMPUTE_SHARED_ALT -#cmakedefine MBEDTLS_ECDSA_VERIFY_ALT -#cmakedefine MBEDTLS_ECDSA_SIGN_ALT -#cmakedefine MBEDTLS_ECDSA_GENKEY_ALT - -/** - * \def MBEDTLS_ECP_INTERNAL_ALT - * - * Expose a part of the internal interface of the Elliptic Curve Point module. - * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternative core implementation of elliptic curve arithmetic. Keep in mind - * that function prototypes should remain the same. - * - * This partially replaces one function. The header file from Mbed TLS is still - * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation - * is still present and it is used for group structures not supported by the - * alternative. - * - * The original implementation can in addition be removed by setting the - * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the - * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be - * able to fallback to curves not supported by the alternative implementation. - * - * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT - * and implementing the following functions: - * unsigned char mbedtls_internal_ecp_grp_capable( - * const mbedtls_ecp_group *grp ) - * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) - * The mbedtls_internal_ecp_grp_capable function should return 1 if the - * replacement functions implement arithmetic for the given group and 0 - * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are - * called before and after each point operation and provide an opportunity to - * implement optimized set up and tear down instructions. - * - * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac() - * function, but will use your mbedtls_internal_ecp_double_jac() if the group - * for the operation is supported by your implementation (i.e. your - * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the - * group is not supported by your implementation, then the original Mbed TLS - * implementation of ecp_double_jac() is used instead, unless this fallback - * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case - * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). - * - * The function prototypes and the definition of mbedtls_ecp_group and - * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your - * implementation of mbedtls_internal_ecp__function_name__ must be compatible - * with their definitions. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - */ -/* Required for all the functions in this section */ -//#define MBEDTLS_ECP_INTERNAL_ALT -/* Turn off software fallback for curves not supported in hardware */ -//#define MBEDTLS_ECP_NO_FALLBACK -/* Support for Weierstrass curves with Jacobi representation */ -//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT -//#define MBEDTLS_ECP_ADD_MIXED_ALT -//#define MBEDTLS_ECP_DOUBLE_JAC_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT -/* Support for curves with Montgomery arithmetic */ -//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT -//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT -//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT - -/** - * \def MBEDTLS_ENTROPY_HARDWARE_ALT - * - * Uncomment this macro to let Mbed TLS use your own implementation of a - * hardware entropy collector. - * - * Your function must be called \c mbedtls_hardware_poll(), have the same - * prototype as declared in library/entropy_poll.h, and accept NULL as first - * argument. - * - * Uncomment to use your own hardware entropy collector. - */ -#define MBEDTLS_ENTROPY_HARDWARE_ALT - -/** - * \def MBEDTLS_AES_ROM_TABLES - * - * Use precomputed AES tables stored in ROM. - * - * Uncomment this macro to use precomputed AES tables stored in ROM. - * Comment this macro to generate AES tables in RAM at runtime. - * - * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb - * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the - * initialization time before the first AES operation can be performed. - * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c - * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded - * performance if ROM access is slower than RAM access. - * - * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. - * - */ -#cmakedefine MBEDTLS_AES_ROM_TABLES - -/** - * \def MBEDTLS_AES_FEWER_TABLES - * - * Use less ROM/RAM for AES tables. - * - * Uncommenting this macro omits 75% of the AES tables from - * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) - * by computing their values on the fly during operations - * (the tables are entry-wise rotations of one another). - * - * Tradeoff: Uncommenting this reduces the RAM / ROM footprint - * by ~6kb but at the cost of more arithmetic operations during - * runtime. Specifically, one has to compare 4 accesses within - * different tables to 4 accesses with additional arithmetic - * operations within the same table. The performance gain/loss - * depends on the system and memory details. - * - * This option is independent of \c MBEDTLS_AES_ROM_TABLES. - * - */ -#cmakedefine MBEDTLS_AES_FEWER_TABLES - -/** - * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH - * - * Use only 128-bit keys in AES operations to save ROM. - * - * Uncomment this macro to remove support for AES operations that use 192- - * or 256-bit keys. - * - * Uncommenting this macro reduces the size of AES code by ~300 bytes - * on v8-M/Thumb2. - * - * Module: library/aes.c - * - * Requires: MBEDTLS_AES_C - */ -#cmakedefine MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH - -/* - * Disable plain C implementation for AES. - * - * When the plain C implementation is enabled, and an implementation using a - * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime - * detection will be used to select between them. - * - * If only one implementation is present, runtime detection will not be used. - * This configuration will crash at runtime if running on a CPU without the - * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C - * and/or MBEDTLS_AESNI_C is enabled & present in the build. - */ -//#define MBEDTLS_AES_USE_HARDWARE_ONLY - -/** - * \def MBEDTLS_CAMELLIA_SMALL_MEMORY - * - * Use less ROM for the Camellia implementation (saves about 768 bytes). - * - * Uncomment this macro to use less memory for Camellia. - */ -//#define MBEDTLS_CAMELLIA_SMALL_MEMORY - -/** - * \def MBEDTLS_CHECK_RETURN_WARNING - * - * If this macro is defined, emit a compile-time warning if application code - * calls a function without checking its return value, but the return value - * should generally be checked in portable applications. - * - * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is - * implemented. Otherwise this option has no effect. - * - * Uncomment to get warnings on using fallible functions without checking - * their return value. - * - * \note This feature is a work in progress. - * Warnings will be added to more functions in the future. - * - * \note A few functions are considered critical, and ignoring the return - * value of these functions will trigger a warning even if this - * macro is not defined. To completely disable return value check - * warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion. - */ -//#define MBEDTLS_CHECK_RETURN_WARNING - -/** - * \def MBEDTLS_CIPHER_MODE_CBC - * - * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. - */ -#cmakedefine MBEDTLS_CIPHER_MODE_CBC - -/** - * \def MBEDTLS_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -#cmakedefine MBEDTLS_CIPHER_MODE_CTR - -/** - * \def MBEDTLS_CIPHER_MODE_XTS - * - * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. - */ -#cmakedefine MBEDTLS_CIPHER_MODE_XTS - -/** - * \def MBEDTLS_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * To enable the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA - * - * Uncomment this macro to enable the NULL cipher and ciphersuites - */ -//#define MBEDTLS_CIPHER_NULL_CIPHER - -/** - * \def MBEDTLS_CIPHER_PADDING_PKCS7 - * - * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for - * specific padding modes in the cipher layer with cipher modes that support - * padding (e.g. CBC) - * - * If you disable all padding modes, only full blocks can be used with CBC. - * - * Enable padding modes in the cipher layer. - */ -#cmakedefine MBEDTLS_CIPHER_PADDING_PKCS7 -#cmakedefine MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS -#cmakedefine MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN -#cmakedefine MBEDTLS_CIPHER_PADDING_ZEROS - -/** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY - * - * Uncomment this macro to use a 128-bit key in the CTR_DRBG module. - * Without this, CTR_DRBG uses a 256-bit key - * unless \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. - */ -#cmakedefine MBEDTLS_CTR_DRBG_USE_128_BIT_KEY - -/** - * Enable the verified implementations of ECDH primitives from Project Everest - * (currently only Curve25519). This feature changes the layout of ECDH - * contexts and therefore is a compatibility break for applications that access - * fields of a mbedtls_ecdh_context structure directly. See also - * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. - * - * The Everest code is provided under the Apache 2.0 license only; therefore enabling this - * option is not compatible with taking the library under the GPL v2.0-or-later license. - */ -//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - -/** - * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve - * module. By default all supported curves are enabled. - * - * Comment macros to disable the curve and functions for it - */ -/* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ -#cmakedefine MBEDTLS_ECP_DP_SECP224R1_ENABLED -#cmakedefine MBEDTLS_ECP_DP_SECP256R1_ENABLED -#cmakedefine MBEDTLS_ECP_DP_SECP384R1_ENABLED -#cmakedefine MBEDTLS_ECP_DP_SECP521R1_ENABLED -#cmakedefine MBEDTLS_ECP_DP_SECP224K1_ENABLED -#cmakedefine MBEDTLS_ECP_DP_SECP256K1_ENABLED -#cmakedefine MBEDTLS_ECP_DP_BP256R1_ENABLED -#cmakedefine MBEDTLS_ECP_DP_BP384R1_ENABLED -#cmakedefine MBEDTLS_ECP_DP_BP512R1_ENABLED -/* Montgomery curves (supporting ECP) */ -#cmakedefine MBEDTLS_ECP_DP_CURVE25519_ENABLED -#cmakedefine MBEDTLS_ECP_DP_CURVE448_ENABLED - -/** - * \def MBEDTLS_ECP_NIST_OPTIM - * - * Enable specific 'modulo p' routines for each NIST prime. - * Depending on the prime and architecture, makes operations 4 to 8 times - * faster on the corresponding curve. - * - * Comment this macro to disable NIST curves optimisation. - */ -#define MBEDTLS_ECP_NIST_OPTIM - -/** - * \def MBEDTLS_ECP_RESTARTABLE - * - * Enable "non-blocking" ECC operations that can return early and be resumed. - * - * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see - * mbedtls_ecp_set_max_ops() for more information. - * - * This is useful in non-threaded environments if you want to avoid blocking - * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. - * - * This option: - * - Adds xxx_restartable() variants of existing operations in the - * following modules, with corresponding restart context types: - * - ECP (for Short Weierstrass curves only): scalar multiplication (mul), - * linear combination (muladd); - * - ECDSA: signature generation & verification; - * - PK: signature generation & verification; - * - X509: certificate chain verification. - * - Adds mbedtls_ecdh_enable_restart() in the ECDH module. - * - Changes the behaviour of TLS 1.2 clients (not servers) when using the - * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC - * computations restartable: - * - ECDH operations from the key exchange, only for Short Weierstrass - * curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled. - * - verification of the server's key exchange signature; - * - verification of the server's certificate chain; - * - generation of the client's signature if client authentication is used, - * with an ECC key/certificate. - * - * \note In the cases above, the usual SSL/TLS functions, such as - * mbedtls_ssl_handshake(), can now return - * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS. - * - * \note When this option and MBEDTLS_USE_PSA_CRYPTO are both enabled, - * restartable operations in PK, X.509 and TLS (see above) are not - * using PSA. On the other hand, ECDH computations in TLS are using - * PSA, and are not restartable. These are temporary limitations that - * should be lifted in the future. - * - * \note This option only works with the default software implementation of - * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT. - * - * Requires: MBEDTLS_ECP_C - * - * Uncomment this macro to enable restartable ECC computations. - */ -//#define MBEDTLS_ECP_RESTARTABLE - -/** - * Uncomment to enable using new bignum code in the ECC modules. - * - * \warning This is currently experimental, incomplete and therefore should not - * be used in production. - */ -//#define MBEDTLS_ECP_WITH_MPI_UINT - -/** - * \def MBEDTLS_ECDSA_DETERMINISTIC - * - * Enable deterministic ECDSA (RFC 6979). - * Standard ECDSA is "fragile" in the sense that lack of entropy when signing - * may result in a compromise of the long-term signing key. This is avoided by - * the deterministic variant. - * - * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C - * - * Comment this macro to disable deterministic ECDSA. - */ -#cmakedefine MBEDTLS_ECDSA_DETERMINISTIC - -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) - * MBEDTLS_RSA_C - * MBEDTLS_PKCS1_V15 - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) - * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) - * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) - * MBEDTLS_RSA_C - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_JPAKE) - * SHA-256 (via MBEDTLS_SHA256_C or a PSA driver) - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * \warning If SHA-256 is provided only by a PSA driver, you must call - * psa_crypto_init() before the first handshake (even if - * MBEDTLS_USE_PSA_CRYPTO is disabled). - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - -/** - * \def MBEDTLS_PK_PARSE_EC_EXTENDED - * - * Enhance support for reading EC keys using variants of SEC1 not allowed by - * RFC 5915 and RFC 5480. - * - * Currently this means parsing the SpecifiedECDomain choice of EC - * parameters (only known groups are supported, not arbitrary domains, to - * avoid validation issues). - * - * Disable if you only need to support RFC 5915 + 5480 key formats. - */ -#cmakedefine MBEDTLS_PK_PARSE_EC_EXTENDED - -/** - * \def MBEDTLS_PK_PARSE_EC_COMPRESSED - * - * Enable the support for parsing public keys of type Short Weierstrass - * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the - * compressed point format. This parsing is done through ECP module's functions. - * - * \note As explained in the description of MBEDTLS_ECP_PF_COMPRESSED (in ecp.h) - * the only unsupported curves are MBEDTLS_ECP_DP_SECP224R1 and - * MBEDTLS_ECP_DP_SECP224K1. - */ -//#define MBEDTLS_PK_PARSE_EC_COMPRESSED - -/** - * \def MBEDTLS_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of mbedtls_strerror() in - * third party libraries easier when MBEDTLS_ERROR_C is disabled - * (no effect when MBEDTLS_ERROR_C is enabled). - * - * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're - * not using mbedtls_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * mbedtls_strerror() - */ -#define MBEDTLS_ERROR_STRERROR_DUMMY - -/** - * \def MBEDTLS_GENPRIME - * - * Enable the prime-number generation code. - * - * Requires: MBEDTLS_BIGNUM_C - */ -#cmakedefine MBEDTLS_GENPRIME - -/** - * \def MBEDTLS_FS_IO - * - * Enable functions that use the filesystem. - */ -//#define MBEDTLS_FS_IO - -/** - * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources in mbedtls_entropy_init(). - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. - */ -//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - -/** - * \def MBEDTLS_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. - */ -#define MBEDTLS_NO_PLATFORM_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_FORCE_SHA256 - * - * Force the entropy accumulator to use a SHA-256 accumulator instead of the - * default SHA-512 based one (if both are available). - * - * Requires: MBEDTLS_SHA256_C - * - * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option - * if you have performance concerns. - * - * This option is only useful if both MBEDTLS_SHA256_C and - * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. - */ -#define MBEDTLS_ENTROPY_FORCE_SHA256 - -/** - * \def MBEDTLS_ENTROPY_NV_SEED - * - * Enable the non-volatile (NV) seed file-based entropy source. - * (Also enables the NV seed read/write functions in the platform layer) - * - * This is crucial (if not required) on systems that do not have a - * cryptographic entropy source (in hardware or kernel) available. - * - * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C - * - * \note The read/write functions that are used by the entropy source are - * determined in the platform layer, and can be modified at runtime and/or - * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. - * - * \note If you use the default implementation functions that read a seedfile - * with regular fopen(), please make sure you make a seedfile with the - * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at - * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from - * and written to or you will get an entropy source error! The default - * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE - * bytes from the file. - * - * \note The entropy collector will write to the seed file before entropy is - * given to an external source, to update it. - */ -//#define MBEDTLS_ENTROPY_NV_SEED - -/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - * - * Enable key identifiers that encode a key owner identifier. - * - * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t - * which is currently hard-coded to be int32_t. - * - * Note that this option is meant for internal use only and may be removed - * without notice. - */ -#cmakedefine MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - -/** - * \def MBEDTLS_MEMORY_DEBUG - * - * Enable debugging of buffer allocator memory issues. Automatically prints - * (to stderr) all (fatal) messages on memory allocation issues. Enables - * function for 'debug output' of allocated memory. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Uncomment this macro to let the buffer allocator print out error messages. - */ - #cmakedefine MBEDTLS_MEMORY_DEBUG - -/** - * \def MBEDTLS_MEMORY_BACKTRACE - * - * Include backtrace information with each allocated block. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() and backtrace_symbols() support - * - * Uncomment this macro to include backtrace information - */ -//#define MBEDTLS_MEMORY_BACKTRACE - -/** - * \def MBEDTLS_PK_RSA_ALT_SUPPORT - * - * Support external private RSA keys (eg from a HSM) in the PK layer. - * - * Comment this macro to disable support for external private RSA keys. - */ -//#define MBEDTLS_PK_RSA_ALT_SUPPORT - -/** - * \def MBEDTLS_PKCS1_V15 - * - * Enable support for PKCS#1 v1.5 encoding. - * - * Requires: MBEDTLS_RSA_C - * - * This enables support for PKCS#1 v1.5 operations. - */ -#cmakedefine MBEDTLS_PKCS1_V15 - -/** - * \def MBEDTLS_PKCS1_V21 - * - * Enable support for PKCS#1 v2.1 encoding. - * - * Requires: MBEDTLS_RSA_C - * - * \warning If using a hash that is only provided by PSA drivers, you must - * call psa_crypto_init() before doing any PKCS#1 v2.1 operation. - * - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -#cmakedefine MBEDTLS_PKCS1_V21 - -/** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS - * - * Enable support for platform built-in keys. If you enable this feature, - * you must implement the function mbedtls_psa_platform_get_builtin_key(). - * See the documentation of that function for more information. - * - * Built-in keys are typically derived from a hardware unique key or - * stored in a secure element. - * - * Requires: MBEDTLS_PSA_CRYPTO_C. - * - * \warning This interface is experimental and may change or be removed - * without notice. - */ -#cmakedefine MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS - -/** \def MBEDTLS_PSA_CRYPTO_CLIENT - * - * Enable support for PSA crypto client. - * - * \note This option allows to include the code necessary for a PSA - * crypto client when the PSA crypto implementation is not included in - * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the - * code to set and get PSA key attributes. - * The development of PSA drivers partially relying on the library to - * fulfill the hardware gaps is another possible usage of this option. - * - * \warning This interface is experimental and may change or be removed - * without notice. - */ -#cmakedefine MBEDTLS_PSA_CRYPTO_CLIENT - -/** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG - * - * Make the PSA Crypto module use an external random generator provided - * by a driver, instead of Mbed TLS's entropy and DRBG modules. - * - * \note This random generator must deliver random numbers with cryptographic - * quality and high performance. It must supply unpredictable numbers - * with a uniform distribution. The implementation of this function - * is responsible for ensuring that the random generator is seeded - * with sufficient entropy. If you have a hardware TRNG which is slow - * or delivers non-uniform output, declare it as an entropy source - * with mbedtls_entropy_add_source() instead of enabling this option. - * - * If you enable this option, you must configure the type - * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h - * and define a function called mbedtls_psa_external_get_random() - * with the following prototype: - * ``` - * psa_status_t mbedtls_psa_external_get_random( - * mbedtls_psa_external_random_context_t *context, - * uint8_t *output, size_t output_size, size_t *output_length); - * ); - * ``` - * The \c context value is initialized to 0 before the first call. - * The function must fill the \c output buffer with \c output_size bytes - * of random data and set \c *output_length to \c output_size. - * - * Requires: MBEDTLS_PSA_CRYPTO_C - * - * \warning If you enable this option, code that uses the PSA cryptography - * interface will not use any of the entropy sources set up for - * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED - * enables. - * - * \note This option is experimental and may be removed without notice. - */ -#cmakedefine MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG - -/** - * \def MBEDTLS_PSA_CRYPTO_SPM - * - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure - * Partition Manager) integration which separates the code into two parts: a - * NSPE (Non-Secure Process Environment) and an SPE (Secure Process - * Environment). - * - * If you enable this option, your build environment must include a header - * file `"crypto_spe.h"` (either in the `psa` subdirectory of the Mbed TLS - * header files, or in another directory on the compiler's include search - * path). Alternatively, your platform may customize the header - * `psa/crypto_platform.h`, in which case it can skip or replace the - * inclusion of `"crypto_spe.h"`. - * - * Module: library/psa_crypto.c - * Requires: MBEDTLS_PSA_CRYPTO_C - * - */ -#cmakedefine MBEDTLS_PSA_CRYPTO_SPM - -/** - * \def MBEDTLS_PSA_KEY_STORE_DYNAMIC - * - * Dynamically resize the PSA key store to accommodate any number of - * volatile keys (until the heap memory is exhausted). - * - * If this option is disabled, the key store has a fixed size - * #MBEDTLS_PSA_KEY_SLOT_COUNT for volatile keys and loaded persistent keys - * together. - * - * This option has no effect when #MBEDTLS_PSA_CRYPTO_C is disabled. - * - * Module: library/psa_crypto.c - * Requires: MBEDTLS_PSA_CRYPTO_C - */ -//#define MBEDTLS_PSA_KEY_STORE_DYNAMIC - -/** - * Uncomment to enable p256-m. This is an alternative implementation of - * key generation, ECDH and (randomized) ECDSA on the curve SECP256R1. - * Compared to the default implementation: - * - * - p256-m has a much smaller code size and RAM footprint. - * - p256-m is only available via the PSA API. This includes the pk module - * when #MBEDTLS_USE_PSA_CRYPTO is enabled. - * - p256-m does not support deterministic ECDSA, EC-JPAKE, custom protocols - * over the core arithmetic, or deterministic derivation of keys. - * - * We recommend enabling this option if your application uses the PSA API - * and the only elliptic curve support it needs is ECDH and ECDSA over - * SECP256R1. - * - * If you enable this option, you do not need to enable any ECC-related - * MBEDTLS_xxx option. You do need to separately request support for the - * cryptographic mechanisms through the PSA API: - * - #MBEDTLS_PSA_CRYPTO_C and #MBEDTLS_PSA_CRYPTO_CONFIG for PSA-based - * configuration; - * - #MBEDTLS_USE_PSA_CRYPTO if you want to use p256-m from PK, X.509 or TLS; - * - #PSA_WANT_ECC_SECP_R1_256; - * - #PSA_WANT_ALG_ECDH and/or #PSA_WANT_ALG_ECDSA as needed; - * - #PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY, #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, - * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT, - * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT and/or - * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE as needed. - * - * \note To benefit from the smaller code size of p256-m, make sure that you - * do not enable any ECC-related option not supported by p256-m: this - * would cause the built-in ECC implementation to be built as well, in - * order to provide the required option. - * Make sure #PSA_WANT_ALG_DETERMINISTIC_ECDSA, #PSA_WANT_ALG_JPAKE and - * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE, and curves other than - * SECP256R1 are disabled as they are not supported by this driver. - * Also, avoid defining #MBEDTLS_PK_PARSE_EC_COMPRESSED or - * #MBEDTLS_PK_PARSE_EC_EXTENDED as those currently require a subset of - * the built-in ECC implementation, see docs/driver-only-builds.md. - */ -//#define MBEDTLS_PSA_P256M_DRIVER_ENABLED - -/** - * \def MBEDTLS_PSA_INJECT_ENTROPY - * - * Enable support for entropy injection at first boot. This feature is - * required on systems that do not have a built-in entropy source (TRNG). - * This feature is currently not supported on systems that have a built-in - * entropy source. - * - * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED - * - */ -//#define MBEDTLS_PSA_INJECT_ENTROPY - -/** - * \def MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS - * - * Assume all buffers passed to PSA functions are owned exclusively by the - * PSA function and are not stored in shared memory. - * - * This option may be enabled if all buffers passed to any PSA function reside - * in memory that is accessible only to the PSA function during its execution. - * - * This option MUST be disabled whenever buffer arguments are in memory shared - * with an untrusted party, for example where arguments to PSA calls are passed - * across a trust boundary. - * - * \note Enabling this option reduces memory usage and code size. - * - * \note Enabling this option causes overlap of input and output buffers - * not to be supported by PSA functions. - */ -//#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS - -/** - * \def MBEDTLS_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem - * for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * - */ -//#define MBEDTLS_RSA_NO_CRT - -/** - * \def MBEDTLS_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -//#define MBEDTLS_SELF_TEST - -/** - * \def MBEDTLS_SHA256_SMALLER - * - * Enable an implementation of SHA-256 that has lower ROM footprint but also - * lower performance. - * - * The default implementation is meant to be a reasonable compromise between - * performance and size. This version optimizes more aggressively for size at - * the expense of performance. Eg on Cortex-M4 it reduces the size of - * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about - * 30%. - * - * Uncomment to enable the smaller implementation of SHA256. - */ -#cmakedefine MBEDTLS_SHA256_SMALLER - -/** - * \def MBEDTLS_SHA512_SMALLER - * - * Enable an implementation of SHA-512 that has lower ROM footprint but also - * lower performance. - * - * Uncomment to enable the smaller implementation of SHA512. - */ -#cmakedefine MBEDTLS_SHA512_SMALLER - -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, Mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#cmakedefine MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_DTLS_CONNECTION_ID - * - * Enable support for the DTLS Connection ID (CID) extension, - * which allows to identify DTLS connections across changes - * in the underlying transport. The CID functionality is described - * in RFC 9146. - * - * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`, - * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and - * `mbedtls_ssl_conf_cid()`. See the corresponding documentation for - * more information. - * - * The maximum lengths of outgoing and incoming CIDs can be configured - * through the options - * - MBEDTLS_SSL_CID_OUT_LEN_MAX - * - MBEDTLS_SSL_CID_IN_LEN_MAX. - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Uncomment to enable the Connection ID extension. - */ -#cmakedefine MBEDTLS_SSL_DTLS_CONNECTION_ID - - -/** - * \def MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT - * - * Defines whether RFC 9146 (default) or the legacy version - * (version draft-ietf-tls-dtls-connection-id-05, - * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) - * is used. - * - * Set the value to 0 for the standard version, and - * 1 for the legacy draft version. - * - * \deprecated Support for the legacy version of the DTLS - * Connection ID feature is deprecated. Please - * switch to the standardized version defined - * in RFC 9146 enabled by utilizing - * MBEDTLS_SSL_DTLS_CONNECTION_ID without use - * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT. - * - * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID - */ -//#define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0 - -/** - * \def MBEDTLS_SSL_ASYNC_PRIVATE - * - * Enable asynchronous external private key operations in SSL. This allows - * you to configure an SSL connection to call an external cryptographic - * module to perform private key operations instead of performing the - * operation inside the library. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - */ -//#define MBEDTLS_SSL_ASYNC_PRIVATE - -/** - * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION - * - * Enable serialization of the TLS context structures, through use of the - * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load(). - * - * This pair of functions allows one side of a connection to serialize the - * context associated with the connection, then free or re-use that context - * while the serialized state is persisted elsewhere, and finally deserialize - * that state to a live context for resuming read/write operations on the - * connection. From a protocol perspective, the state of the connection is - * unaffected, in particular this is entirely transparent to the peer. - * - * Note: this is distinct from TLS session resumption, which is part of the - * protocol and fully visible by the peer. TLS session resumption enables - * establishing new connections associated to a saved session with shorter, - * lighter handshakes, while context serialization is a local optimization in - * handling a single, potentially long-lived connection. - * - * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are - * saved after the handshake to allow for more efficient serialization, so if - * you don't need this feature you'll save RAM by disabling it. - * - * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C - * - * Comment to disable the context serialization APIs. - */ -#cmakedefine MBEDTLS_SSL_CONTEXT_SERIALIZATION - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -#cmakedefine MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#cmakedefine MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for RFC 7627: Session Hash and Extended Master Secret - * Extension. - * - * This was introduced as "the proper fix" to the Triple Handshake family of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#cmakedefine MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - * - * This option controls the availability of the API mbedtls_ssl_get_peer_cert() - * giving access to the peer's certificate after completion of the handshake. - * - * Unless you need mbedtls_ssl_peer_cert() in your application, it is - * recommended to disable this option for reduced RAM usage. - * - * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still - * defined, but always returns \c NULL. - * - * \note This option has no influence on the protection against the - * triple handshake attack. Even if it is disabled, Mbed TLS will - * still ensure that certificates do not change during renegotiation, - * for example by keeping a hash of the peer's certificate. - * - * \note This option is required if MBEDTLS_SSL_PROTO_TLS1_3 is set. - * - * Comment this macro to disable storing the peer's certificate - * after the handshake. - */ -#cmakedefine MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - -/** - * \def MBEDTLS_SSL_KEYING_MATERIAL_EXPORT - * - * When this option is enabled, the client and server can extract additional - * shared symmetric keys after an SSL handshake using the function - * mbedtls_ssl_export_keying_material(). - * - * The process for deriving the keys is specified in RFC 5705 for TLS 1.2 and - * in RFC 8446, Section 7.5, for TLS 1.3. - * - * Comment this macro to disable mbedtls_ssl_export_keying_material(). - */ -#define MBEDTLS_SSL_KEYING_MATERIAL_EXPORT - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Enable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#cmakedefine MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT - * - * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only). - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_3 - * - * Uncomment this macro to enable support for the record_size_limit extension - */ -//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and - * (MBEDTLS_SHA256_C or MBEDTLS_SHA384_C or - * SHA-256 or SHA-512 provided by a PSA driver) - * With MBEDTLS_USE_PSA_CRYPTO: - * PSA_WANT_ALG_SHA_256 or PSA_WANT_ALG_SHA_384 - * - * \warning If building with MBEDTLS_USE_PSA_CRYPTO, or if the hash(es) used - * are only provided by PSA drivers, you must call psa_crypto_init() before - * doing any TLS operations. - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#cmakedefine MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_3 - * - * Enable support for TLS 1.3. - * - * \note See docs/architecture/tls13-support.md for a description of the TLS - * 1.3 support that this option enables. - * - * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - * Requires: MBEDTLS_PSA_CRYPTO_C - * - * \note TLS 1.3 uses PSA crypto for cryptographic operations that are - * directly performed by TLS 1.3 code. As a consequence, when TLS 1.3 - * is enabled, a TLS handshake may call psa_crypto_init(), even - * if it ends up negotiating a different TLS version. - * - * \note Cryptographic operations performed indirectly via another module - * (X.509, PK) or by code shared with TLS 1.2 (record protection, - * running handshake hash) only use PSA crypto if - * #MBEDTLS_USE_PSA_CRYPTO is enabled. - * - * \note In multithreaded applications, you must also enable - * #MBEDTLS_THREADING_C, even if individual TLS contexts are not - * shared between threads, unless only one thread ever calls - * TLS functions. - * - * Uncomment this macro to enable the support for TLS 1.3. - */ -#cmakedefine MBEDTLS_SSL_PROTO_TLS1_3 - -/** - * \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - * - * Enable TLS 1.3 middlebox compatibility mode. - * - * As specified in Section D.4 of RFC 8446, TLS 1.3 offers a compatibility - * mode to make a TLS 1.3 connection more likely to pass through middle boxes - * expecting TLS 1.2 traffic. - * - * Turning on the compatibility mode comes at the cost of a few added bytes - * on the wire, but it doesn't affect compatibility with TLS 1.3 implementations - * that don't use it. Therefore, unless transmission bandwidth is critical and - * you know that middlebox compatibility issues won't occur, it is therefore - * recommended to set this option. - * - * Comment to disable compatibility mode for TLS 1.3. If - * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any - * effect on the build. - * - */ -#cmakedefine MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - -/** - * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED - * - * Enable TLS 1.3 PSK key exchange mode. - * - * Comment to disable support for the PSK key exchange mode in TLS 1.3. If - * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any - * effect on the build. - * - */ -#cmakedefine MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED - -/** - * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED - * - * Enable TLS 1.3 ephemeral key exchange mode. - * - * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH - * MBEDTLS_X509_CRT_PARSE_C - * and at least one of: - * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) - * MBEDTLS_PKCS1_V21 - * - * Comment to disable support for the ephemeral key exchange mode in TLS 1.3. - * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any - * effect on the build. - * - */ -#cmakedefine MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED - -/** - * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED - * - * Enable TLS 1.3 PSK ephemeral key exchange mode. - * - * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH - * - * Comment to disable support for the PSK ephemeral key exchange mode in - * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not - * have any effect on the build. - * - */ -#cmakedefine MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED - -/** - * \def MBEDTLS_SSL_EARLY_DATA - * - * Enable support for RFC 8446 TLS 1.3 early data. - * - * Requires: MBEDTLS_SSL_SESSION_TICKETS and either - * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or - * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED - * - * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 - * is not enabled, this option does not have any effect on the build. - * - * \note The maximum amount of early data can be set with - * MBEDTLS_SSL_MAX_EARLY_DATA_SIZE. - * - */ -//#define MBEDTLS_SSL_EARLY_DATA - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#cmakedefine MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#cmakedefine MBEDTLS_SSL_ALPN -- TODO: ? - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#cmakedefine MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can be a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#cmakedefine MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_SRTP - * - * Enable support for negotiation of DTLS-SRTP (RFC 5764) - * through the use_srtp extension. - * - * \note This feature provides the minimum functionality required - * to negotiate the use of DTLS-SRTP and to allow the derivation of - * the associated SRTP packet protection key material. - * In particular, the SRTP packet protection itself, as well as the - * demultiplexing of RTP and DTLS packets at the datagram layer - * (see Section 5 of RFC 5764), are not handled by this feature. - * Instead, after successful completion of a handshake negotiating - * the use of DTLS-SRTP, the extended key exporter API - * mbedtls_ssl_conf_export_keys_cb() should be used to implement - * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705 - * (this is implemented in the SSL example programs). - * The resulting key should then be passed to an SRTP stack. - * - * Setting this option enables the runtime API - * mbedtls_ssl_conf_dtls_srtp_protection_profiles() - * through which the supported DTLS-SRTP protection - * profiles can be configured. You must call this API at - * runtime if you wish to negotiate the use of DTLS-SRTP. - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Uncomment this to enable support for use_srtp extension. - */ -#cmakedefine MBEDTLS_SSL_DTLS_SRTP - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#cmakedefine MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintenance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#cmakedefine MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#ifndef MBEDTLS_SSL_EXPORT_KEYS -#cmakedefine MBEDTLS_SSL_EXPORT_KEYS -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#cmakedefine MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH - * - * When this option is enabled, the SSL buffer will be resized automatically - * based on the negotiated maximum fragment length in each direction. - * - * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - */ -//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH - -/** - * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - * - * Enable testing of the constant-flow nature of some sensitive functions with - * clang's MemorySanitizer. This causes some existing tests to also test - * this non-functional property of the code under test. - * - * This setting requires compiling with clang -fsanitize=memory. The test - * suites can then be run normally. - * - * \warning This macro is only used for extended testing; it is not considered - * part of the library's API, so it may change or disappear at any time. - * - * Uncomment to enable testing of the constant-flow nature of selected code. - */ -//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - -/** - * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - * - * Enable testing of the constant-flow nature of some sensitive functions with - * valgrind's memcheck tool. This causes some existing tests to also test - * this non-functional property of the code under test. - * - * This setting requires valgrind headers for building, and is only useful for - * testing if the tests suites are run with valgrind's memcheck. This can be - * done for an individual test suite with 'valgrind ./test_suite_xxx', or when - * using CMake, this can be done for all test suites with 'make memcheck'. - * - * \warning This macro is only used for extended testing; it is not considered - * part of the library's API, so it may change or disappear at any time. - * - * Uncomment to enable testing of the constant-flow nature of selected code. - */ -//#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - -/** - * \def MBEDTLS_TEST_HOOKS - * - * Enable features for invasive testing such as introspection functions and - * hooks for fault injection. This enables additional unit tests. - * - * Merely enabling this feature should not change the behavior of the product. - * It only adds new code, and new branching points where the default behavior - * is the same as when this feature is disabled. - * However, this feature increases the attack surface: there is an added - * risk of vulnerabilities, and more gadgets that can make exploits easier. - * Therefore this feature must never be enabled in production. - * - * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more - * information. - * - * Uncomment to enable invasive tests. - */ -//#define MBEDTLS_TEST_HOOKS - -/** - * \def MBEDTLS_THREADING_ALT - * - * Provide your own alternate threading implementation. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to allow your own alternate threading implementation. - */ -#cmakedefine MBEDTLS_THREADING_ALT - -/** - * \def MBEDTLS_THREADING_PTHREAD - * - * Enable the pthread wrapper layer for the threading layer. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to enable pthread mutexes. - */ -//#define MBEDTLS_THREADING_PTHREAD - -/** - * \def MBEDTLS_USE_PSA_CRYPTO - * - * Make the X.509 and TLS libraries use PSA for cryptographic operations as - * much as possible, and enable new APIs for using keys handled by PSA Crypto. - * - * \note Development of this option is currently in progress, and parts of Mbed - * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts - * will still continue to work as usual, so enabling this option should not - * break backwards compatibility. - * - * \warning If you enable this option, you need to call `psa_crypto_init()` - * before calling any function from the SSL/TLS, X.509 or PK modules, except - * for the various mbedtls_xxx_init() functions which can be called at any time. - * - * \warning In multithreaded applications, you must also enable - * #MBEDTLS_THREADING_C, unless only one thread ever calls PSA functions - * (`psa_xxx()`), including indirect calls through SSL/TLS, X.509 or PK. - * - * \note An important and desirable effect of this option is that it allows - * PK, X.509 and TLS to take advantage of PSA drivers. For example, enabling - * this option is what allows use of drivers for ECDSA, ECDH and EC J-PAKE in - * those modules. However, note that even with this option disabled, some code - * in PK, X.509, TLS or the crypto library might still use PSA drivers, if it - * can determine it's safe to do so; currently that's the case for hashes. - * - * \note See docs/use-psa-crypto.md for a complete description this option. - * - * Requires: MBEDTLS_PSA_CRYPTO_C. - * - * Uncomment this to enable internal use of PSA Crypto and new associated APIs. - */ -#cmakedefine MBEDTLS_USE_PSA_CRYPTO - -/** - * \def MBEDTLS_PSA_CRYPTO_CONFIG - * - * This setting allows support for cryptographic mechanisms through the PSA - * API to be configured separately from support through the mbedtls API. - * - * When this option is disabled, the PSA API exposes the cryptographic - * mechanisms that can be implemented on top of the `mbedtls_xxx` API - * configured with `MBEDTLS_XXX` symbols. - * - * When this option is enabled, the PSA API exposes the cryptographic - * mechanisms requested by the `PSA_WANT_XXX` symbols defined in - * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are - * automatically enabled if required (i.e. if no PSA driver provides the - * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols - * in mbedtls_config.h. - * - * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies - * an alternative header to include instead of include/psa/crypto_config.h. - * - * \warning This option is experimental, in that the set of `PSA_WANT_XXX` - * symbols is not completely finalized yet, and the configuration - * tooling is not ideally adapted to having two separate configuration - * files. - * Future minor releases of Mbed TLS may make minor changes to those - * symbols, but we will endeavor to provide a transition path. - * Nonetheless, this option is considered mature enough to use in - * production, as long as you accept that you may need to make - * minor changes to psa/crypto_config.h when upgrading Mbed TLS. - */ -#define MBEDTLS_PSA_CRYPTO_CONFIG - -/** - * \def MBEDTLS_VERSION_FEATURES - * - * Allow run-time checking of compile-time enabled features. Thus allowing users - * to check at run-time if the library is for instance compiled with threading - * support via mbedtls_version_check_feature(). - * - * Requires: MBEDTLS_VERSION_C - * - * Comment this to disable run-time checking and save ROM space - */ -#define MBEDTLS_VERSION_FEATURES - -/** - * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK - * - * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()` - * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure - * the set of trusted certificates through a callback instead of a linked - * list. - * - * This is useful for example in environments where a large number of trusted - * certificates is present and storing them in a linked list isn't efficient - * enough, or when the set of trusted certificates changes frequently. - * - * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and - * `mbedtls_ssl_conf_ca_cb()` for more information. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Uncomment to enable trusted certificate callbacks. - */ -//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK - -/** - * \def MBEDTLS_X509_REMOVE_INFO - * - * Disable mbedtls_x509_*_info() and related APIs. - * - * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() - * and other functions/constants only used by these functions, thus reducing - * the code footprint by several KB. - */ -#cmakedefine MBEDTLS_X509_REMOVE_INFO - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Requires: MBEDTLS_PKCS1_V21 - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#cmakedefine MBEDTLS_X509_RSASSA_PSS_SUPPORT -/** \} name SECTION: Mbed TLS feature support */ - -/** - * \name SECTION: Mbed TLS modules - * - * This section enables or disables entire modules in Mbed TLS - * \{ - */ - -/** - * \def MBEDTLS_AESNI_C - * - * Enable AES-NI support on x86-64 or x86-32. - * - * \note AESNI is only supported with certain compilers and target options: - * - Visual Studio: supported - * - GCC, x86-64, target not explicitly supporting AESNI: - * requires MBEDTLS_HAVE_ASM. - * - GCC, x86-32, target not explicitly supporting AESNI: - * not supported. - * - GCC, x86-64 or x86-32, target supporting AESNI: supported. - * For this assembly-less implementation, you must currently compile - * `library/aesni.c` and `library/aes.c` with machine options to enable - * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or - * `clang -maes -mpclmul`. - * - Non-x86 targets: this option is silently ignored. - * - Other compilers: this option is silently ignored. - * - * \note - * Above, "GCC" includes compatible compilers such as Clang. - * The limitations on target support are likely to be relaxed in the future. - * - * Module: library/aesni.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note) - * - * This modules adds support for the AES-NI instructions on x86. - */ -//#define MBEDTLS_AESNI_C - -/** - * \def MBEDTLS_AESCE_C - * - * Enable AES cryptographic extension support on Armv8. - * - * Module: library/aesce.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_AES_C - * - * \warning Runtime detection only works on Linux. For non-Linux operating - * system, Armv8-A Cryptographic Extensions must be supported by - * the CPU when this option is enabled. - * - * \note Minimum compiler versions for this feature when targeting aarch64 - * are Clang 4.0; armclang 6.6; GCC 6.0; or MSVC 2019 version 16.11.2. - * Minimum compiler versions for this feature when targeting 32-bit - * Arm or Thumb are Clang 11.0; armclang 6.20; or GCC 6.0. - * - * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for - * armclang <= 6.9 - * - * This module adds support for the AES Armv8-A Cryptographic Extensions on Armv8 systems. - */ -//#define MBEDTLS_AESCE_C - -/** - * \def MBEDTLS_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/cipher.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * - * PEM_PARSE uses AES for decrypting encrypted keys. - */ -#cmakedefine MBEDTLS_AES_C - -/** - * \def MBEDTLS_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c - * library/pkcs12.c - * library/pkcs5.c - * library/pkparse.c - */ -#define MBEDTLS_ASN1_PARSE_C - -/** - * \def MBEDTLS_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - * Caller: library/ecdsa.c - * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c - */ -#define MBEDTLS_ASN1_WRITE_C - -/** - * \def MBEDTLS_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -#define MBEDTLS_BASE64_C - -/** - * \def MBEDTLS_BLOCK_CIPHER_NO_DECRYPT - * - * Remove decryption operation for AES, ARIA and Camellia block cipher. - * - * \note This feature is incompatible with insecure block cipher, - * MBEDTLS_DES_C, and cipher modes which always require decryption - * operation, MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and - * MBEDTLS_NIST_KW_C. When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, - * this feature is incompatible with following supported PSA equivalence, - * PSA_WANT_ALG_ECB_NO_PADDING, PSA_WANT_ALG_CBC_NO_PADDING, - * PSA_WANT_ALG_CBC_PKCS7 and PSA_WANT_KEY_TYPE_DES. - * - * Module: library/aes.c - * library/aesce.c - * library/aesni.c - * library/aria.c - * library/camellia.c - * library/cipher.c - */ -//#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT - -/** - * \def MBEDTLS_BIGNUM_C - * - * Enable the multi-precision integer library. - * - * Module: library/bignum.c - * library/bignum_core.c - * library/bignum_mod.c - * library/bignum_mod_raw.c - * Caller: library/dhm.c - * library/ecp.c - * library/ecdsa.c - * library/rsa.c - * library/rsa_alt_helpers.c - * library/ssl_tls.c - * - * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. - */ -#define MBEDTLS_BIGNUM_C - -/** - * \def MBEDTLS_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#cmakedefine MBEDTLS_CAMELLIA_C - -/** - * \def MBEDTLS_ARIA_C - * - * Enable the ARIA block cipher. - * - * Module: library/aria.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 - */ -#cmakedefine MBEDTLS_ARIA_C - -/** - * \def MBEDTLS_CCM_C - * - * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - * - * Module: library/ccm.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or - * MBEDTLS_ARIA_C - * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. - */ -#cmakedefine MBEDTLS_CCM_C - -/** - * \def MBEDTLS_CHACHA20_C - * - * Enable the ChaCha20 stream cipher. - * - * Module: library/chacha20.c - */ -#cmakedefine MBEDTLS_CHACHA20_C - -/** - * \def MBEDTLS_CHACHAPOLY_C - * - * Enable the ChaCha20-Poly1305 AEAD algorithm. - * - * Module: library/chachapoly.c - * - * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C - */ -#cmakedefine MBEDTLS_CHACHAPOLY_C - -/** - * \def MBEDTLS_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: library/ccm.c - * library/cmac.c - * library/gcm.c - * library/nist_kw.c - * library/pkcs12.c - * library/pkcs5.c - * library/psa_crypto_aead.c - * library/psa_crypto_mac.c - * library/ssl_ciphersuites.c - * library/ssl_msg.c - * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled) - * Auto-enabled by: MBEDTLS_PSA_CRYPTO_C depending on which ciphers are enabled - * (see the documentation of that option for details). - * - * Uncomment to enable generic cipher wrappers. - */ -#cmakedefine MBEDTLS_CIPHER_C - -/** - * \def MBEDTLS_CMAC_C - * - * Enable the CMAC (Cipher-based Message Authentication Code) mode for block - * ciphers. - * - * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying - * implementation of the CMAC algorithm is provided by an alternate - * implementation, that alternate implementation may opt to not support - * AES-192 or 3DES as underlying block ciphers for the CMAC operation. - * - * Module: library/cmac.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_DES_C - * - */ -#cmakedefine MBEDTLS_CMAC_C - -/** - * \def MBEDTLS_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-based random generator. - * The CTR_DRBG generator uses AES-256 by default. - * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. - * - * AES support can either be achieved through builtin (MBEDTLS_AES_C) or PSA. - * Builtin is the default option when MBEDTLS_AES_C is defined otherwise PSA - * is used. - * - * \warning When using PSA, the user should call `psa_crypto_init()` before - * using any CTR_DRBG operation (except `mbedtls_ctr_drbg_init()`). - * - * \note AES-128 will be used if \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. - * - * \note To achieve a 256-bit security strength with CTR_DRBG, - * you must use AES-256 *and* use sufficient entropy. - * See ctr_drbg.h for more details. - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: MBEDTLS_AES_C or - * (PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING and - * MBEDTLS_PSA_CRYPTO_C) - * - * This module provides the CTR_DRBG AES random number generator. - */ -#cmakedefine MBEDTLS_CTR_DRBG_C - -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_msg.c - * library/ssl_tls.c - * library/ssl_tls12_*.c - * library/ssl_tls13_*.c - * - * This module provides debugging functions. - */ -#cmakedefine MBEDTLS_DEBUG_C - -/** - * \def MBEDTLS_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/pem.c - * library/cipher.c - * - * PEM_PARSE uses DES/3DES for decrypting encrypted keys. - * - * \warning DES/3DES are considered weak ciphers and their use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_DES_C - -/** - * \def MBEDTLS_DHM_C - * - * Enable the Diffie-Hellman-Merkle module. - * - * Module: library/dhm.c - * Caller: library/ssl_tls.c - * library/ssl*_client.c - * library/ssl*_server.c - * - * This module is used by the following key exchanges: - * DHE-RSA, DHE-PSK - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#cmakedefine MBEDTLS_DHM_C - -/** - * \def MBEDTLS_ECDH_C - * - * Enable the elliptic curve Diffie-Hellman library. - * - * Module: library/ecdh.c - * Caller: library/psa_crypto.c - * library/ssl_tls.c - * library/ssl*_client.c - * library/ssl*_server.c - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK - * - * Requires: MBEDTLS_ECP_C - */ -#cmakedefine MBEDTLS_ECDH_C - -/** - * \def MBEDTLS_ECDSA_C - * - * Enable the elliptic curve DSA library. - * - * Module: library/ecdsa.c - * Caller: - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C, - * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a - * short Weierstrass curve. - */ -#cmakedefine MBEDTLS_ECDSA_C - -/** - * \def MBEDTLS_ECJPAKE_C - * - * Enable the elliptic curve J-PAKE library. - * - * \note EC J-PAKE support is based on the Thread v1.0.0 specification. - * It has not been reviewed for compliance with newer standards such as - * Thread v1.1 or RFC 8236. - * - * Module: library/ecjpake.c - * Caller: - * - * This module is used by the following key exchanges: - * ECJPAKE - * - * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C - * - * \warning If using a hash that is only provided by PSA drivers, you must - * call psa_crypto_init() before doing any EC J-PAKE operations. - */ -#cmakedefine MBEDTLS_ECJPAKE_C - -/** - * \def MBEDTLS_ECP_C - * - * Enable the elliptic curve over GF(p) library. - * - * Module: library/ecp.c - * Caller: library/ecdh.c - * library/ecdsa.c - * library/ecjpake.c - * - * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED - */ -#cmakedefine MBEDTLS_ECP_C - -/** - * \def MBEDTLS_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C - * - * This module provides a generic entropy pool - */ -#cmakedefine MBEDTLS_ENTROPY_C - -/** - * \def MBEDTLS_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables mbedtls_strerror(). - */ -#cmakedefine MBEDTLS_ERROR_C - -/** - * \def MBEDTLS_GCM_C - * - * Enable the Galois/Counter Mode (GCM). - * - * Module: library/gcm.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or - * MBEDTLS_ARIA_C - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. - */ -#cmakedefine MBEDTLS_GCM_C - -/** - * \def MBEDTLS_GCM_LARGE_TABLE - * - * Enable large pre-computed tables for Galois/Counter Mode (GCM). - * Can significantly increase throughput on systems without GCM hardware - * acceleration (e.g., AESNI, AESCE). - * - * The mbedtls_gcm_context size will increase by 3840 bytes. - * The code size will increase by roughly 344 bytes. - * - * Module: library/gcm.c - * - * Requires: MBEDTLS_GCM_C - */ -//#define MBEDTLS_GCM_LARGE_TABLE - -/** - * \def MBEDTLS_HKDF_C - * - * Enable the HKDF algorithm (RFC 5869). - * - * Module: library/hkdf.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the Hashed Message Authentication Code - * (HMAC)-based key derivation function (HKDF). - */ -#cmakedefine MBEDTLS_HKDF_C - -/** - * \def MBEDTLS_HMAC_DRBG_C - * - * Enable the HMAC_DRBG random generator. - * - * Module: library/hmac_drbg.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * Uncomment to enable the HMAC_DRBG random number generator. - */ -#cmakedefine MBEDTLS_HMAC_DRBG_C - -/** - * \def MBEDTLS_LMS_C - * - * Enable the LMS stateful-hash asymmetric signature algorithm. - * - * Module: library/lms.c - * Caller: - * - * Requires: MBEDTLS_PSA_CRYPTO_C - * - * Uncomment to enable the LMS verification algorithm and public key operations. - */ -//#define MBEDTLS_LMS_C - -/** - * \def MBEDTLS_LMS_PRIVATE - * - * Enable LMS private-key operations and signing code. Functions enabled by this - * option are experimental, and should not be used in production. - * - * Requires: MBEDTLS_LMS_C - * - * Uncomment to enable the LMS signature algorithm and private key operations. - */ -//#define MBEDTLS_LMS_PRIVATE - -/** - * \def MBEDTLS_NIST_KW_C - * - * Enable the Key Wrapping mode for 128-bit block ciphers, - * as defined in NIST SP 800-38F. Only KW and KWP modes - * are supported. At the moment, only AES is approved by NIST. - * - * Module: library/nist_kw.c - * - * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C - */ -//#define MBEDTLS_NIST_KW_C - -/** - * \def MBEDTLS_MD_C - * - * Enable the generic layer for message digest (hashing) and HMAC. - * - * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, - * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, - * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least - * one hash. - * Module: library/md.c - * Caller: library/constant_time.c - * library/ecdsa.c - * library/ecjpake.c - * library/hkdf.c - * library/hmac_drbg.c - * library/pk.c - * library/pkcs5.c - * library/pkcs12.c - * library/psa_crypto_ecp.c - * library/psa_crypto_rsa.c - * library/rsa.c - * library/ssl_cookie.c - * library/ssl_msg.c - * library/ssl_tls.c - * library/x509.c - * library/x509_crt.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Uncomment to enable generic message digest wrappers. - */ -#cmakedefine MBEDTLS_MD_C - -/** - * \def MBEDTLS_MD5_C - * - * Enable the MD5 hash algorithm. - * - * Module: library/md5.c - * Caller: library/md.c - * library/pem.c - * library/ssl_tls.c - * - * This module is required for TLS 1.2 depending on the handshake parameters. - * Further, it is used for checking MD5-signed certificates, and for PBKDF1 - * when decrypting PEM-encoded encrypted keys. - * - * \warning MD5 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -#cmakedefine MBEDTLS_MD5_C - -/** - * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Enable the buffer allocator implementation that makes use of a (stack) - * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() - * calls) - * - * Module: library/memory_buffer_alloc.c - * - * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS) - * - * Enable this module to enable the buffer memory allocator. - */ -#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -//#define MBEDTLS_NET_C - -/** - * \def MBEDTLS_OID_C - * - * Enable the OID database. - * - * Module: library/oid.c - * Caller: library/asn1write.c - * library/pkcs5.c - * library/pkparse.c - * library/pkwrite.c - * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * This modules translates between OIDs and internal values. - */ -#define MBEDTLS_OID_C - -/** - * \def MBEDTLS_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the VIA PadLock on x86. - */ -//#define MBEDTLS_PADLOCK_C - -/** - * \def MBEDTLS_PEM_PARSE_C - * - * Enable PEM decoding / parsing. - * - * Module: library/pem.c - * Caller: library/dhm.c - * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_BASE64_C - * optionally MBEDTLS_MD5_C, or PSA Crypto with MD5 (see below) - * - * \warning When parsing password-protected files, if MD5 is provided only by - * a PSA driver, you must call psa_crypto_init() before the first file. - * - * This modules adds support for decoding / parsing PEM files. - */ -#define MBEDTLS_PEM_PARSE_C - -/** - * \def MBEDTLS_PEM_WRITE_C - * - * Enable PEM encoding / writing. - * - * Module: library/pem.c - * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for encoding / writing PEM files. - */ -#define MBEDTLS_PEM_WRITE_C - -/** - * \def MBEDTLS_PK_C - * - * Enable the generic public (asymmetric) key layer. - * - * Module: library/pk.c - * Caller: library/psa_crypto_rsa.c - * library/ssl_tls.c - * library/ssl*_client.c - * library/ssl*_server.c - * library/x509.c - * - * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C - * - * Uncomment to enable generic public key wrappers. - */ -#cmakedefine MBEDTLS_PK_C - -/** - * \def MBEDTLS_PK_PARSE_C - * - * Enable the generic public (asymmetric) key parser. - * - * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_C - * - * Uncomment to enable generic public key parse functions. - */ -#cmakedefine MBEDTLS_PK_PARSE_C - -/** - * \def MBEDTLS_PK_WRITE_C - * - * Enable the generic public (asymmetric) key writer. - * - * Module: library/pkwrite.c - * Caller: library/x509write.c - * - * Requires: MBEDTLS_ASN1_WRITE_C, MBEDTLS_OID_C, MBEDTLS_PK_C - * - * Uncomment to enable generic public key write functions. - */ -#cmakedefine MBEDTLS_PK_WRITE_C - -/** - * \def MBEDTLS_PKCS5_C - * - * Enable PKCS#5 functions. - * - * Module: library/pkcs5.c - * - * Auto-enables: MBEDTLS_MD_C - * - * \warning If using a hash that is only provided by PSA drivers, you must - * call psa_crypto_init() before doing any PKCS5 operations. - * - * This module adds support for the PKCS#5 functions. - */ -#cmakedefine MBEDTLS_PKCS5_C - -/** - * \def MBEDTLS_PKCS7_C - * - * Enable PKCS #7 core for using PKCS #7-formatted signatures. - * RFC Link - https://tools.ietf.org/html/rfc2315 - * - * Module: library/pkcs7.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, - * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C, - * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C - * - * This module is required for the PKCS #7 parsing modules. - */ -#cmakedefine MBEDTLS_PKCS7_C - -/** - * \def MBEDTLS_PKCS12_C - * - * Enable PKCS#12 PBE functions. - * Adds algorithms for parsing PKCS#8 encrypted private keys - * - * Module: library/pkcs12.c - * Caller: library/pkparse.c - * - * Requires: MBEDTLS_ASN1_PARSE_C and either MBEDTLS_MD_C or - * MBEDTLS_PSA_CRYPTO_C. - * - * \warning If using a hash that is only provided by PSA drivers, you must - * call psa_crypto_init() before doing any PKCS12 operations. - * - * This module enables PKCS#12 functions. - */ -//#define MBEDTLS_PKCS12_C - -/** - * \def MBEDTLS_PLATFORM_C - * - * Enable the platform abstraction layer that allows you to re-assign - * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). - * - * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT - * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned - * above to be specified at runtime or compile time respectively. - * - * \note This abstraction layer must be enabled on Windows (including MSYS2) - * as other modules rely on it for a fixed snprintf implementation. - * - * Module: library/platform.c - * Caller: Most other .c files - * - * This module enables abstraction of common (libc) functions. - */ -#define MBEDTLS_PLATFORM_C - -/** - * \def MBEDTLS_POLY1305_C - * - * Enable the Poly1305 MAC algorithm. - * - * Module: library/poly1305.c - * Caller: library/chachapoly.c - */ -#cmakedefine MBEDTLS_POLY1305_C - -/** - * \def MBEDTLS_PSA_CRYPTO_C - * - * Enable the Platform Security Architecture (PSA) cryptography API. - * - * \note In multithreaded applications, you must enable #MBEDTLS_THREADING_C, - * unless only one thread ever calls `psa_xxx()` functions. - * That includes indirect calls, such as: - * - performing a TLS handshake if support for TLS 1.3 is enabled; - * - using a TLS 1.3 connection; - * - indirect calls from PK, X.509 or SSL functions when - * #MBEDTLS_USE_PSA_CRYPTO is enabled; - * - indirect calls to calculate a hash when #MBEDTLS_MD_C is disabled; - * - any other call to a function that requires calling psa_crypto_init() - * beforehand. - * - * Module: library/psa_crypto.c - * - * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, - * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, - * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. - * Auto-enables: MBEDTLS_CIPHER_C if any unauthenticated (ie, non-AEAD) cipher - * is enabled in PSA (unless it's fully accelerated, see - * docs/driver-only-builds.md about that). - */ -#cmakedefine MBEDTLS_PSA_CRYPTO_C - -/** - * \def MBEDTLS_PSA_CRYPTO_SE_C - * - * Enable dynamic secure element support in the Platform Security Architecture - * cryptography API. - * - * \deprecated This feature is deprecated. Please switch to the PSA driver - * interface. - * - * \warning This feature is not thread-safe, and should not be used in a - * multi-threaded environment. - * - * Module: library/psa_crypto_se.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C - * - */ -//#define MBEDTLS_PSA_CRYPTO_SE_C - -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_C - * - * Enable the Platform Security Architecture persistent key storage. - * - * Module: library/psa_crypto_storage.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, - * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of - * the PSA ITS interface - */ -#cmakedefine MBEDTLS_PSA_CRYPTO_STORAGE_C - -/** - * \def MBEDTLS_PSA_ITS_FILE_C - * - * Enable the emulation of the Platform Security Architecture - * Internal Trusted Storage (PSA ITS) over files. - * - * Module: library/psa_its_file.c - * - * Requires: MBEDTLS_FS_IO - */ -//#define MBEDTLS_PSA_ITS_FILE_C - -/** - * \def MBEDTLS_PSA_STATIC_KEY_SLOTS - * - * Statically preallocate memory to store keys' material in PSA instead - * of allocating it dynamically when required. This allows builds without a - * heap, if none of the enabled cryptographic implementations or other features - * require it. - * This feature affects both volatile and persistent keys which means that - * it's not possible to persistently store a key which is larger than - * #MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE. - * - * \note This feature comes with a (potentially) higher RAM usage since: - * - All the key slots are allocated no matter if they are used or not. - * - Each key buffer's length is #MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE bytes. - * - * Requires: MBEDTLS_PSA_CRYPTO_C - * - */ -//#cmakedefine MBEDTLS_PSA_STATIC_KEY_SLOTS - -/** - * \def MBEDTLS_RIPEMD160_C - * - * Enable the RIPEMD-160 hash algorithm. - * - * Module: library/ripemd160.c - * Caller: library/md.c - * - */ -#cmakedefine MBEDTLS_RIPEMD160_C - -/** - * \def MBEDTLS_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * library/rsa_alt_helpers.c - * Caller: library/pk.c - * library/psa_crypto.c - * library/ssl_tls.c - * library/ssl*_client.c - * library/ssl*_server.c - * - * This module is used by the following key exchanges: - * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C - */ -#cmakedefine MBEDTLS_RSA_C - -/** - * \def MBEDTLS_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/sha1.c - * Caller: library/md.c - * library/psa_crypto_hash.c - * - * This module is required for TLS 1.2 depending on the handshake parameters, - * and for SHA1-signed certificates. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#cmakedefine MBEDTLS_SHA1_C - -/** - * \def MBEDTLS_SHA224_C - * - * Enable the SHA-224 cryptographic hash algorithm. - * - * Module: library/sha256.c - * Caller: library/md.c - * library/ssl_cookie.c - * - * This module adds support for SHA-224. - */ -#cmakedefine MBEDTLS_SHA224_C - -/** - * \def MBEDTLS_SHA256_C - * - * Enable the SHA-256 cryptographic hash algorithm. - * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_tls.c - * library/ssl*_client.c - * library/ssl*_server.c - * - * This module adds support for SHA-256. - * This module is required for the SSL/TLS 1.2 PRF function. - */ -#cmakedefine MBEDTLS_SHA256_C - -/** - * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - * - * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms - * with the ARMv8 cryptographic extensions if they are available at runtime. - * If not, the library will fall back to the C implementation. - * - * \note If MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building - * for a non-Armv8-A build it will be silently ignored. - * - * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6 or GCC 6.0. - * - * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for - * armclang <= 6.9 - * - * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. - * That name is deprecated, but may still be used as an alternative form for this - * option. - * - * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. - * - * Requires: MBEDTLS_SHA256_C. - * - * Module: library/sha256.c - * - * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions - * and use them if available. - */ -//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - -/** - * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - * - * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. - * This name is now deprecated, but may still be used as an alternative form for - * this option. - */ -//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - -/** - * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - * - * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms - * with the ARMv8 cryptographic extensions, which must be available at runtime - * or else an illegal instruction fault will occur. - * - * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - * - * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6 or GCC 6.0. - * - * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for - * armclang <= 6.9 - * - * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. - * That name is deprecated, but may still be used as an alternative form for this - * option. - * - * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. - * - * Requires: MBEDTLS_SHA256_C. - * - * Module: library/sha256.c - * - * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions - * unconditionally. - */ -//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - -/** - * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - * - * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. - * This name is now deprecated, but may still be used as an alternative form for - * this option. - */ -//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - -/** - * \def MBEDTLS_SHA384_C - * - * Enable the SHA-384 cryptographic hash algorithm. - * - * Module: library/sha512.c - * Caller: library/md.c - * library/psa_crypto_hash.c - * library/ssl_tls.c - * library/ssl*_client.c - * library/ssl*_server.c - * - * Comment to disable SHA-384 - */ -#cmakedefine MBEDTLS_SHA384_C - -/** - * \def MBEDTLS_SHA512_C - * - * Enable SHA-512 cryptographic hash algorithms. - * - * Module: library/sha512.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_tls.c - * library/ssl_cookie.c - * - * This module adds support for SHA-512. - */ -#cmakedefine MBEDTLS_SHA512_C - -/** - * \def MBEDTLS_SHA3_C - * - * Enable the SHA3 cryptographic hash algorithm. - * - * Module: library/sha3.c - * - * This module adds support for SHA3. - */ -//#define MBEDTLS_SHA3_C - -/** - * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - * - * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms - * with the ARMv8 cryptographic extensions if they are available at runtime. - * If not, the library will fall back to the C implementation. - * - * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building - * for a non-Aarch64 build it will be silently ignored. - * - * \note Minimum compiler versions for this feature are Clang 7.0, - * armclang 6.9 or GCC 8.0. - * - * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for - * armclang 6.9 - * - * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. - * - * Requires: MBEDTLS_SHA512_C. - * - * Module: library/sha512.c - * - * Uncomment to have the library check for the A64 SHA-512 crypto extensions - * and use them if available. - */ -//#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - -/** - * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY - * - * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms - * with the ARMv8 cryptographic extensions, which must be available at runtime - * or else an illegal instruction fault will occur. - * - * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - * - * \note Minimum compiler versions for this feature are Clang 7.0, - * armclang 6.9 or GCC 8.0. - * - * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for - * armclang 6.9 - * - * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. - * - * Requires: MBEDTLS_SHA512_C. - * - * Module: library/sha512.c - * - * Uncomment to have the library use the A64 SHA-512 crypto extensions - * unconditionally. - */ -//#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY - -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#cmakedefine MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#cmakedefine MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: (MBEDTLS_CIPHER_C || MBEDTLS_USE_PSA_CRYPTO) && - * (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) - */ -#cmakedefine MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl*_client.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#cmakedefine MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl*_server.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#cmakedefine MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl*_client.c - * library/ssl*_server.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#cmakedefine MBEDTLS_SSL_TLS_C - -/** - * \def MBEDTLS_THREADING_C - * - * Enable the threading abstraction layer. - * - * Traditionally, Mbed TLS assumes it is used in a non-threaded environment or - * that contexts are not shared between threads. If you do intend to use contexts - * between threads, you will need to enable this layer to prevent race - * conditions. - * - * The PSA subsystem has an implicit shared context. Therefore, you must - * enable this option if more than one thread may use any part of - * Mbed TLS that is implemented on top of the PSA subsystem. - * - * You must enable this option in multithreaded applications where more than - * one thread performs any of the following operations: - * - * - Any call to a PSA function (`psa_xxx()`). - * - Any call to a TLS, X.509 or PK function (`mbedtls_ssl_xxx()`, - * `mbedtls_x509_xxx()`, `mbedtls_pkcs7_xxx()`, `mbedtls_pk_xxx()`) - * if `MBEDTLS_USE_PSA_CRYPTO` is enabled (regardless of whether individual - * TLS, X.509 or PK contexts are shared between threads). - * - A TLS 1.3 connection, regardless of the compile-time configuration. - * - Any library feature that calculates a hash, if `MBEDTLS_MD_C` is disabled. - * As an exception, algorithm-specific low-level modules do not require - * threading protection unless the contexts are shared between threads. - * - Any library feature that performs symmetric encryption or decryption, - * if `MBEDTLS_CIPHER_C` is disabled. - * As an exception, algorithm-specific low-level modules do not require - * threading protection unless the contexts are shared between threads. - * - Any use of a cryptographic context if the same context is used in - * multiple threads. - * - Any call to a function where the documentation specifies that - * psa_crypto_init() must be called prior to that function. - * - * See also our Knowledge Base article about threading: - * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading - * - * Module: library/threading.c - * - * This allows different threading implementations (self-implemented or - * provided). - * - * You will have to enable either MBEDTLS_THREADING_ALT or - * MBEDTLS_THREADING_PTHREAD. - * - * Enable this layer to allow use of mutexes within Mbed TLS - */ -#cmakedefine MBEDTLS_THREADING_C - -/** - * \def MBEDTLS_TIMING_C - * - * Enable the semi-portable timing interface. - * - * \note The provided implementation only works on POSIX/Unix (including Linux, - * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting - * \c MBEDTLS_TIMING_ALT in the current file. - * - * \note The timing module will include time.h on suitable platforms - * regardless of the setting of MBEDTLS_HAVE_TIME, unless - * MBEDTLS_TIMING_ALT is used. See timing.c for more information. - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/timing.c - */ -//#define MBEDTLS_TIMING_C - -/** - * \def MBEDTLS_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define MBEDTLS_VERSION_C - -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, - * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) - * - * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call - * psa_crypto_init() before doing any X.509 operation. - * - * This module is required for the X.509 parsing modules. - */ -#cmakedefine MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_tls.c - * library/ssl*_client.c - * library/ssl*_server.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#cmakedefine MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#cmakedefine MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#cmakedefine MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, - * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) - * - * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call - * psa_crypto_init() before doing any X.509 create operation. - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#cmakedefine MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#cmakedefine MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#cmakedefine MBEDTLS_X509_CSR_WRITE_C - -/** \} name SECTION: Mbed TLS modules */ - -/** - * \name SECTION: General configuration options - * - * This section contains Mbed TLS build settings that are not associated - * with a particular module. - * - * \{ - */ - -/** - * \def MBEDTLS_CONFIG_FILE - * - * If defined, this is a header which will be included instead of - * `"mbedtls/mbedtls_config.h"`. - * This header file specifies the compile-time configuration of Mbed TLS. - * Unlike other configuration options, this one must be defined on the - * compiler command line: a definition in `mbedtls_config.h` would have - * no effect. - * - * This macro is expanded after an \#include directive. This is a popular but - * non-standard feature of the C language, so this feature is only available - * with compilers that perform macro expansion on an \#include line. - * - * The value of this symbol is typically a path in double quotes, either - * absolute or relative to a directory on the include search path. - */ -//#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h" - -/** - * \def MBEDTLS_USER_CONFIG_FILE - * - * If defined, this is a header which will be included after - * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE. - * This allows you to modify the default configuration, including the ability - * to undefine options that are enabled by default. - * - * This macro is expanded after an \#include directive. This is a popular but - * non-standard feature of the C language, so this feature is only available - * with compilers that perform macro expansion on an \#include line. - * - * The value of this symbol is typically a path in double quotes, either - * absolute or relative to a directory on the include search path. - */ -//#define MBEDTLS_USER_CONFIG_FILE "/dev/null" - -/** - * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE - * - * If defined, this is a header which will be included instead of - * `"psa/crypto_config.h"`. - * This header file specifies which cryptographic mechanisms are available - * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and - * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled. - * - * This macro is expanded after an \#include directive. This is a popular but - * non-standard feature of the C language, so this feature is only available - * with compilers that perform macro expansion on an \#include line. - * - * The value of this symbol is typically a path in double quotes, either - * absolute or relative to a directory on the include search path. - */ -//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" - -/** - * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE - * - * If defined, this is a header which will be included after - * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. - * This allows you to modify the default configuration, including the ability - * to undefine options that are enabled by default. - * - * This macro is expanded after an \#include directive. This is a popular but - * non-standard feature of the C language, so this feature is only available - * with compilers that perform macro expansion on an \#include line. - * - * The value of this symbol is typically a path in double quotes, either - * absolute or relative to a directory on the include search path. - */ -//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" - -/** - * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE - * - * If defined, this is a header which will be included instead of - * `"psa/crypto_platform.h"`. This file should declare the same identifiers - * as the one in Mbed TLS, but with definitions adapted to the platform on - * which the library code will run. - * - * \note The required content of this header can vary from one version of - * Mbed TLS to the next. Integrators who provide an alternative file - * should review the changes in the original file whenever they - * upgrade Mbed TLS. - * - * This macro is expanded after an \#include directive. This is a popular but - * non-standard feature of the C language, so this feature is only available - * with compilers that perform macro expansion on an \#include line. - * - * The value of this symbol is typically a path in double quotes, either - * absolute or relative to a directory on the include search path. - */ -//#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h" - -/** - * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE - * - * If defined, this is a header which will be included instead of - * `"psa/crypto_struct.h"`. This file should declare the same identifiers - * as the one in Mbed TLS, but with definitions adapted to the environment - * in which the library code will run. The typical use for this feature - * is to provide alternative type definitions on the client side in - * client-server integrations of PSA crypto, where operation structures - * contain handles instead of cryptographic data. - * - * \note The required content of this header can vary from one version of - * Mbed TLS to the next. Integrators who provide an alternative file - * should review the changes in the original file whenever they - * upgrade Mbed TLS. - * - * This macro is expanded after an \#include directive. This is a popular but - * non-standard feature of the C language, so this feature is only available - * with compilers that perform macro expansion on an \#include line. - * - * The value of this symbol is typically a path in double quotes, either - * absolute or relative to a directory on the include search path. - */ -//#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h" - -/** \} name SECTION: General configuration options */ - -/** - * \name SECTION: Module configuration options - * - * This section allows for the setting of module specific sizes and - * configuration options. The default values are already present in the - * relevant header files and should suffice for the regular use cases. - * - * Our advice is to enable options and change their values here - * only if you have a good reason and know the consequences. - * \{ - */ -/* The Doxygen documentation here is used when a user comments out a - * setting and runs doxygen themselves. On the other hand, when we typeset - * the full documentation including disabled settings, the documentation - * in specific modules' header files is used if present. When editing this - * file, make sure that each option is documented in exactly one place, - * plus optionally a same-line Doxygen comment here if there is a Doxygen - * comment in the specific module. */ - -/* MPI / BIGNUM options */ -#cmakedefine MBEDTLS_MPI_WINDOW_SIZE @MBEDTLS_MPI_WINDOW_SIZE@ /**< Maximum window size used. */ -#cmakedefine MBEDTLS_MPI_MAX_SIZE @MBEDTLS_MPI_MAX_SIZE@ /**< Maximum number of bytes for usable MPIs. */ - -/* CTR_DRBG options */ -//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ -/*! Maximal reseed counter - indicates maximal number of -requests allowed between reseeds; according to NIST 800-90 -it is (2^48 - 1), our restriction is : (int - 0xFFFF - 0xF).*/ -#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 0xFFF0 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* HMAC_DRBG options */ -//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* ECP options */ -#cmakedefine MBEDTLS_ECP_WINDOW_SIZE @MBEDTLS_ECP_WINDOW_SIZE@ /**< Maximum window size used */ -#cmakedefine MBEDTLS_ECP_FIXED_POINT_OPTIM @MBEDTLS_ECP_FIXED_POINT_OPTIM@ /**< Enable fixed-point speed-up */ - -/* Entropy options */ -#cmakedefine MBEDTLS_ENTROPY_MAX_SOURCES @MBEDTLS_ENTROPY_MAX_SOURCES@ /**< Maximum number of sources supported */ -#define MBEDTLS_ENTROPY_MAX_GATHER 144 /**< Maximum amount requested from entropy sources */ -//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ - -/* Memory buffer allocator options */ -//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ - -/* Platform options */ -//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ - -/** \def MBEDTLS_PLATFORM_STD_CALLOC - * - * Default allocator to use, can be undefined. - * It must initialize the allocated buffer memory to zeroes. - * The size of the buffer is the product of the two parameters. - * The calloc function returns either a null pointer or a pointer to the allocated space. - * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function. - * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. - * See the description of #MBEDTLS_PLATFORM_MEMORY for more details. - * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE. - */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc - -/** \def MBEDTLS_PLATFORM_STD_FREE - * - * Default free to use, can be undefined. - * NULL is a valid parameter, and the function must do nothing. - * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. - * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. - * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). - */ -//#define MBEDTLS_PLATFORM_STD_FREE free -//#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correctly zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ - -/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */ -/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */ -//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correctly zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/ -//#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */ - -/** \def MBEDTLS_CHECK_RETURN - * - * This macro is used at the beginning of the declaration of a function - * to indicate that its return value should be checked. It should - * instruct the compiler to emit a warning or an error if the function - * is called without checking its return value. - * - * There is a default implementation for popular compilers in platform_util.h. - * You can override the default implementation by defining your own here. - * - * If the implementation here is empty, this will effectively disable the - * checking of functions' return values. - */ -//#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__)) - -/** \def MBEDTLS_IGNORE_RETURN - * - * This macro requires one argument, which should be a C function call. - * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this - * warning is suppressed. - */ -//#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result)) - -/* PSA options */ -/** - * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the - * PSA crypto subsystem. - * - * If this option is unset, the library chooses a hash (currently between - * #MBEDTLS_MD_SHA512 and #MBEDTLS_MD_SHA256) based on availability and - * unspecified heuristics. - * - * \note The PSA crypto subsystem uses the first available mechanism amongst - * the following: - * - #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if enabled; - * - Entropy from #MBEDTLS_ENTROPY_C plus CTR_DRBG with AES - * if #MBEDTLS_CTR_DRBG_C is enabled; - * - Entropy from #MBEDTLS_ENTROPY_C plus HMAC_DRBG. - * - * A future version may reevaluate the prioritization of DRBG mechanisms. - */ -//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 - -/** \def MBEDTLS_PSA_KEY_SLOT_COUNT - * - * When #MBEDTLS_PSA_KEY_STORE_DYNAMIC is disabled, - * the maximum amount of PSA keys simultaneously in memory. This counts all - * volatile keys, plus loaded persistent keys. - * - * When #MBEDTLS_PSA_KEY_STORE_DYNAMIC is enabled, - * the maximum number of loaded persistent keys. - * - * Currently, persistent keys do not need to be loaded all the time while - * a multipart operation is in progress, only while the operation is being - * set up. This may change in future versions of the library. - * - * Currently, the library traverses of the whole table on each access to a - * persistent key. Therefore large values may cause poor performance. - * - * This option has no effect when #MBEDTLS_PSA_CRYPTO_C is disabled. - */ -#cmakedefine MBEDTLS_PSA_KEY_SLOT_COUNT @MBEDTLS_PSA_KEY_SLOT_COUNT@ - -/** - * \def MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE - * - * Define the size (in bytes) of each static key buffer when - * #MBEDTLS_PSA_STATIC_KEY_SLOTS is set. If not - * explicitly defined then it's automatically guessed from available PSA keys - * enabled in the build through PSA_WANT_xxx symbols. - * If required by the application this parameter can be set to higher values - * in order to store larger objects (ex: raw keys), but please note that this - * will increase RAM usage. - */ -//#define MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE 256 - -/* RSA OPTIONS */ -//#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */ - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum length (in bytes) of incoming plaintext fragments. - * - * This determines the size of the incoming TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer. - */ -#cmakedefine MBEDTLS_SSL_IN_CONTENT_LEN @MBEDTLS_SSL_IN_CONTENT_LEN@ - -/** \def MBEDTLS_SSL_CID_IN_LEN_MAX - * - * The maximum length of CIDs used for incoming DTLS messages. - * - */ -//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 - -/** \def MBEDTLS_SSL_CID_OUT_LEN_MAX - * - * The maximum length of CIDs used for outgoing DTLS messages. - * - */ -//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 - -/** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY - * - * This option controls the use of record plaintext padding - * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2. - * - * The padding will always be chosen so that the length of the - * padded plaintext is a multiple of the value of this option. - * - * Note: A value of \c 1 means that no padding will be used - * for outgoing records. - * - * Note: On systems lacking division instructions, - * a power of two should be preferred. - */ -//#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum length (in bytes) of outgoing plaintext fragments. - * - * This determines the size of the outgoing TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer. - */ -#cmakedefine MBEDTLS_SSL_OUT_CONTENT_LEN @MBEDTLS_SSL_OUT_CONTENT_LEN@ - -/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING - * - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - * - * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN - * to account for a reassembled handshake message of maximum size, - * together with its reassembly bitmap. - * - * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) - * should be sufficient for all practical situations as it allows - * to reassembly a large handshake message (such as a certificate) - * while buffering multiple smaller handshake messages. - * - */ -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 - -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -#cmakedefine MBEDTLS_SSL_CIPHERSUITES @MBEDTLS_SSL_CIPHERSUITES@ - -/** - * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE - * - * The default maximum amount of 0-RTT data. See the documentation of - * \c mbedtls_ssl_conf_max_early_data_size() for more information. - * - * It must be positive and smaller than UINT32_MAX. - * - * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not - * have any impact on the build. - */ -//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 - -/** - * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - * - * Maximum allowed ticket age difference in milliseconds tolerated between - * server and client. Default value is 6000. This is not used in TLS 1.2. - * - * - The client ticket age is the time difference between the time when the - * client proposes to the server to use the ticket and the time the client - * received the ticket from the server. - * - The server ticket age is the time difference between the time when the - * server receives a proposition from the client to use the ticket and the - * time when the ticket was created by the server. - * - * The ages might be different due to the client and server clocks not running - * at the same pace. The typical accuracy of an RTC crystal is ±100 to ±20 parts - * per million (360 to 72 milliseconds per hour). Default tolerance window is - * 6s, thus in the worst case clients and servers must sync up their system time - * every 6000/360/2~=8 hours. - * - * See section 8.3 of the TLS 1.3 specification(RFC 8446) for more information. - */ -//#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 - -/** - * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH - * - * Size in bytes of a ticket nonce. This is not used in TLS 1.2. - * - * This must be less than 256. - */ -//#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 - -/** - * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS - * - * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server - * after handshake completion. This is not used in TLS 1.2 and relevant only if - * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. - * - */ -//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ - -#if defined(CONFIG_MBEDTLS_OPENTHREAD_OPTIMIZATIONS_ENABLED) -#define MBEDTLS_MPI_WINDOW_SIZE 1 /**< Maximum windows size used. */ -#define MBEDTLS_MPI_MAX_SIZE 32 /**< Maximum number of bytes for usable MPIs. */ -#define MBEDTLS_ECP_WINDOW_SIZE 2 /**< Maximum window size used */ -#define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 /**< Enable fixed-point speed-up */ -#endif - -#if defined(CONFIG_MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME) -#define MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME -#endif - -#if CONFIG_MBEDTLS_CMAC_ALT -/* NCSDK-24838 */ -#define MBEDTLS_CIPHER_MODE_CBC -#endif - -/** \} name SECTION: Module configuration options */ - -#endif /* LEGACY_CRYPTO_CONFIG_H */ diff --git a/subsys/nrf_security/configs/nrf-config.h.template b/subsys/nrf_security/configs/nrf-config.h.template index 4c9da049a9bc..a7e3538086ab 100644 --- a/subsys/nrf_security/configs/nrf-config.h.template +++ b/subsys/nrf_security/configs/nrf-config.h.template @@ -11,98 +11,11 @@ #ifndef MBEDTLS_CONFIG_FILE_H #define MBEDTLS_CONFIG_FILE_H -/* This file includes configurations for Mbed TLS for platform and TLS/DTLS and X.509 - * and it should be used inside TF-M build and when CONFIG_MBEDTLS_LEGACY_CRYPTO_C is - * not used - */ - -/* TF-M */ -#cmakedefine MBEDTLS_PSA_CRYPTO_SPM - -/* PSA core configurations */ -#cmakedefine MBEDTLS_PSA_CRYPTO_CLIENT -#cmakedefine MBEDTLS_PSA_CRYPTO_C -#cmakedefine MBEDTLS_USE_PSA_CRYPTO -#cmakedefine MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS -/* Avoid redefinition as TF-M defines this on the command line */ -#ifndef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER -#cmakedefine MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER -#endif - /* Platform */ -#cmakedefine MBEDTLS_PLATFORM_C -#cmakedefine MBEDTLS_PLATFORM_MEMORY -#cmakedefine MBEDTLS_NO_PLATFORM_ENTROPY -#cmakedefine MBEDTLS_MEMORY_BUFFER_ALLOC_C #cmakedefine MBEDTLS_DEBUG_C -#cmakedefine MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG - -/* Platform configurations for _ALT defines */ -#cmakedefine MBEDTLS_PLATFORM_EXIT_ALT -#cmakedefine MBEDTLS_PLATFORM_FPRINTF_ALT -#cmakedefine MBEDTLS_PLATFORM_PRINTF_ALT -#cmakedefine MBEDTLS_PLATFORM_SNPRINTF_ALT -#cmakedefine MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT -#cmakedefine MBEDTLS_ENTROPY_HARDWARE_ALT - -/* Threading configurations */ -#cmakedefine MBEDTLS_THREADING_C -#cmakedefine MBEDTLS_THREADING_ALT - -/* Legacy configurations for _ALT defines */ -#cmakedefine MBEDTLS_AES_SETKEY_ENC_ALT -#cmakedefine MBEDTLS_AES_SETKEY_DEC_ALT -#cmakedefine MBEDTLS_AES_ENCRYPT_ALT -#cmakedefine MBEDTLS_AES_DECRYPT_ALT -#cmakedefine MBEDTLS_AES_ALT -#cmakedefine MBEDTLS_CMAC_ALT -#cmakedefine MBEDTLS_CCM_ALT -#cmakedefine MBEDTLS_GCM_ALT -#cmakedefine MBEDTLS_CHACHA20_ALT -#cmakedefine MBEDTLS_POLY1305_ALT -#cmakedefine MBEDTLS_CHACHAPOLY_ALT -#cmakedefine MBEDTLS_DHM_ALT -#cmakedefine MBEDTLS_ECP_ALT -#cmakedefine MBEDTLS_ECDH_GEN_PUBLIC_ALT -#cmakedefine MBEDTLS_ECDH_COMPUTE_SHARED_ALT -#cmakedefine MBEDTLS_ECDSA_GENKEY_ALT -#cmakedefine MBEDTLS_ECDSA_SIGN_ALT -#cmakedefine MBEDTLS_ECDSA_VERIFY_ALT -#cmakedefine MBEDTLS_ECJPAKE_ALT -#cmakedefine MBEDTLS_RSA_ALT -#cmakedefine MBEDTLS_SHA1_ALT -#cmakedefine MBEDTLS_SHA224_ALT -#cmakedefine MBEDTLS_SHA256_ALT -#cmakedefine MBEDTLS_SHA384_ALT -#cmakedefine MBEDTLS_SHA512_ALT - -/* Legacy configuration for RNG */ -#cmakedefine MBEDTLS_ENTROPY_FORCE_SHA256 -#cmakedefine MBEDTLS_ENTROPY_MAX_SOURCES @MBEDTLS_ENTROPY_MAX_SOURCES@ -#cmakedefine MBEDTLS_NO_PLATFORM_ENTROPY - -/* Nordic defines for library support. Note that these configurations are used by the PSA interface */ -#cmakedefine MBEDTLS_LEGACY_CRYPTO_C -#cmakedefine MBEDTLS_TLS_LIBRARY -#cmakedefine MBEDTLS_X509_LIBRARY - -/* Platform configurations for Mbed TLS APIs*/ -#cmakedefine MBEDTLS_BASE64_C -#cmakedefine MBEDTLS_OID_C -#cmakedefine MBEDTLS_ASN1_PARSE_C -#cmakedefine MBEDTLS_ASN1_WRITE_C - -/* Ensure these are not enabled internal in NS build */ -#if !defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(INSIDE_TFM_BUILD) /* Legacy configurations for Mbed TLS APIs */ #cmakedefine MBEDTLS_CIPHER_C -#cmakedefine MBEDTLS_MD_C -#cmakedefine MBEDTLS_PK_C -#cmakedefine MBEDTLS_PK_WRITE_C -#cmakedefine MBEDTLS_PK_PARSE_C -#cmakedefine MBEDTLS_PEM_PARSE_C -#cmakedefine MBEDTLS_PEM_WRITE_C /* TLS/DTLS configurations */ #cmakedefine MBEDTLS_SSL_ALL_ALERT_MESSAGES @@ -155,30 +68,9 @@ #cmakedefine MBEDTLS_PKCS7_C #cmakedefine MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED #cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED #cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED #cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED #cmakedefine MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -#endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(INSIDE_TFM_BUILD) */ - -#cmakedefine MBEDTLS_PSA_CRYPTO_CONFIG - -/* Controlling some MPI sizes */ -#cmakedefine MBEDTLS_MPI_WINDOW_SIZE @MBEDTLS_MPI_WINDOW_SIZE@ /**< Maximum window size used. */ -#cmakedefine MBEDTLS_MPI_MAX_SIZE @MBEDTLS_MPI_MAX_SIZE@ /**< Maximum number of bytes for usable MPIs. */ - -#if CONFIG_MBEDTLS_CMAC_ALT -/* NCSDK-24838 */ -#define MBEDTLS_CIPHER_MODE_CBC -#endif - -/* KRKNWK-20181 */ -#cmakedefine MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME - #endif /* MBEDTLS_CONFIG_FILE_H */ diff --git a/subsys/nrf_security/configs/psa_crypto_config.h.template b/subsys/nrf_security/configs/psa_crypto_config.h.template index aa3923a352fe..4383afce3730 100644 --- a/subsys/nrf_security/configs/psa_crypto_config.h.template +++ b/subsys/nrf_security/configs/psa_crypto_config.h.template @@ -8,9 +8,26 @@ #ifndef PSA_CRYPTO_USER_CONFIG_H #define PSA_CRYPTO_USER_CONFIG_H -/* PSA Core implementation */ -#cmakedefine PSA_CORE_OBERON @PSA_CORE_OBERON@ +/* PSA core configuration */ +#cmakedefine MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS +#cmakedefine MBEDTLS_PSA_CRYPTO_DRIVERS @MBEDTLS_PSA_CRYPTO_DRIVERS@ +#cmakedefine MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG +#cmakedefine MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER +#cmakedefine MBEDTLS_PSA_CRYPTO_STORAGE_C +#cmakedefine MBEDTLS_PSA_STATIC_KEY_SLOTS +#cmakedefine MBEDTLS_PSA_KEY_SLOT_COUNT @MBEDTLS_PSA_KEY_SLOT_COUNT@ + +/* Platform _ALT */ +#cmakedefine MBEDTLS_PLATFORM_EXIT_ALT +#cmakedefine MBEDTLS_PLATFORM_FPRINTF_ALT +#cmakedefine MBEDTLS_PLATFORM_PRINTF_ALT +#cmakedefine MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT +#cmakedefine MBEDTLS_PLATFORM_SNPRINTF_ALT + +/* TF-M */ +#cmakedefine MBEDTLS_PSA_CRYPTO_SPM +/* RSA */ #cmakedefine PSA_MAX_RSA_KEY_BITS @PSA_MAX_RSA_KEY_BITS@ /* @@ -506,16 +523,6 @@ #cmakedefine PSA_NEED_CRACEN_RNG_NO_ENTROPY_WORKAROUND @PSA_NEED_CRACEN_RNG_NO_ENTROPY_WORKAROUND@ #cmakedefine PSA_NEED_CRACEN_ECC_KEY_GEN_PKE @PSA_NEED_CRACEN_ECC_KEY_GEN_PKE@ -/* PSA and drivers */ -#cmakedefine MBEDTLS_PSA_CRYPTO_C -#cmakedefine MBEDTLS_PSA_CRYPTO_STORAGE_C -/* MBEDTLS_PSA_CRYPTO_DRIVERS is defined to 1 by TF-M's build system. */ -#cmakedefine MBEDTLS_PSA_CRYPTO_DRIVERS @MBEDTLS_PSA_CRYPTO_DRIVERS@ -#cmakedefine MBEDTLS_PSA_CRYPTO_CLIENT -#cmakedefine MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG -#cmakedefine MBEDTLS_PSA_KEY_SLOT_COUNT @MBEDTLS_PSA_KEY_SLOT_COUNT@ -#cmakedefine MBEDTLS_PSA_STATIC_KEY_SLOTS @MBEDTLS_PSA_STATIC_KEY_SLOTS@ - #include #include diff --git a/subsys/nrf_security/configs/psa_crypto_want_config.h.template b/subsys/nrf_security/configs/psa_crypto_want_config.h.template index 98799a4ba4d2..3d0b24894f4e 100644 --- a/subsys/nrf_security/configs/psa_crypto_want_config.h.template +++ b/subsys/nrf_security/configs/psa_crypto_want_config.h.template @@ -8,6 +8,32 @@ #ifndef PSA_CRYPTO_CONFIG_H #define PSA_CRYPTO_CONFIG_H +#cmakedefine MBEDTLS_PSA_CRYPTO_C +#cmakedefine MBEDTLS_PSA_CRYPTO_CLIENT + +#cmakedefine MBEDTLS_ASN1_PARSE_C +#cmakedefine MBEDTLS_ASN1_WRITE_C +#cmakedefine MBEDTLS_BASE64_C +#cmakedefine MBEDTLS_MD_C +#cmakedefine MBEDTLS_MEMORY_BUFFER_ALLOC_C +#cmakedefine MBEDTLS_MPI_MAX_SIZE @MBEDTLS_MPI_MAX_SIZE@ +#cmakedefine MBEDTLS_MPI_WINDOW_SIZE @MBEDTLS_MPI_WINDOW_SIZE@ +#cmakedefine MBEDTLS_PEM_PARSE_C +#cmakedefine MBEDTLS_PEM_WRITE_C +#cmakedefine MBEDTLS_PLATFORM_C +#cmakedefine MBEDTLS_PLATFORM_MEMORY +#cmakedefine MBEDTLS_PK_C +#cmakedefine MBEDTLS_PK_PARSE_C +#cmakedefine MBEDTLS_PK_WRITE_C +#cmakedefine MBEDTLS_PKCS5_C +#cmakedefine MBEDTLS_THREADING_ALT +#cmakedefine MBEDTLS_THREADING_C + +#cmakedefine MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS +#cmakedefine MBEDTLS_BIGNUM_C +#cmakedefine MBEDTLS_ECP_C +#cmakedefine MBEDTLS_SHA256_SMALLER + #cmakedefine PSA_WANT_AES_KEY_SIZE_128 @PSA_WANT_AES_KEY_SIZE_128@ #cmakedefine PSA_WANT_AES_KEY_SIZE_192 @PSA_WANT_AES_KEY_SIZE_192@ #cmakedefine PSA_WANT_AES_KEY_SIZE_256 @PSA_WANT_AES_KEY_SIZE_256@ @@ -40,9 +66,7 @@ #cmakedefine PSA_WANT_ALG_RSA_OAEP @PSA_WANT_ALG_RSA_OAEP@ #cmakedefine PSA_WANT_ALG_RSA_PKCS1V15_CRYPT @PSA_WANT_ALG_RSA_PKCS1V15_CRYPT@ #cmakedefine PSA_WANT_ALG_RSA_PKCS1V15_SIGN @PSA_WANT_ALG_RSA_PKCS1V15_SIGN@ -#cmakedefine PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW @PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW@ #cmakedefine PSA_WANT_ALG_RSA_PSS @PSA_WANT_ALG_RSA_PSS@ -#cmakedefine PSA_WANT_ALG_RSA_PSS_ANY_SALT @PSA_WANT_ALG_RSA_PSS_ANY_SALT@ #cmakedefine PSA_WANT_ALG_SHA3_224 @PSA_WANT_ALG_SHA3_224@ #cmakedefine PSA_WANT_ALG_SHA3_256 @PSA_WANT_ALG_SHA3_256@ #cmakedefine PSA_WANT_ALG_SHA3_384 @PSA_WANT_ALG_SHA3_384@ diff --git a/subsys/nrf_security/include/mbedtls/platform.h b/subsys/nrf_security/include/mbedtls/platform.h deleted file mode 100644 index 616eb790d8d5..000000000000 --- a/subsys/nrf_security/include/mbedtls/platform.h +++ /dev/null @@ -1,398 +0,0 @@ -/* - * Copyright (c) 2018 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * \file platform.h - * - * \brief This file contains the definitions and functions of the - * Mbed TLS platform abstraction layer. - * - * The platform abstraction layer removes the need for the library - * to directly link to standard C library functions or operating - * system services, making the library easier to port and embed. - * Application developers and users of the library can provide their own - * implementations of these functions, or implementations specific to - * their platform, which can be statically linked to the library or - * dynamically configured at runtime. - */ - -#ifndef MBEDTLS_PLATFORM_H -#define MBEDTLS_PLATFORM_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_HAVE_TIME) -#include "mbedtls/platform_time.h" -#endif - -/** \brief Hardware accelerator failed */ -#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 -/** \brief The requested feature is not supported by the platform */ -#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 - -#ifdef __cplusplus -extern "C" { -#endif - -/* The older Microsoft Windows common runtime provides non-conforming - * implementations of some standard library functions, including snprintf - * and vsnprintf. This affects MSVC and MinGW builds. - */ -#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900) -#define MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF -#define MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF -#endif - -#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) -#include -#include -#include -#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF) -#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) -/**< The default \c snprintf function to use. */ -#define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf -#else -#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< The default \c snprintf function to use. */ -#endif -#endif -#if !defined(MBEDTLS_PLATFORM_STD_VSNPRINTF) -#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) -/** \brief The default \c vsnprintf function to use. */ -#define MBEDTLS_PLATFORM_STD_VSNPRINTF mbedtls_platform_win32_vsnprintf -#else -#define MBEDTLS_PLATFORM_STD_VSNPRINTF vsnprintf /**< The default \c vsnprintf function to use. */ -#endif -#endif -#if !defined(MBEDTLS_PLATFORM_STD_PRINTF) -#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< The default \c printf function to use. */ -#endif -#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF) -#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< The default \c fprintf function to use. */ -#endif - -/* We intentionally don't set MBEDTLS_PLATFORM_STD_CALLOC to 'calloc' and - * MBEDTLS_PLATFORM_STD_FREE to 'free' here. - * This would pull in stdlib heap usage such as the function `_sbrk'. - * When these are undefined platform.c will define stub functions, which are - * never used as we call mbedtls_platform_set_calloc_free to set alternative - * heap functions. - */ - -#if !defined(MBEDTLS_PLATFORM_STD_EXIT) -#define MBEDTLS_PLATFORM_STD_EXIT exit /**< The default \c exit function to use. */ -#endif -#if !defined(MBEDTLS_PLATFORM_STD_TIME) -#define MBEDTLS_PLATFORM_STD_TIME time /**< The default \c time function to use. */ -#endif -#if !defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) -#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS EXIT_SUCCESS /**< The default exit value to use. */ -#endif -#if !defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE) -#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE EXIT_FAILURE /**< The default exit value to use. */ -#endif -#if defined(MBEDTLS_FS_IO) -#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) -#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read -#endif -#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) -#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write -#endif -#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE) -#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" -#endif -#endif /* MBEDTLS_FS_IO */ -#else /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ -#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) -#include MBEDTLS_PLATFORM_STD_MEM_HDR -#endif -#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ - -/* - * The function pointers for calloc and free. - */ -#if defined(MBEDTLS_PLATFORM_MEMORY) -#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && defined(MBEDTLS_PLATFORM_CALLOC_MACRO) -#define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO -#define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO -#else -/* For size_t */ -#include -extern void *mbedtls_calloc(size_t n, size_t size); -extern void mbedtls_free(void *ptr); - -/** - * \brief This function dynamically sets the memory-management - * functions used by the library, during runtime. - * - * \param calloc_func The \c calloc function implementation. - * \param free_func The \c free function implementation. - * - * \return \c 0. - */ -int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t), - void (*free_func)(void *)); -#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ -#else /* !MBEDTLS_PLATFORM_MEMORY */ -#define mbedtls_free free -#define mbedtls_calloc calloc -#endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */ - -/* - * The function pointers for fprintf - */ -#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) -/* We need FILE * */ -#include -extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...); - -/** - * \brief This function dynamically configures the fprintf - * function that is called when the - * mbedtls_fprintf() function is invoked by the library. - * - * \param fprintf_func The \c fprintf function implementation. - * - * \return \c 0. - */ -int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *, ...)); -#else -#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) -#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO -#else -#define mbedtls_fprintf fprintf -#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */ -#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ - -/* - * The function pointers for printf - */ -#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) -extern int (*mbedtls_printf)(const char *format, ...); - -/** - * \brief This function dynamically configures the snprintf - * function that is called when the mbedtls_snprintf() - * function is invoked by the library. - * - * \param printf_func The \c printf function implementation. - * - * \return \c 0 on success. - */ -int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...)); -#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) -#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO -#else -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */ -#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ - -/* - * The function pointers for snprintf - * - * The snprintf implementation should conform to C99: - * - it *must* always correctly zero-terminate the buffer - * (except when n == 0, then it must leave the buffer untouched) - * - however it is acceptable to return -1 instead of the required length when - * the destination buffer is too short. - */ -#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) -/* For Windows (inc. MSYS2), we provide our own fixed implementation */ -int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...); -#endif - -#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) -extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...); - -/** - * \brief This function allows configuring a custom - * \c snprintf function pointer. - * - * \param snprintf_func The \c snprintf function implementation. - * - * \return \c 0 on success. - */ -int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n, const char *format, ...)); -#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) -#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO -#else -#define mbedtls_snprintf MBEDTLS_PLATFORM_STD_SNPRINTF -#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */ -#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ - -/* - * The function pointers for vsnprintf - * - * The vsnprintf implementation should conform to C99: - * - it *must* always correctly zero-terminate the buffer - * (except when n == 0, then it must leave the buffer untouched) - * - however it is acceptable to return -1 instead of the required length when - * the destination buffer is too short. - */ -#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) -#include -/* For Older Windows (inc. MSYS2), we provide our own fixed implementation */ -int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg); -#endif - -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) -#include -extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list arg); - -/** - * \brief Set your own snprintf function pointer - * - * \param vsnprintf_func The \c vsnprintf function implementation - * - * \return \c 0 - */ -int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n, const char *format, - va_list arg)); -#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) -#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO -#else -#define mbedtls_vsnprintf vsnprintf -#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */ -#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ - -/* - * The function pointers for exit - */ -#if defined(MBEDTLS_PLATFORM_EXIT_ALT) -extern void (*mbedtls_exit)(int status); - -/** - * \brief This function dynamically configures the exit - * function that is called when the mbedtls_exit() - * function is invoked by the library. - * - * \param exit_func The \c exit function implementation. - * - * \return \c 0 on success. - */ -int mbedtls_platform_set_exit(void (*exit_func)(int status)); -#else -#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) -#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO -#else -#include -#define mbedtls_exit exit -#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */ -void mbedtls_exit(int status); -#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ - -/* - * The default exit values - */ -#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) -#define MBEDTLS_EXIT_SUCCESS MBEDTLS_PLATFORM_STD_EXIT_SUCCESS -#else -#define MBEDTLS_EXIT_SUCCESS 0 -#endif -#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE) -#define MBEDTLS_EXIT_FAILURE MBEDTLS_PLATFORM_STD_EXIT_FAILURE -#else -#define MBEDTLS_EXIT_FAILURE 1 -#endif - -/* - * The function pointers for reading from and writing a seed file to - * Non-Volatile storage (NV) in a platform-independent way - * - * Only enabled when the NV seed entropy source is enabled - */ -#if defined(MBEDTLS_ENTROPY_NV_SEED) -#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO) -/* Internal standard platform definitions */ -int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len); -int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len); -#endif - -#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) -extern int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len); -extern int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len); - -/** - * \brief This function allows configuring custom seed file writing and - * reading functions. - * - * \param nv_seed_read_func The seed reading function implementation. - * \param nv_seed_write_func The seed writing function implementation. - * - * \return \c 0 on success. - */ -int mbedtls_platform_set_nv_seed(int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len), - int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)); -#else -#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) -#define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO -#define mbedtls_nv_seed_write MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO -#else -#define mbedtls_nv_seed_read mbedtls_platform_std_nv_seed_read -#define mbedtls_nv_seed_write mbedtls_platform_std_nv_seed_write -#endif -#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ -#endif /* MBEDTLS_ENTROPY_NV_SEED */ - -#if !defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) - -/** - * \brief The platform context structure. - * - * \note This structure may be used to assist platform-specific - * setup or teardown operations. - */ -typedef struct mbedtls_platform_context { - char dummy; /**< A placeholder member, as empty structs are not portable. */ -} mbedtls_platform_context; - -#else -#include "platform_alt.h" -#endif /* !MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ - -/** - * \brief This function performs any platform-specific initialization - * operations. - * - * \note This function should be called before any other library functions. - * - * Its implementation is platform-specific, and unless - * platform-specific code is provided, it does nothing. - * - * \note The usage and necessity of this function is dependent on the platform. - * - * \param ctx The platform context. - * - * \return \c 0 on success. - */ -int mbedtls_platform_setup(mbedtls_platform_context *ctx); -/** - * \brief This function performs any platform teardown operations. - * - * \note This function should be called after every other Mbed TLS module - * has been correctly freed using the appropriate free function. - * - * Its implementation is platform-specific, and unless - * platform-specific code is provided, it does nothing. - * - * \note The usage and necessity of this function is dependent on the platform. - * - * \param ctx The platform context. - * - */ -void mbedtls_platform_teardown(mbedtls_platform_context *ctx); - -#ifdef __cplusplus -} -#endif - -#endif /* platform.h */ diff --git a/subsys/nrf_security/include/psa/crypto_driver_config.h b/subsys/nrf_security/include/psa/crypto_driver_config.h index 4eb10e5164c9..895730768443 100644 --- a/subsys/nrf_security/include/psa/crypto_driver_config.h +++ b/subsys/nrf_security/include/psa/crypto_driver_config.h @@ -7,10 +7,4 @@ #ifndef PSA_CRYPTO_DRIVER_CONFIG_H #define PSA_CRYPTO_DRIVER_CONFIG_H -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) -#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE -#else -#include "psa/crypto_config.h" -#endif - #endif /* PSA_CRYPTO_DRIVER_CONFIG_H */ diff --git a/subsys/nrf_security/include/psa/crypto_driver_contexts_composites.h b/subsys/nrf_security/include/psa/crypto_driver_contexts_composites.h index 33cac2e37cc4..a95f196c67a8 100644 --- a/subsys/nrf_security/include/psa/crypto_driver_contexts_composites.h +++ b/subsys/nrf_security/include/psa/crypto_driver_contexts_composites.h @@ -25,7 +25,7 @@ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H #define PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H -#include "oberon_psa_common.h" +#include #include "psa/crypto_driver_common.h" @@ -86,8 +86,8 @@ typedef union { * them in order to avoid building errors. We don't use these at all * in the Oberon PSA core, the int type was chosen arbitrarily. */ -typedef int psa_driver_sign_hash_interruptible_context_t; -typedef int psa_driver_verify_hash_interruptible_context_t; +typedef struct { int dummy; } psa_driver_sign_hash_interruptible_context_t; +typedef struct { int dummy; } psa_driver_verify_hash_interruptible_context_t; #endif /* PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H */ /* End of automatically generated file. */ diff --git a/subsys/nrf_security/include/psa/crypto_driver_contexts_primitives.h b/subsys/nrf_security/include/psa/crypto_driver_contexts_primitives.h index 53f808337c08..d28f83903525 100644 --- a/subsys/nrf_security/include/psa/crypto_driver_contexts_primitives.h +++ b/subsys/nrf_security/include/psa/crypto_driver_contexts_primitives.h @@ -24,7 +24,7 @@ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H #define PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H -#include "oberon_psa_common.h" +#include #include "psa/crypto_driver_common.h" diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index fc2970bdfce5..44b030ecdb36 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -14,7 +14,7 @@ # used inside a TF-M build. # The interface is only generated in the NS image if TF-M is used -include(${NRF_SECURITY_ROOT}/cmake/generate_configs.cmake) +include(${NRF_SECURITY_DIR}/cmake/generate_configs.cmake) generate_mbedcrypto_interface_configs() generate_mbedcrypto_library_configs() @@ -27,7 +27,7 @@ string(REPLACE "/" "\\/" PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX ${PSA_CRYPTO_CON target_include_directories(psa_crypto_config INTERFACE ${PSA_CRYPTO_CONFIG_INTERFACE_PATH} - ${NRF_SECURITY_ROOT}/include + ${NRF_SECURITY_DIR}/include ) # Add fallback include folders from Mbed TLS for driver context structures @@ -35,7 +35,7 @@ target_include_directories(psa_crypto_config if(NOT (CMAKE_BUILD_WITH_TFM OR CONFIG_MBEDTLS_PSA_CRYPTO_C)) target_include_directories(psa_crypto_config INTERFACE - ${OBERON_PSA_CORE_PATH}/include + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include ) endif() @@ -53,52 +53,24 @@ endif() target_include_directories(psa_crypto_library_config INTERFACE ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} - ${NRF_SECURITY_ROOT}/include + ${NRF_SECURITY_DIR}/include # This is needed for the oberon_check_unsupported.h - ${OBERON_PSA_CORE_PATH}/oberon/drivers + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/oberon/drivers ) -if(CONFIG_MBEDTLS_ENABLE_HEAP) - if(CONFIG_BUILD_WITH_TFM) - # Add replacement for memory_buffer_alloc.c for NS build - list(APPEND src_crypto ${NRF_SECURITY_ROOT}/src/legacy/memory_buffer_alloc.c) - else() - # Both secure only builds and TF-M builds use the implementation from MbedTLS. - # This currently doesn't do a mutex on heap access. - list(APPEND src_crypto ${ARM_MBEDTLS_PATH}/library/memory_buffer_alloc.c) - endif() -endif() - -if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM AND NOT BUILD_INSIDE_TFM) - append_with_prefix(src_crypto ${ARM_MBEDTLS_PATH}/library - pem.c - pkcs12.c - pkcs5.c - pkparse.c - pkwrite.c - dhm.c - cipher.c - cipher_wrap.c - md.c - pk.c - pk_ecc.c - pk_wrap.c - pkwrite.c - psa_util.c - ) - -endif() - -# Library for mbed TLS crypto toolbox functionality add_library(${mbedcrypto_target} STATIC - ${src_crypto} ) +add_subdirectory(tf-psa-crypto) + target_link_libraries(${mbedcrypto_target} - INTERFACE + PUBLIC psa_crypto_config_chosen psa_interface + PRIVATE + $ + nrf_security_utils ) if(CONFIG_PSA_SSF_CRYPTO_CLIENT) @@ -107,50 +79,9 @@ endif() nrf_security_add_zephyr_options(${mbedcrypto_target}) -# Base mbed TLS files (not in drivers or builtin's) -append_with_prefix(src_crypto_base ${ARM_MBEDTLS_PATH}/library - asn1parse.c - asn1write.c - base64.c - bignum.c - bignum_core.c - nist_kw.c - oid.c - padlock.c - version.c - constant_time.c -) - -# Legacy APIs were missing files added by Oberon PSA core (not built in -# certain instances. This adds the same platform support as the Oberon PSA core) -if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_C) - append_with_prefix(src_crypto_base ${OBERON_PSA_CORE_PATH}/library/ - platform.c - platform_util.c - ) -endif() - - # Add threading support for PSA core (if enabled) include(${CMAKE_CURRENT_LIST_DIR}/threading/threading.cmake) -include(${NRF_SECURITY_ROOT}/src/utils/nrf_security_utils.cmake) - -# Add base library with files required by all drivers/backends. -add_library(mbedcrypto_base - STATIC - ${src_crypto_base} -) - -target_link_libraries(mbedcrypto_base - PRIVATE - psa_crypto_config_chosen - $ - nrf_security_utils - PUBLIC - psa_interface -) - -nrf_security_add_zephyr_options(mbedcrypto_base) +include(${NRF_SECURITY_DIR}/src/utils/nrf_security_utils.cmake) # Misusing the psa_crypto_config and psa_crypto_library_config awareness to # set compiler-flags to ensure right floating-point types are set @@ -180,11 +111,6 @@ if(LINKER_CP_OPTION) ) endif() -target_link_libraries(${mbedcrypto_target} - PRIVATE - mbedcrypto_base -) - # Add PSA core if(CONFIG_MBEDTLS_PSA_CRYPTO_C) add_subdirectory(core) @@ -193,93 +119,9 @@ endif() # Add drivers (for legacy and PSA crypto build) add_subdirectory(drivers) -# Add legacy Mbed TLS APIs -if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C OR (CONFIG_NRF_OBERON AND CONFIG_BUILD_WITH_TFM)) - add_subdirectory(legacy) -endif() - -# In TF-M build, a psa_interface lib is created and we must inherit its settings -set_property(TARGET ${mbedcrypto_target} - APPEND PROPERTY - PRIVATE_LINK_LIBRARIES - $ -) - # NEWLIB requires linking with the C library if(CONFIG_NEWLIB_LIBC) target_link_libraries(${mbedcrypto_target} PRIVATE -lc) - target_link_libraries(mbedcrypto_base PRIVATE -lc) -endif() - -if(CONFIG_MBEDTLS_X509_LIBRARY) - append_with_prefix(src_x509 ${ARM_MBEDTLS_PATH}/library - pkcs7.c - x509.c - x509_create.c - x509_crl.c - x509_crt.c - x509_csr.c - x509write.c - x509write_crt.c - x509write_csr.c - ) - - add_library(mbedx509 STATIC - ${src_x509} - ) - - # Link with - target_link_libraries(mbedx509 - PRIVATE - psa_crypto_config_chosen - ${mbedcrypto_target} - mbedcrypto_base - ) - - nrf_security_add_zephyr_options(mbedx509) - -endif() - -# Library for TLS protocol support -if(CONFIG_MBEDTLS_TLS_LIBRARY) - # TLS files - append_with_prefix(src_tls ${ARM_MBEDTLS_PATH}/library - debug.c - net_sockets.c - ssl_cache.c - ssl_ciphersuites.c - ssl_client.c - ssl_cookie.c - ssl_msg.c - ssl_ticket.c - ssl_tls.c - ssl_tls12_client.c - ssl_tls12_server.c - ssl_tls13_keys.c - ssl_tls13_server.c - ssl_tls13_client.c - ssl_tls13_generic.c - ) - - if(CONFIG_MBEDTLS_DEBUG) - list(APPEND src_tls - ${ARM_MBEDTLS_PATH}/library/ssl_debug_helpers_generated.c - ) - endif() - - add_library(mbedtls STATIC - ${src_tls} - ) - - target_link_libraries(mbedtls - PRIVATE - psa_crypto_config_chosen - mbedx509 - ${mbedcrypto_target} - mbedcrypto_base - ) - - nrf_security_add_zephyr_options(mbedtls) endif() if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) diff --git a/subsys/nrf_security/src/core/CMakeLists.txt b/subsys/nrf_security/src/core/CMakeLists.txt index b12a4d7ac226..bc90bb3effe2 100644 --- a/subsys/nrf_security/src/core/CMakeLists.txt +++ b/subsys/nrf_security/src/core/CMakeLists.txt @@ -4,8 +4,10 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -if(CONFIG_PSA_CORE_LITE) +if(CONFIG_PSA_CORE_OBERON) + add_subdirectory(nrf_oberon) +elseif(CONFIG_PSA_CORE_LITE) add_subdirectory(lite) else() - add_subdirectory(nrf_oberon) + message(FATAL_ERROR "CONFIG_MBEDTLS_PSA_CRYPTO_C enabled without PSA core") endif() diff --git a/subsys/nrf_security/src/core/lite/CMakeLists.txt b/subsys/nrf_security/src/core/lite/CMakeLists.txt index 38c6daee7b35..aafdfd713892 100644 --- a/subsys/nrf_security/src/core/lite/CMakeLists.txt +++ b/subsys/nrf_security/src/core/lite/CMakeLists.txt @@ -6,13 +6,13 @@ add_library(psa_core STATIC psa_core_lite.c - ${NRF_SECURITY_ROOT}/src/psa_crypto_driver_wrappers.c + ${NRF_SECURITY_DIR}/src/psa_crypto_driver_wrappers.c ) if(CONFIG_MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) target_sources(psa_core PRIVATE - ${NRF_SECURITY_ROOT}/src/mbedtls_psa_platform.c + ${NRF_SECURITY_DIR}/src/mbedtls_psa_platform.c ) endif() @@ -30,7 +30,7 @@ target_link_libraries(psa_core target_include_directories(psa_core PRIVATE - ${NRF_SECURITY_ROOT}/src/drivers/cracen/cracenpsa/src + ${NRF_SECURITY_DIR}/src/drivers/cracen/cracenpsa/src ) nrf_security_add_zephyr_options_library(psa_core) diff --git a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt index 95a4307428dc..e20bfe1c66bb 100644 --- a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt @@ -4,50 +4,45 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -append_with_prefix(src_crypto_core_oberon ${OBERON_PSA_CORE_PATH}/library/ +append_with_prefix(src_crypto_core_oberon ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/platform/ platform.c platform_util.c ) -append_with_prefix(src_crypto_core_oberon ${OBERON_PSA_CORE_PATH}/library/ +append_with_prefix(src_crypto_core_oberon ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/utilities + constant_time.c +) + +append_with_prefix(src_crypto_core_oberon ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/core/ psa_crypto.c psa_crypto_client.c psa_crypto_slot_management.c psa_crypto_storage.c ) -add_library(psa_core STATIC - ${src_crypto_core_oberon} -) - -# Add the nordic version of psa_crypto_driver_wrappers with the core (out of tree) -target_sources(psa_core - PRIVATE - ${NRF_SECURITY_ROOT}/src/psa_crypto_driver_wrappers.c +append_with_prefix(src_crypto_core_oberon ${NRF_SECURITY_DIR}/src/ + psa_crypto_driver_wrappers.c ) if(CONFIG_MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - target_sources(psa_core - PRIVATE - ${NRF_SECURITY_ROOT}/src/mbedtls_psa_platform.c + append_with_prefix(src_crypto_core_oberon ${NRF_SECURITY_DIR}/src/ + mbedtls_psa_platform.c ) endif() -target_link_libraries(psa_core - PRIVATE - psa_crypto_library_config - psa_interface +add_library(psa_core STATIC + ${src_crypto_core_oberon} ) target_compile_definitions(psa_core PRIVATE - BUILDING_MBEDTLS_CRYPTO + BUILDING_PSA_CRYPTO # for Secure Storage ) target_link_libraries(psa_core PRIVATE psa_crypto_library_config - mbedcrypto_base + psa_interface nrf_security_utils ) diff --git a/subsys/nrf_security/src/drivers/Kconfig b/subsys/nrf_security/src/drivers/Kconfig index afcb18b211a6..e00194af7801 100644 --- a/subsys/nrf_security/src/drivers/Kconfig +++ b/subsys/nrf_security/src/drivers/Kconfig @@ -26,7 +26,7 @@ config PSA_CRYPTO_DRIVER_CC3XX config PSA_CRYPTO_DRIVER_CRACEN bool "Cracen PSA driver" - depends on PSA_CRYPTO_CLIENT + depends on PSA_CRYPTO depends on HAS_HW_NRF_CRACEN # CRACEN uses the k_event_ API select EVENTS if MULTITHREADING diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 75c8e42605bc..be9c0a5f0004 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -46,7 +46,6 @@ target_link_libraries(cracen_psa_driver PRIVATE psa_crypto_library_config psa_interface - mbedcrypto_base nrf_security_utils ) diff --git a/subsys/nrf_security/src/drivers/cracen/cracen_sw/ext/gcm_ext.c b/subsys/nrf_security/src/drivers/cracen/cracen_sw/ext/gcm_ext.c index 8b79a9a3228e..5bb8fcac3520 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracen_sw/ext/gcm_ext.c +++ b/subsys/nrf_security/src/drivers/cracen/cracen_sw/ext/gcm_ext.c @@ -16,12 +16,9 @@ */ /* Copied from mbed TLS, modified to contain GF(2^128) operation only */ - -#include "common.h" +#include #include "gcm_ext.h" -#include - static inline void gcm_gen_table_rightshift(uint64_t dst[2], const uint64_t src[2]) { uint8_t *u8Dst = (uint8_t *) dst; diff --git a/subsys/nrf_security/src/drivers/cracen/cracen_sw/ext/poly1305_ext.c b/subsys/nrf_security/src/drivers/cracen/cracen_sw/ext/poly1305_ext.c index ed74431b7548..1934cff0acff 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracen_sw/ext/poly1305_ext.c +++ b/subsys/nrf_security/src/drivers/cracen/cracen_sw/ext/poly1305_ext.c @@ -14,7 +14,7 @@ * Link: https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/development/drivers/builtin/src/poly1305.c */ -#include "common.h" +#include #include "poly1305_ext.h" #define POLY1305_BLOCK_SIZE_BYTES (16U) diff --git a/subsys/nrf_security/src/drivers/cracen/cracen_sw/src/cracen_sw_mac.c b/subsys/nrf_security/src/drivers/cracen/cracen_sw/src/cracen_sw_mac.c index 938d8e2c352e..afdf32d9ddb4 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracen_sw/src/cracen_sw_mac.c +++ b/subsys/nrf_security/src/drivers/cracen/cracen_sw/src/cracen_sw_mac.c @@ -8,7 +8,6 @@ #include #include #include -#include "common.h" #include #include #include diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_kmu.h b/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_kmu.h index 2a915261b4fb..fecc1dd42c5b 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_kmu.h +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_kmu.h @@ -51,9 +51,13 @@ typedef uint64_t psa_drv_slot_number_t; * * @return PSA key handle value. */ -#define PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(scheme, slot_id) \ +#define PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(scheme, slot_id) \ (0x7fff0000 | ((scheme) << 12) | ((slot_id)&0xff)) +/** @deprecated Use @ref PSA_KEY_ID_FROM_CRACEN_KMU_SLOT instead. */ +#define PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(scheme, slot_id) \ + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(scheme, slot_id) + /** @brief Retrieve key usage scheme from PSA key ID. * * @param[in] key_id PSA key ID. diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cracen_psa_kmu.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cracen_psa_kmu.c index cc29a4c5ed2d..0b60f751bf3a 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cracen_psa_kmu.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cracen_psa_kmu.c @@ -268,7 +268,7 @@ psa_status_t cracen_provision_prot_ram_inv_slots(void) * the provisioning call. */ psa_set_key_id(&key_attributes, - mbedtls_svc_key_id_make(0, PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT( + mbedtls_svc_key_id_make(0, PSA_KEY_ID_FROM_CRACEN_KMU_SLOT( CRACEN_KMU_KEY_USAGE_SCHEME_PROTECTED, PROTECTED_RAM_INVALIDATION_DATA_SLOT1))); diff --git a/subsys/nrf_security/src/drivers/nrf_cc3xx/public_cc3xx_psa_asymmetric_signature.c b/subsys/nrf_security/src/drivers/nrf_cc3xx/public_cc3xx_psa_asymmetric_signature.c index ca14f93325dc..001adafc3742 100644 --- a/subsys/nrf_security/src/drivers/nrf_cc3xx/public_cc3xx_psa_asymmetric_signature.c +++ b/subsys/nrf_security/src/drivers/nrf_cc3xx/public_cc3xx_psa_asymmetric_signature.c @@ -61,11 +61,6 @@ psa_status_t cc3xx_verify_hash(const psa_key_attributes_t *attributes, const uin size_t hash_length, const uint8_t *signature, size_t signature_length) { - if (alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW && - hash_length != PSA_HASH_LENGTH(PSA_ALG_SIGN_GET_HASH(alg))) { - return PSA_ERROR_INVALID_ARGUMENT; - } - if (!PSA_KEY_TYPE_IS_ASYMMETRIC(psa_get_key_type(attributes))) { return PSA_ERROR_NOT_SUPPORTED; } diff --git a/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt index f582059e8b95..15eb1062cad9 100644 --- a/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt @@ -11,7 +11,7 @@ target_include_directories(psa_crypto_library_config ) # Link the Oberon PSA core with nrf_cc3xx_platform -target_link_libraries(psa_core +target_link_libraries_ifdef(CONFIG_MBEDTLS_PSA_CRYPTO_C psa_core PRIVATE nrf_cc3xx_platform ) diff --git a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt index 206fe608c7f9..f53d9c78b046 100644 --- a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt @@ -5,7 +5,7 @@ # # Build Oberon PSA crypto driver -set(drivers_path ${OBERON_PSA_CORE_PATH}/oberon/drivers) +set(drivers_path ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/oberon/drivers) target_include_directories(psa_crypto_library_config INTERFACE @@ -78,8 +78,9 @@ endif() # Link to imported libraries for Oberon APIs. target_link_libraries(oberon_psa_driver PRIVATE - mbedcrypto_oberon_mbedtls_imported mbedcrypto_oberon_imported + psa_crypto_config_chosen + ${mbedcrypto_target} ) # Link psa_core with this driver @@ -88,10 +89,5 @@ target_link_libraries(psa_core oberon_psa_driver ) -target_link_libraries(mbedcrypto_oberon_mbedtls_imported - INTERFACE - psa_crypto_config_chosen - ${mbedcrypto_target} -) nrf_security_add_zephyr_options_library(oberon_psa_driver) diff --git a/subsys/nrf_security/src/drivers/zephyr/nrf_rng_entropy.c b/subsys/nrf_security/src/drivers/zephyr/nrf_rng_entropy.c index 717c2a2a7dd9..6f03e09f4a85 100644 --- a/subsys/nrf_security/src/drivers/zephyr/nrf_rng_entropy.c +++ b/subsys/nrf_security/src/drivers/zephyr/nrf_rng_entropy.c @@ -7,7 +7,6 @@ #include #include #include -#include #include "psa/crypto.h" diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt deleted file mode 100644 index 622e37d97b0f..000000000000 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ /dev/null @@ -1,150 +0,0 @@ -# -# Copyright (c) 2021 Nordic Semiconductor -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -# Legacy APIs missing driver support or APIs assumed to be -# deprecated with more PSA API awareness. -append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library - sha1.c - sha256.c - sha512.c - sha3.c - md5.c - aesni.c - aesce.c -) - -# Add all files that are neccessary for (nrf_oberon or cracen) + builtin in legacy mode -# These files are used only as a convenience until PSA Crypto APIs are standarized -if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C OR CONFIG_OBERON_BACKEND OR CONFIG_CC3XX_BACKEND OR - CONFIG_PSA_CRYPTO_DRIVER_OBERON OR CONFIG_PSA_CRYPTO_DRIVER_CRACEN) - append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library - block_cipher.c - aes.c - cmac.c - ccm.c - chachapoly.c - ecdh.c - ecp.c - ecp_curves.c - ecp_curves_new.c - gcm.c - hkdf.c - hmac_drbg.c - rsa.c - rsa_alt_helpers.c - ) -endif() - -# There is a symbol inside the nrf_oberon ECDSA implementation (built lib) that is -# colliding with a symbol in ecdsa.c in mbedtls: mbedtls_ecdsa_can_do. -# To solve this quickly a copy of ecdsa.c is added here in case oberon is built -if(CONFIG_OBERON_BACKEND OR CONFIG_PSA_CRYPTO_DRIVER_OBERON) - list(APPEND src_crypto_legacy - ${CMAKE_CURRENT_LIST_DIR}/ecdsa_oberon.c - ) -else() - list(APPEND src_crypto_legacy - ${ARM_MBEDTLS_PATH}/library/ecdsa.c - ) -endif() - -# There is a function expected to be built inside psa_crypto.c that is used -# by md. This makes MD not work with TF-M. Temporarily adding this check-function -# to a self-contained file an use this when PSA crypto is not built locally -if(CONFIG_BUILD_WITH_TFM OR CONFIG_SOC_NRF54H20_CPURAD OR CONFIG_SOC_NRF54H20_CPUAPP) - list(APPEND src_crypto_legacy - ${CMAKE_CURRENT_LIST_DIR}/md_ext.c - ) -endif() - - -if(CONFIG_HAS_HW_NRF_CC310) -append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library - gcm.c -) -endif() - -# Legacy files should only be added in certain configurations -append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library - ctr_drbg.c - entropy.c -) - -if(CONFIG_CC3XX_BACKEND) - # Add missing API to resolve bit-length for RSA. This needs to be - # resolved in nrf_cc3xx Mbed TLS library - list(APPEND src_crypto_legacy - ${CMAKE_CURRENT_LIST_DIR}/rsa_ext.c - ) -endif() - -# Legacy Files needed when Oberon is disabled -if(NOT CONFIG_OBERON_BACKEND) - append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library - chacha20.c - poly1305.c - ecjpake.c - platform.c - ) -endif() - -# Add oberon-specific replacement files -if(CONFIG_OBERON_ONLY_ENABLED) - list(APPEND src_crypto_legacy - ${CMAKE_CURRENT_LIST_DIR}/ecjpake_oberon.c - ) -else() - list(APPEND src_crypto_legacy - ${CMAKE_CURRENT_LIST_DIR}/dhm_ext.c - ) -endif() - -# Add legacy files to mbedcrypto_target -if(DEFINED src_crypto_legacy) - target_sources(${mbedcrypto_target} - PRIVATE - ${src_crypto_legacy} - ) -endif() - -if(DEFINED src_crypto_legacy_base) - target_sources(mbedcrypto_base - PRIVATE - ${src_crypto_legacy_base} - ) -endif() - -if(TARGET mbedcrypto_oberon_mbedtls_imported) - # Link to the nrf_oberon mbedcrypto library - target_link_libraries(${mbedcrypto_target} - PRIVATE - mbedcrypto_oberon_mbedtls_imported - ) - - # Add nrf_oberon Mbed TLS includes to mbedcrypto library - target_include_directories(${mbedcrypto_target} - INTERFACE - $ - ) -endif() - -if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C AND CONFIG_CC3XX_BACKEND) - # Link legacy nrf_cc3xx library if it is enabled - # This will only be used for secure-only builds - target_link_libraries(${mbedcrypto_target} - PRIVATE - nrf_cc3xx_legacy_crypto_imported - ) -endif() - -if(TARGET nrf_cc3xx_core_imported) - # nrf_cc3xx needs functionality from mbedcrypto_base - target_link_libraries(nrf_cc3xx_core_imported - INTERFACE - psa_crypto_config_chosen - ${mbedcrypto_target} - ) -endif() diff --git a/subsys/nrf_security/src/legacy/dhm_ext.c b/subsys/nrf_security/src/legacy/dhm_ext.c deleted file mode 100644 index 823d6e04ef09..000000000000 --- a/subsys/nrf_security/src/legacy/dhm_ext.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Diffie-Hellman-Merkle key exchange - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * The following sources were referenced in the design of this implementation - * of the Diffie-Hellman-Merkle algorithm: - * - * [1] Handbook of Applied Cryptography - 1997, Chapter 12 - * Menezes, van Oorschot and Vanstone - * - */ - -/* Copied from mbed TLS, missing in CryptoCell runtime library */ - -#include "common.h" - -#if defined(MBEDTLS_DHM_C) && (defined(CONFIG_CC3XX_BACKEND) || defined(CONFIG_PSA_CRYPTO_DRIVER_CC3XX)) - -#include "mbedtls/dhm.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/error.h" - -#include - -#if defined(MBEDTLS_PEM_PARSE_C) -#include "mbedtls/pem.h" -#endif - -#if defined(MBEDTLS_ASN1_PARSE_C) -#include "mbedtls/asn1.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -size_t mbedtls_dhm_get_bitlen( const mbedtls_dhm_context *ctx ) -{ - return( mbedtls_mpi_bitlen( &ctx->P ) ); -} - -size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx ) -{ - return( mbedtls_mpi_size( &ctx->P ) ); -} - - -#endif /* defined(MBEDTLS_DHM_C) && defined(CONFIG_CC3XX_BACKEND) */ diff --git a/subsys/nrf_security/src/legacy/ecdsa_oberon.c b/subsys/nrf_security/src/legacy/ecdsa_oberon.c deleted file mode 100644 index 256497d44671..000000000000 --- a/subsys/nrf_security/src/legacy/ecdsa_oberon.c +++ /dev/null @@ -1,854 +0,0 @@ -/* - * Elliptic curve DSA - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - */ - -/* - * References: - * - * SEC1 https://www.secg.org/sec1-v2.pdf - */ - -#include "common.h" - -#if defined(MBEDTLS_ECDSA_C) - -#include "mbedtls/ecdsa.h" -#include "mbedtls/asn1write.h" - -#include - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#include "mbedtls/hmac_drbg.h" -#endif - -#include "mbedtls/platform.h" - -#include "mbedtls/platform_util.h" -#include "mbedtls/error.h" - -#if defined(MBEDTLS_ECP_RESTARTABLE) - -/* - * Sub-context for ecdsa_verify() - */ -struct mbedtls_ecdsa_restart_ver { - mbedtls_mpi u1, u2; /* intermediate values */ - enum { /* what to do next? */ - ecdsa_ver_init = 0, /* getting started */ - ecdsa_ver_muladd, /* muladd step */ - } state; -}; - -/* - * Init verify restart sub-context - */ -static void ecdsa_restart_ver_init(mbedtls_ecdsa_restart_ver_ctx *ctx) -{ - mbedtls_mpi_init(&ctx->u1); - mbedtls_mpi_init(&ctx->u2); - ctx->state = ecdsa_ver_init; -} - -/* - * Free the components of a verify restart sub-context - */ -static void ecdsa_restart_ver_free(mbedtls_ecdsa_restart_ver_ctx *ctx) -{ - if (ctx == NULL) { - return; - } - - mbedtls_mpi_free(&ctx->u1); - mbedtls_mpi_free(&ctx->u2); - - ecdsa_restart_ver_init(ctx); -} - -/* - * Sub-context for ecdsa_sign() - */ -struct mbedtls_ecdsa_restart_sig { - int sign_tries; - int key_tries; - mbedtls_mpi k; /* per-signature random */ - mbedtls_mpi r; /* r value */ - enum { /* what to do next? */ - ecdsa_sig_init = 0, /* getting started */ - ecdsa_sig_mul, /* doing ecp_mul() */ - ecdsa_sig_modn, /* mod N computations */ - } state; -}; - -/* - * Init verify sign sub-context - */ -static void ecdsa_restart_sig_init(mbedtls_ecdsa_restart_sig_ctx *ctx) -{ - ctx->sign_tries = 0; - ctx->key_tries = 0; - mbedtls_mpi_init(&ctx->k); - mbedtls_mpi_init(&ctx->r); - ctx->state = ecdsa_sig_init; -} - -/* - * Free the components of a sign restart sub-context - */ -static void ecdsa_restart_sig_free(mbedtls_ecdsa_restart_sig_ctx *ctx) -{ - if (ctx == NULL) { - return; - } - - mbedtls_mpi_free(&ctx->k); - mbedtls_mpi_free(&ctx->r); -} - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) -/* - * Sub-context for ecdsa_sign_det() - */ -struct mbedtls_ecdsa_restart_det { - mbedtls_hmac_drbg_context rng_ctx; /* DRBG state */ - enum { /* what to do next? */ - ecdsa_det_init = 0, /* getting started */ - ecdsa_det_sign, /* make signature */ - } state; -}; - -/* - * Init verify sign_det sub-context - */ -static void ecdsa_restart_det_init(mbedtls_ecdsa_restart_det_ctx *ctx) -{ - mbedtls_hmac_drbg_init(&ctx->rng_ctx); - ctx->state = ecdsa_det_init; -} - -/* - * Free the components of a sign_det restart sub-context - */ -static void ecdsa_restart_det_free(mbedtls_ecdsa_restart_det_ctx *ctx) -{ - if (ctx == NULL) { - return; - } - - mbedtls_hmac_drbg_free(&ctx->rng_ctx); - - ecdsa_restart_det_init(ctx); -} -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - -#define ECDSA_RS_ECP (rs_ctx == NULL ? NULL : &rs_ctx->ecp) - -/* Utility macro for checking and updating ops budget */ -#define ECDSA_BUDGET(ops) \ - MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, ECDSA_RS_ECP, ops)); - -/* Call this when entering a function that needs its own sub-context */ -#define ECDSA_RS_ENTER(SUB) do { \ - /* reset ops count for this call if top-level */ \ - if (rs_ctx != NULL && rs_ctx->ecp.depth++ == 0) \ - rs_ctx->ecp.ops_done = 0; \ - \ - /* set up our own sub-context if needed */ \ - if (mbedtls_ecp_restart_is_enabled() && \ - rs_ctx != NULL && rs_ctx->SUB == NULL) \ - { \ - rs_ctx->SUB = mbedtls_calloc(1, sizeof(*rs_ctx->SUB)); \ - if (rs_ctx->SUB == NULL) \ - return MBEDTLS_ERR_ECP_ALLOC_FAILED; \ - \ - ecdsa_restart_## SUB ##_init(rs_ctx->SUB); \ - } \ -} while (0) - -/* Call this when leaving a function that needs its own sub-context */ -#define ECDSA_RS_LEAVE(SUB) do { \ - /* clear our sub-context when not in progress (done or error) */ \ - if (rs_ctx != NULL && rs_ctx->SUB != NULL && \ - ret != MBEDTLS_ERR_ECP_IN_PROGRESS) \ - { \ - ecdsa_restart_## SUB ##_free(rs_ctx->SUB); \ - mbedtls_free(rs_ctx->SUB); \ - rs_ctx->SUB = NULL; \ - } \ - \ - if (rs_ctx != NULL) \ - rs_ctx->ecp.depth--; \ -} while (0) - -#else /* MBEDTLS_ECP_RESTARTABLE */ - -#define ECDSA_RS_ECP NULL - -#define ECDSA_BUDGET(ops) /* no-op; for compatibility */ - -#define ECDSA_RS_ENTER(SUB) (void) rs_ctx -#define ECDSA_RS_LEAVE(SUB) (void) rs_ctx - -#endif /* MBEDTLS_ECP_RESTARTABLE */ - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \ - !defined(MBEDTLS_ECDSA_SIGN_ALT) || \ - !defined(MBEDTLS_ECDSA_VERIFY_ALT) -/* - * Derive a suitable integer for group grp from a buffer of length len - * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 - */ -static int derive_mpi(const mbedtls_ecp_group *grp, mbedtls_mpi *x, - const unsigned char *buf, size_t blen) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n_size = (grp->nbits + 7) / 8; - size_t use_size = blen > n_size ? n_size : blen; - - MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(x, buf, use_size)); - if (use_size * 8 > grp->nbits) { - MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(x, use_size * 8 - grp->nbits)); - } - - /* While at it, reduce modulo N */ - if (mbedtls_mpi_cmp_mpi(x, &grp->N) >= 0) { - MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(x, x, &grp->N)); - } - -cleanup: - return ret; -} -#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */ - -#if !defined(MBEDTLS_ECDSA_SIGN_ALT) -/* - * Compute ECDSA signature of a hashed message (SEC1 4.1.3) - * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) - */ -int mbedtls_ecdsa_sign_restartable(mbedtls_ecp_group *grp, - mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind, - mbedtls_ecdsa_restart_ctx *rs_ctx) -{ - int ret, key_tries, sign_tries; - int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries; - mbedtls_ecp_point R; - mbedtls_mpi k, e, t; - mbedtls_mpi *pk = &k, *pr = r; - - /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) { - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - } - - /* Make sure d is in range 1..n-1 */ - if (mbedtls_mpi_cmp_int(d, 1) < 0 || mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) { - return MBEDTLS_ERR_ECP_INVALID_KEY; - } - - mbedtls_ecp_point_init(&R); - mbedtls_mpi_init(&k); mbedtls_mpi_init(&e); mbedtls_mpi_init(&t); - - ECDSA_RS_ENTER(sig); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if (rs_ctx != NULL && rs_ctx->sig != NULL) { - /* redirect to our context */ - p_sign_tries = &rs_ctx->sig->sign_tries; - p_key_tries = &rs_ctx->sig->key_tries; - pk = &rs_ctx->sig->k; - pr = &rs_ctx->sig->r; - - /* jump to current step */ - if (rs_ctx->sig->state == ecdsa_sig_mul) { - goto mul; - } - if (rs_ctx->sig->state == ecdsa_sig_modn) { - goto modn; - } - } -#endif /* MBEDTLS_ECP_RESTARTABLE */ - - *p_sign_tries = 0; - do { - if ((*p_sign_tries)++ > 10) { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - goto cleanup; - } - - /* - * Steps 1-3: generate a suitable ephemeral keypair - * and set r = xR mod n - */ - *p_key_tries = 0; - do { - if ((*p_key_tries)++ > 10) { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - goto cleanup; - } - - MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, pk, f_rng, p_rng)); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if (rs_ctx != NULL && rs_ctx->sig != NULL) { - rs_ctx->sig->state = ecdsa_sig_mul; - } - -mul: -#endif - MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &R, pk, &grp->G, - f_rng_blind, - p_rng_blind, - ECDSA_RS_ECP)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pr, &R.X, &grp->N)); - } while (mbedtls_mpi_cmp_int(pr, 0) == 0); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if (rs_ctx != NULL && rs_ctx->sig != NULL) { - rs_ctx->sig->state = ecdsa_sig_modn; - } - -modn: -#endif - /* - * Accounting for everything up to the end of the loop - * (step 6, but checking now avoids saving e and t) - */ - ECDSA_BUDGET(MBEDTLS_ECP_OPS_INV + 4); - - /* - * Step 5: derive MPI from hashed message - */ - MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen)); - - /* - * Generate a random value to blind inv_mod in next step, - * avoiding a potential timing leak. - */ - MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, &t, f_rng_blind, - p_rng_blind)); - - /* - * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n - */ - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, pr, d)); - MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&e, &e, s)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&e, &e, &t)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pk, pk, &t)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pk, pk, &grp->N)); - MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(s, pk, &grp->N)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, s, &e)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(s, s, &grp->N)); - } while (mbedtls_mpi_cmp_int(s, 0) == 0); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if (rs_ctx != NULL && rs_ctx->sig != NULL) { - MBEDTLS_MPI_CHK(mbedtls_mpi_copy(r, pr)); - } -#endif - -cleanup: - mbedtls_ecp_point_free(&R); - mbedtls_mpi_free(&k); mbedtls_mpi_free(&e); mbedtls_mpi_free(&t); - - ECDSA_RS_LEAVE(sig); - - return ret; -} - -/* - * Compute ECDSA signature of a hashed message - */ -int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) -{ - /* Use the same RNG for both blinding and ephemeral key generation */ - return mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen, - f_rng, p_rng, f_rng, p_rng, NULL); -} -#endif /* !MBEDTLS_ECDSA_SIGN_ALT */ - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) -/* - * Deterministic signature wrapper - * - * note: The f_rng_blind parameter must not be NULL. - * - */ -int mbedtls_ecdsa_sign_det_restartable(mbedtls_ecp_group *grp, - mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind, - mbedtls_ecdsa_restart_ctx *rs_ctx) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_hmac_drbg_context rng_ctx; - mbedtls_hmac_drbg_context *p_rng = &rng_ctx; - unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; - size_t grp_len = (grp->nbits + 7) / 8; - const mbedtls_md_info_t *md_info; - mbedtls_mpi h; - - if ((md_info = mbedtls_md_info_from_type(md_alg)) == NULL) { - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - } - - mbedtls_mpi_init(&h); - mbedtls_hmac_drbg_init(&rng_ctx); - - ECDSA_RS_ENTER(det); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if (rs_ctx != NULL && rs_ctx->det != NULL) { - /* redirect to our context */ - p_rng = &rs_ctx->det->rng_ctx; - - /* jump to current step */ - if (rs_ctx->det->state == ecdsa_det_sign) { - goto sign; - } - } -#endif /* MBEDTLS_ECP_RESTARTABLE */ - - /* Use private key and message hash (reduced) to initialize HMAC_DRBG */ - MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(d, data, grp_len)); - MBEDTLS_MPI_CHK(derive_mpi(grp, &h, buf, blen)); - MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, data + grp_len, grp_len)); - MBEDTLS_MPI_CHK(mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len)); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if (rs_ctx != NULL && rs_ctx->det != NULL) { - rs_ctx->det->state = ecdsa_det_sign; - } - -sign: -#endif -#if defined(MBEDTLS_ECDSA_SIGN_ALT) - (void) f_rng_blind; - (void) p_rng_blind; - ret = mbedtls_ecdsa_sign(grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng); -#else - ret = mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - f_rng_blind, p_rng_blind, rs_ctx); -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ - -cleanup: - mbedtls_hmac_drbg_free(&rng_ctx); - mbedtls_mpi_free(&h); - - ECDSA_RS_LEAVE(det); - - return ret; -} - -/* - * Deterministic signature wrapper - */ -int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, - size_t), - void *p_rng_blind) -{ - return mbedtls_ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, - f_rng_blind, p_rng_blind, NULL); -} -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - -#if !defined(MBEDTLS_ECDSA_VERIFY_ALT) -/* - * Verify ECDSA signature of hashed message (SEC1 4.1.4) - * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) - */ -int mbedtls_ecdsa_verify_restartable(mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, - const mbedtls_mpi *r, - const mbedtls_mpi *s, - mbedtls_ecdsa_restart_ctx *rs_ctx) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_mpi e, s_inv, u1, u2; - mbedtls_ecp_point R; - mbedtls_mpi *pu1 = &u1, *pu2 = &u2; - - mbedtls_ecp_point_init(&R); - mbedtls_mpi_init(&e); mbedtls_mpi_init(&s_inv); - mbedtls_mpi_init(&u1); mbedtls_mpi_init(&u2); - - /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) { - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - } - - ECDSA_RS_ENTER(ver); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if (rs_ctx != NULL && rs_ctx->ver != NULL) { - /* redirect to our context */ - pu1 = &rs_ctx->ver->u1; - pu2 = &rs_ctx->ver->u2; - - /* jump to current step */ - if (rs_ctx->ver->state == ecdsa_ver_muladd) { - goto muladd; - } - } -#endif /* MBEDTLS_ECP_RESTARTABLE */ - - /* - * Step 1: make sure r and s are in range 1..n-1 - */ - if (mbedtls_mpi_cmp_int(r, 1) < 0 || mbedtls_mpi_cmp_mpi(r, &grp->N) >= 0 || - mbedtls_mpi_cmp_int(s, 1) < 0 || mbedtls_mpi_cmp_mpi(s, &grp->N) >= 0) { - ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; - goto cleanup; - } - - /* - * Step 3: derive MPI from hashed message - */ - MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen)); - - /* - * Step 4: u1 = e / s mod n, u2 = r / s mod n - */ - ECDSA_BUDGET(MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2); - - MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&s_inv, s, &grp->N)); - - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu1, &e, &s_inv)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu1, pu1, &grp->N)); - - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu2, r, &s_inv)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu2, pu2, &grp->N)); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if (rs_ctx != NULL && rs_ctx->ver != NULL) { - rs_ctx->ver->state = ecdsa_ver_muladd; - } - -muladd: -#endif - /* - * Step 5: R = u1 G + u2 Q - */ - MBEDTLS_MPI_CHK(mbedtls_ecp_muladd_restartable(grp, - &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP)); - - if (mbedtls_ecp_is_zero(&R)) { - ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; - goto cleanup; - } - - /* - * Step 6: convert xR to an integer (no-op) - * Step 7: reduce xR mod n (gives v) - */ - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&R.X, &R.X, &grp->N)); - - /* - * Step 8: check if v (that is, R.X) is equal to r - */ - if (mbedtls_mpi_cmp_mpi(&R.X, r) != 0) { - ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; - goto cleanup; - } - -cleanup: - mbedtls_ecp_point_free(&R); - mbedtls_mpi_free(&e); mbedtls_mpi_free(&s_inv); - mbedtls_mpi_free(&u1); mbedtls_mpi_free(&u2); - - ECDSA_RS_LEAVE(ver); - - return ret; -} - -/* - * Verify ECDSA signature of hashed message - */ -int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, - const mbedtls_mpi *r, - const mbedtls_mpi *s) -{ - return mbedtls_ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL); -} -#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ - -/* - * Convert a signature (given by context) to ASN.1 - */ -static int ecdsa_signature_to_asn1(const mbedtls_mpi *r, const mbedtls_mpi *s, - unsigned char *sig, size_t sig_size, - size_t *slen) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = { 0 }; - unsigned char *p = buf + sizeof(buf); - size_t len = 0; - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, s)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, r)); - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - if (len > sig_size) { - return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; - } - - memcpy(sig, p, len); - *slen = len; - - return 0; -} - -/* - * Compute and write signature - */ -int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t sig_size, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecdsa_restart_ctx *rs_ctx) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_mpi r, s; - if (f_rng == NULL) { - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - } - - mbedtls_mpi_init(&r); - mbedtls_mpi_init(&s); - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_det_restartable(&ctx->grp, &r, &s, &ctx->d, - hash, hlen, md_alg, f_rng, - p_rng, rs_ctx)); -#else - (void) md_alg; - -#if defined(MBEDTLS_ECDSA_SIGN_ALT) - (void) rs_ctx; - - MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng)); -#else - /* Use the same RNG for both blinding and ephemeral key generation */ - MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng, f_rng, - p_rng, rs_ctx)); -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - - MBEDTLS_MPI_CHK(ecdsa_signature_to_asn1(&r, &s, sig, sig_size, slen)); - -cleanup: - mbedtls_mpi_free(&r); - mbedtls_mpi_free(&s); - - return ret; -} - -/* - * Compute and write signature - */ -int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t sig_size, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng) -{ - return mbedtls_ecdsa_write_signature_restartable( - ctx, md_alg, hash, hlen, sig, sig_size, slen, - f_rng, p_rng, NULL); -} - -/* - * Read and check signature - */ -int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen) -{ - return mbedtls_ecdsa_read_signature_restartable( - ctx, hash, hlen, sig, slen, NULL); -} - -/* - * Restartable read and check signature - */ -int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen, - mbedtls_ecdsa_restart_ctx *rs_ctx) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char *p = (unsigned char *) sig; - const unsigned char *end = sig + slen; - size_t len; - mbedtls_mpi r, s; - mbedtls_mpi_init(&r); - mbedtls_mpi_init(&s); - - if ((ret = mbedtls_asn1_get_tag(&p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - goto cleanup; - } - - if (p + len != end) { - ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); - goto cleanup; - } - - if ((ret = mbedtls_asn1_get_mpi(&p, end, &r)) != 0 || - (ret = mbedtls_asn1_get_mpi(&p, end, &s)) != 0) { - ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - goto cleanup; - } -#if defined(MBEDTLS_ECDSA_VERIFY_ALT) - (void) rs_ctx; - - if ((ret = mbedtls_ecdsa_verify(&ctx->grp, hash, hlen, - &ctx->Q, &r, &s)) != 0) { - goto cleanup; - } -#else - if ((ret = mbedtls_ecdsa_verify_restartable(&ctx->grp, hash, hlen, - &ctx->Q, &r, &s, rs_ctx)) != 0) { - goto cleanup; - } -#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ - - /* At this point we know that the buffer starts with a valid signature. - * Return 0 if the buffer just contains the signature, and a specific - * error code if the valid signature is followed by more data. */ - if (p != end) { - ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH; - } - -cleanup: - mbedtls_mpi_free(&r); - mbedtls_mpi_free(&s); - - return ret; -} - -#if !defined(MBEDTLS_ECDSA_GENKEY_ALT) -/* - * Generate key pair - */ -int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) -{ - int ret = 0; - ret = mbedtls_ecp_group_load(&ctx->grp, gid); - if (ret != 0) { - return ret; - } - - return mbedtls_ecp_gen_keypair(&ctx->grp, &ctx->d, - &ctx->Q, f_rng, p_rng); -} -#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */ - -/* - * Set context from an mbedtls_ecp_keypair - */ -int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if ((ret = mbedtls_ecp_group_copy(&ctx->grp, &key->grp)) != 0 || - (ret = mbedtls_mpi_copy(&ctx->d, &key->d)) != 0 || - (ret = mbedtls_ecp_copy(&ctx->Q, &key->Q)) != 0) { - mbedtls_ecdsa_free(ctx); - } - - return ret; -} - -/* - * Initialize context - */ -void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx) -{ - mbedtls_ecp_keypair_init(ctx); -} - -/* - * Free context - */ -void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx) -{ - if (ctx == NULL) { - return; - } - - mbedtls_ecp_keypair_free(ctx); -} - -#if defined(MBEDTLS_ECP_RESTARTABLE) -/* - * Initialize a restart context - */ -void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx) -{ - mbedtls_ecp_restart_init(&ctx->ecp); - - ctx->ver = NULL; - ctx->sig = NULL; -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - ctx->det = NULL; -#endif -} - -/* - * Free the components of a restart context - */ -void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx) -{ - if (ctx == NULL) { - return; - } - - mbedtls_ecp_restart_free(&ctx->ecp); - - ecdsa_restart_ver_free(ctx->ver); - mbedtls_free(ctx->ver); - ctx->ver = NULL; - - ecdsa_restart_sig_free(ctx->sig); - mbedtls_free(ctx->sig); - ctx->sig = NULL; - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - ecdsa_restart_det_free(ctx->det); - mbedtls_free(ctx->det); - ctx->det = NULL; -#endif -} -#endif /* MBEDTLS_ECP_RESTARTABLE */ - -#endif /* MBEDTLS_ECDSA_C */ diff --git a/subsys/nrf_security/src/legacy/ecjpake_oberon.c b/subsys/nrf_security/src/legacy/ecjpake_oberon.c deleted file mode 100644 index ce908cbe73e4..000000000000 --- a/subsys/nrf_security/src/legacy/ecjpake_oberon.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Elliptic curve J-PAKE - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * References in the code are to the Thread v1.0 Specification, - * available to members of the Thread Group http://threadgroup.org/ - */ - -/* Copy-pasted from ecjpake.c in mbed TLS disitribution */ - - -#include "common.h" - -#if defined(MBEDTLS_ECJPAKE_C) && defined(MBEDTLS_ECJPAKE_ALT) - -#include "mbedtls/ecjpake.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/error.h" - -#include - - - -int mbedtls_ecjpake_set_point_format( mbedtls_ecjpake_context *ctx, - int point_format ) -{ - switch( point_format ) - { - case MBEDTLS_ECP_PF_UNCOMPRESSED: - case MBEDTLS_ECP_PF_COMPRESSED: - ctx->point_format = point_format; - return( 0 ); - default: - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - } -} - - -#endif diff --git a/subsys/nrf_security/src/legacy/md_ext.c b/subsys/nrf_security/src/legacy/md_ext.c deleted file mode 100644 index 165e69bbab78..000000000000 --- a/subsys/nrf_security/src/legacy/md_ext.c +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright (c) 2024 Nordic Semiconductor - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - * - */ - -#include - -/* Functions required for MD to work. These APIs are copied from psa_crypto.c*/ - -int psa_can_do_hash(psa_algorithm_t hash_alg) -{ - (void) hash_alg; - return 1; -} - -int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg) -{ - (void) key_type; - (void) cipher_alg; - return 1; -} diff --git a/subsys/nrf_security/src/legacy/memory_buffer_alloc.c b/subsys/nrf_security/src/legacy/memory_buffer_alloc.c deleted file mode 100644 index 22466d80e68c..000000000000 --- a/subsys/nrf_security/src/legacy/memory_buffer_alloc.c +++ /dev/null @@ -1,772 +0,0 @@ -/* - * Buffer-based memory allocator - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#if defined(CONFIG_CC3XX_BACKEND) -// Take inn the mutex header file if CryptoCell is enabled -#include "nrf_cc3xx_platform_mutex.h" -#endif // defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - -#include "mbedtls/memory_buffer_alloc.h" - -/* No need for the header guard as MBEDTLS_MEMORY_BUFFER_ALLOC_C - is dependent upon MBEDTLS_PLATFORM_C */ -#include "mbedtls/platform.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_MEMORY_BACKTRACE) -#include -#endif - -#if defined(MBEDTLS_THREADING_C) -#include "mbedtls/threading.h" -#endif - -#define MAGIC1 0xFF00AA55 -#define MAGIC2 0xEE119966 -#define MAX_BT 20 - -typedef struct _memory_header memory_header; -struct _memory_header -{ - size_t magic1; - size_t size; - size_t alloc; - memory_header *prev; - memory_header *next; - memory_header *prev_free; - memory_header *next_free; -#if defined(MBEDTLS_MEMORY_BACKTRACE) - char **trace; - size_t trace_count; -#endif - size_t magic2; -}; - -typedef struct -{ - unsigned char *buf; - size_t len; - memory_header *first; - memory_header *first_free; - int verify; -#if defined(MBEDTLS_MEMORY_DEBUG) - size_t alloc_count; - size_t free_count; - size_t total_used; - size_t maximum_used; - size_t header_count; - size_t maximum_header_count; -#endif -#if defined(MBEDTLS_THREADING_C) -#if defined(CONFIG_CC3XX_BACKEND) - // Adding pointer for the mutex as this is not created in this scope - // when we are using CryptoCell - mbedtls_threading_mutex_t* mutex; -#else - // Standard mutex handling if CryptoCell is not in used - mbedtls_threading_mutex_t mutex; -#endif // defined(CONFIG_CC3XX_BACKEND) -#endif -} -buffer_alloc_ctx; - -static buffer_alloc_ctx heap; - -#if defined(CONFIG_CC3XX_BACKEND) -// Adding a statically defined heap mutex for CryptoCell -extern nrf_cc3xx_platform_mutex_t heap_mutex; -#endif - -#if defined(MBEDTLS_MEMORY_DEBUG) -static void debug_header( memory_header *hdr ) -{ -#if defined(MBEDTLS_MEMORY_BACKTRACE) - size_t i; -#endif - - mbedtls_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), " - "ALLOC(%zu), SIZE(%10zu)\n", - (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next, - hdr->alloc, hdr->size ); - mbedtls_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n", - (size_t) hdr->prev_free, (size_t) hdr->next_free ); - -#if defined(MBEDTLS_MEMORY_BACKTRACE) - mbedtls_fprintf( stderr, "TRACE: \n" ); - for( i = 0; i < hdr->trace_count; i++ ) - mbedtls_fprintf( stderr, "%s\n", hdr->trace[i] ); - mbedtls_fprintf( stderr, "\n" ); -#endif -} - -static void debug_chain( void ) -{ - memory_header *cur = heap.first; - - mbedtls_fprintf( stderr, "\nBlock list\n" ); - while( cur != NULL ) - { - debug_header( cur ); - cur = cur->next; - } - - mbedtls_fprintf( stderr, "Free list\n" ); - cur = heap.first_free; - - while( cur != NULL ) - { - debug_header( cur ); - cur = cur->next_free; - } -} -#endif /* MBEDTLS_MEMORY_DEBUG */ - -static int verify_header( memory_header *hdr ) -{ - if( hdr->magic1 != MAGIC1 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" ); -#endif - return( 1 ); - } - - if( hdr->magic2 != MAGIC2 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" ); -#endif - return( 1 ); - } - - if( hdr->alloc > 1 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: alloc has illegal value\n" ); -#endif - return( 1 ); - } - - if( hdr->prev != NULL && hdr->prev == hdr->next ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: prev == next\n" ); -#endif - return( 1 ); - } - - if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: prev_free == next_free\n" ); -#endif - return( 1 ); - } - - return( 0 ); -} - -static int verify_chain( void ) -{ - memory_header *prv = heap.first, *cur; - - if( prv == NULL || verify_header( prv ) != 0 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification of first header " - "failed\n" ); -#endif - return( 1 ); - } - - if( heap.first->prev != NULL ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification failed: " - "first->prev != NULL\n" ); -#endif - return( 1 ); - } - - cur = heap.first->next; - - while( cur != NULL ) - { - if( verify_header( cur ) != 0 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification of header " - "failed\n" ); -#endif - return( 1 ); - } - - if( cur->prev != prv ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification failed: " - "cur->prev != prv\n" ); -#endif - return( 1 ); - } - - prv = cur; - cur = cur->next; - } - - return( 0 ); -} - -static void *buffer_alloc_calloc( size_t n, size_t size ) -{ - memory_header *new, *cur = heap.first_free; - unsigned char *p; - void *ret; - size_t original_len, len; -#if defined(MBEDTLS_MEMORY_BACKTRACE) - void *trace_buffer[MAX_BT]; - size_t trace_cnt; -#endif - - if( heap.buf == NULL || heap.first == NULL ) - return( NULL ); - - original_len = len = n * size; - - if( n == 0 || size == 0 || len / n != size ) - return( NULL ); - else if( len > (size_t)-MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - return( NULL ); - - if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { - len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE; - len += MBEDTLS_MEMORY_ALIGN_MULTIPLE; - } - - // Find block that fits - // - while( cur != NULL ) - { - if( cur->size >= len ) - break; - - cur = cur->next_free; - } - - if( cur == NULL ) - return( NULL ); - - if( cur->alloc != 0 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: block in free_list but allocated " - "data\n" ); -#endif - mbedtls_exit( 1 ); - } - -#if defined(MBEDTLS_MEMORY_DEBUG) - heap.alloc_count++; -#endif - - // Found location, split block if > memory_header + 4 room left - // - if( cur->size - len < sizeof(memory_header) + - MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { - cur->alloc = 1; - - // Remove from free_list - // - if( cur->prev_free != NULL ) - cur->prev_free->next_free = cur->next_free; - else - heap.first_free = cur->next_free; - - if( cur->next_free != NULL ) - cur->next_free->prev_free = cur->prev_free; - - cur->prev_free = NULL; - cur->next_free = NULL; - -#if defined(MBEDTLS_MEMORY_DEBUG) - heap.total_used += cur->size; - if( heap.total_used > heap.maximum_used ) - heap.maximum_used = heap.total_used; -#endif -#if defined(MBEDTLS_MEMORY_BACKTRACE) - trace_cnt = backtrace( trace_buffer, MAX_BT ); - cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); - cur->trace_count = trace_cnt; -#endif - - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); - - ret = (unsigned char *) cur + sizeof( memory_header ); - memset( ret, 0, original_len ); - - return( ret ); - } - - p = ( (unsigned char *) cur ) + sizeof(memory_header) + len; - new = (memory_header *) p; - - new->size = cur->size - len - sizeof(memory_header); - new->alloc = 0; - new->prev = cur; - new->next = cur->next; -#if defined(MBEDTLS_MEMORY_BACKTRACE) - new->trace = NULL; - new->trace_count = 0; -#endif - new->magic1 = MAGIC1; - new->magic2 = MAGIC2; - - if( new->next != NULL ) - new->next->prev = new; - - // Replace cur with new in free_list - // - new->prev_free = cur->prev_free; - new->next_free = cur->next_free; - if( new->prev_free != NULL ) - new->prev_free->next_free = new; - else - heap.first_free = new; - - if( new->next_free != NULL ) - new->next_free->prev_free = new; - - cur->alloc = 1; - cur->size = len; - cur->next = new; - cur->prev_free = NULL; - cur->next_free = NULL; - -#if defined(MBEDTLS_MEMORY_DEBUG) - heap.header_count++; - if( heap.header_count > heap.maximum_header_count ) - heap.maximum_header_count = heap.header_count; - heap.total_used += cur->size; - if( heap.total_used > heap.maximum_used ) - heap.maximum_used = heap.total_used; -#endif -#if defined(MBEDTLS_MEMORY_BACKTRACE) - trace_cnt = backtrace( trace_buffer, MAX_BT ); - cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); - cur->trace_count = trace_cnt; -#endif - - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); - - ret = (unsigned char *) cur + sizeof( memory_header ); - memset( ret, 0, original_len ); - - return( ret ); -} - -static void buffer_alloc_free( void *ptr ) -{ - memory_header *hdr, *old = NULL; - unsigned char *p = (unsigned char *) ptr; - - if( ptr == NULL || heap.buf == NULL || heap.first == NULL ) - return; - - if( p < heap.buf || p >= heap.buf + heap.len ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed " - "space\n" ); -#endif - mbedtls_exit( 1 ); - } - - p -= sizeof(memory_header); - hdr = (memory_header *) p; - - if( verify_header( hdr ) != 0 ) - mbedtls_exit( 1 ); - - if( hdr->alloc != 1 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: mbedtls_free() on unallocated " - "data\n" ); -#endif - mbedtls_exit( 1 ); - } - - hdr->alloc = 0; - -#if defined(MBEDTLS_MEMORY_DEBUG) - heap.free_count++; - heap.total_used -= hdr->size; -#endif - -#if defined(MBEDTLS_MEMORY_BACKTRACE) - free( hdr->trace ); - hdr->trace = NULL; - hdr->trace_count = 0; -#endif - - // Regroup with block before - // - if( hdr->prev != NULL && hdr->prev->alloc == 0 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - heap.header_count--; -#endif - hdr->prev->size += sizeof(memory_header) + hdr->size; - hdr->prev->next = hdr->next; - old = hdr; - hdr = hdr->prev; - - if( hdr->next != NULL ) - hdr->next->prev = hdr; - - memset( old, 0, sizeof(memory_header) ); - } - - // Regroup with block after - // - if( hdr->next != NULL && hdr->next->alloc == 0 ) - { -#if defined(MBEDTLS_MEMORY_DEBUG) - heap.header_count--; -#endif - hdr->size += sizeof(memory_header) + hdr->next->size; - old = hdr->next; - hdr->next = hdr->next->next; - - if( hdr->prev_free != NULL || hdr->next_free != NULL ) - { - if( hdr->prev_free != NULL ) - hdr->prev_free->next_free = hdr->next_free; - else - heap.first_free = hdr->next_free; - - if( hdr->next_free != NULL ) - hdr->next_free->prev_free = hdr->prev_free; - } - - hdr->prev_free = old->prev_free; - hdr->next_free = old->next_free; - - if( hdr->prev_free != NULL ) - hdr->prev_free->next_free = hdr; - else - heap.first_free = hdr; - - if( hdr->next_free != NULL ) - hdr->next_free->prev_free = hdr; - - if( hdr->next != NULL ) - hdr->next->prev = hdr; - - memset( old, 0, sizeof(memory_header) ); - } - - // Prepend to free_list if we have not merged - // (Does not have to stay in same order as prev / next list) - // - if( old == NULL ) - { - hdr->next_free = heap.first_free; - if( heap.first_free != NULL ) - heap.first_free->prev_free = hdr; - heap.first_free = hdr; - } - - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); -} - -void mbedtls_memory_buffer_set_verify( int verify ) -{ - heap.verify = verify; -} - -int mbedtls_memory_buffer_alloc_verify( void ) -{ - return verify_chain(); -} - -#if defined(MBEDTLS_MEMORY_DEBUG) -void mbedtls_memory_buffer_alloc_status( void ) -{ - mbedtls_fprintf( stderr, - "Current use: %zu blocks / %zu bytes, max: %zu blocks / " - "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n", - heap.header_count, heap.total_used, - heap.maximum_header_count, heap.maximum_used, - heap.maximum_header_count * sizeof( memory_header ) - + heap.maximum_used, - heap.alloc_count, heap.free_count ); - - if( heap.first->next == NULL ) - { - mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" ); - } - else - { - mbedtls_fprintf( stderr, "Memory currently allocated:\n" ); - debug_chain(); - } -} - -void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ) -{ - *max_used = heap.maximum_used; - *max_blocks = heap.maximum_header_count; -} - -void mbedtls_memory_buffer_alloc_max_reset( void ) -{ - heap.maximum_used = 0; - heap.maximum_header_count = 0; -} - -void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) -{ - *cur_used = heap.total_used; - *cur_blocks = heap.header_count; -} -#endif /* MBEDTLS_MEMORY_DEBUG */ - -#if defined(MBEDTLS_THREADING_C) -static void *buffer_alloc_calloc_mutexed( size_t n, size_t size ) -{ - void *buf; - if( mbedtls_mutex_lock( heap.mutex ) != 0 ) - return( NULL ); - buf = buffer_alloc_calloc( n, size ); - if( mbedtls_mutex_unlock( heap.mutex ) ) - return( NULL ); - return( buf ); -} - -static void buffer_alloc_free_mutexed( void *ptr ) -{ - /* We have to good option here, but corrupting the heap seems - * worse than loosing memory. */ - if( mbedtls_mutex_lock( heap.mutex ) ) - return; - buffer_alloc_free( ptr ); - (void) mbedtls_mutex_unlock( heap.mutex ); -} -#endif /* MBEDTLS_THREADING_C */ - -void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ) -{ - memset( &heap, 0, sizeof( buffer_alloc_ctx ) ); - -#if defined(CONFIG_CC3XX_BACKEND) - // Setting heap mutex if CryptoCell is used - heap.mutex = (mbedtls_threading_mutex_t*) &heap_mutex; -#endif // defined(CONFIG_CC3XX_BACKEND) - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( heap.mutex ); - mbedtls_platform_set_calloc_free( buffer_alloc_calloc_mutexed, - buffer_alloc_free_mutexed ); -#else - mbedtls_platform_set_calloc_free( buffer_alloc_calloc, buffer_alloc_free ); -#endif - - if( len < sizeof( memory_header ) + MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - return; - else if( (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { - /* Adjust len first since buf is used in the computation */ - len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE - - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; - buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE - - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; - } - - memset( buf, 0, len ); - - heap.buf = buf; - heap.len = len; - - heap.first = (memory_header *)buf; - heap.first->size = len - sizeof( memory_header ); - heap.first->magic1 = MAGIC1; - heap.first->magic2 = MAGIC2; - heap.first_free = heap.first; -} - -void mbedtls_memory_buffer_alloc_free( void ) -{ -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( heap.mutex ); -#endif - mbedtls_platform_zeroize( &heap, sizeof(buffer_alloc_ctx) ); -} - -#if defined(MBEDTLS_SELF_TEST) -static int check_pointer( void *p ) -{ - if( p == NULL ) - return( -1 ); - - if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 ) - return( -1 ); - - return( 0 ); -} - -static int check_all_free( void ) -{ - if( -#if defined(MBEDTLS_MEMORY_DEBUG) - heap.total_used != 0 || -#endif - heap.first != heap.first_free || - (void *) heap.first != (void *) heap.buf ) - { - return( -1 ); - } - - return( 0 ); -} - -#define TEST_ASSERT( condition ) \ - if( ! (condition) ) \ - { \ - if( verbose != 0 ) \ - mbedtls_printf( "failed\n" ); \ - \ - ret = 1; \ - goto cleanup; \ - } - -int mbedtls_memory_buffer_alloc_self_test( int verbose ) -{ - unsigned char buf[1024]; - unsigned char *p, *q, *r, *end; - int ret = 0; - - if( verbose != 0 ) - mbedtls_printf( " MBA test #1 (basic alloc-free cycle): " ); - - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); - - p = mbedtls_calloc( 1, 1 ); - q = mbedtls_calloc( 1, 128 ); - r = mbedtls_calloc( 1, 16 ); - - TEST_ASSERT( check_pointer( p ) == 0 && - check_pointer( q ) == 0 && - check_pointer( r ) == 0 ); - - mbedtls_free( r ); - mbedtls_free( q ); - mbedtls_free( p ); - - TEST_ASSERT( check_all_free( ) == 0 ); - - /* Memorize end to compare with the next test */ - end = heap.buf + heap.len; - - mbedtls_memory_buffer_alloc_free( ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - - if( verbose != 0 ) - mbedtls_printf( " MBA test #2 (buf not aligned): " ); - - mbedtls_memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 ); - - TEST_ASSERT( heap.buf + heap.len == end ); - - p = mbedtls_calloc( 1, 1 ); - q = mbedtls_calloc( 1, 128 ); - r = mbedtls_calloc( 1, 16 ); - - TEST_ASSERT( check_pointer( p ) == 0 && - check_pointer( q ) == 0 && - check_pointer( r ) == 0 ); - - mbedtls_free( r ); - mbedtls_free( q ); - mbedtls_free( p ); - - TEST_ASSERT( check_all_free( ) == 0 ); - - mbedtls_memory_buffer_alloc_free( ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - - if( verbose != 0 ) - mbedtls_printf( " MBA test #3 (full): " ); - - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); - - p = mbedtls_calloc( 1, sizeof( buf ) - sizeof( memory_header ) ); - - TEST_ASSERT( check_pointer( p ) == 0 ); - TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL ); - - mbedtls_free( p ); - - p = mbedtls_calloc( 1, sizeof( buf ) - 2 * sizeof( memory_header ) - 16 ); - q = mbedtls_calloc( 1, 16 ); - - TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 ); - TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL ); - - mbedtls_free( q ); - - TEST_ASSERT( mbedtls_calloc( 1, 17 ) == NULL ); - - mbedtls_free( p ); - - TEST_ASSERT( check_all_free( ) == 0 ); - - mbedtls_memory_buffer_alloc_free( ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - -cleanup: - mbedtls_memory_buffer_alloc_free( ); - - return( ret ); -} -#endif /* MBEDTLS_SELF_TEST */ - -#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ diff --git a/subsys/nrf_security/src/legacy/rsa_ext.c b/subsys/nrf_security/src/legacy/rsa_ext.c deleted file mode 100644 index 68f602478ad3..000000000000 --- a/subsys/nrf_security/src/legacy/rsa_ext.c +++ /dev/null @@ -1,17 +0,0 @@ -/* - * Copyright (c) 2024 Nordic Semiconductor - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - * - */ -#include - -/* Missing symbol when introducing Mbed TLS 3.6.0 and RSA_ALT*/ - -/* - * Get length in bits of RSA modulus - */ -size_t mbedtls_rsa_get_bitlen(const mbedtls_rsa_context *ctx) -{ - return mbedtls_mpi_bitlen(&ctx->N); -} diff --git a/subsys/nrf_security/src/psa_crypto_driver_wrappers.c b/subsys/nrf_security/src/psa_crypto_driver_wrappers.c index 0784d907f0b4..dea44ddf88eb 100644 --- a/subsys/nrf_security/src/psa_crypto_driver_wrappers.c +++ b/subsys/nrf_security/src/psa_crypto_driver_wrappers.c @@ -10,10 +10,9 @@ * Warning: This file will be auto-generated in the future. */ -#include "common.h" -#include "psa_crypto_core.h" -#include "psa_crypto_driver_wrappers.h" -#include +#include +#include +#include #if defined(MBEDTLS_PSA_CRYPTO_C) @@ -209,7 +208,8 @@ psa_status_t psa_driver_wrapper_sign_message_with_context( size_t context_length, uint8_t *signature, size_t signature_size, size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -271,7 +271,8 @@ psa_status_t psa_driver_wrapper_verify_message_with_context( size_t context_length, const uint8_t *signature, size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -335,7 +336,8 @@ psa_status_t psa_driver_wrapper_sign_hash_with_context( size_t context_length, uint8_t *signature, size_t signature_size, size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -398,7 +400,8 @@ psa_status_t psa_driver_wrapper_verify_hash_with_context( size_t context_length, const uint8_t *signature, size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -473,8 +476,9 @@ psa_driver_wrapper_get_key_buffer_size_from_key_data(const psa_key_attributes_t const uint8_t *data, size_t data_length, size_t *key_buffer_size) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); - psa_key_type_t key_type = attributes->type; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); + psa_key_type_t key_type = psa_get_key_type(attributes); *key_buffer_size = 0; switch (location) { @@ -511,9 +515,10 @@ psa_driver_wrapper_get_key_buffer_size_from_key_data(const psa_key_attributes_t psa_status_t psa_driver_wrapper_get_key_buffer_size(const psa_key_attributes_t *attributes, size_t *key_buffer_size) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); - psa_key_type_t key_type = attributes->type; - size_t key_bits = attributes->bits; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); + psa_key_type_t key_type = psa_get_key_type(attributes); + size_t key_bits = psa_get_key_bits(attributes); *key_buffer_size = 0; switch (location) { @@ -545,7 +550,8 @@ psa_status_t psa_driver_wrapper_generate_key(const psa_key_attributes_t *attribu size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -561,7 +567,7 @@ psa_status_t psa_driver_wrapper_generate_key(const psa_key_attributes_t *attribu } #endif /* PSA_CRYPTO_DRIVER_IRONSIDE */ /* Transparent drivers are limited to generating asymmetric keys */ - if (PSA_KEY_TYPE_IS_ASYMMETRIC(attributes->type)) { + if (PSA_KEY_TYPE_IS_ASYMMETRIC(psa_get_key_type(attributes))) { /* Cycle through all known transparent accelerators */ #if defined(PSA_NEED_CRACEN_KEY_MANAGEMENT_DRIVER) status = cracen_generate_key(attributes, key_buffer, key_buffer_size, @@ -773,7 +779,8 @@ psa_status_t psa_driver_wrapper_get_builtin_key(psa_drv_slot_number_t slot_numbe uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { #if defined(PSA_CRYPTO_DRIVER_IRONSIDE) @@ -808,7 +815,8 @@ psa_status_t psa_driver_wrapper_copy_key(psa_key_attributes_t *attributes, uint8_t *target_key_buffer, size_t target_key_buffer_size, size_t *target_key_buffer_length) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { #if defined(PSA_CRYPTO_DRIVER_IRONSIDE) @@ -838,8 +846,10 @@ psa_status_t psa_driver_wrapper_derive_key(const psa_key_attributes_t *attribute size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); - switch (PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime)) { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Add cases for transparent drivers here */ #ifdef PSA_CRYPTO_DRIVER_IRONSIDE @@ -891,7 +901,8 @@ psa_status_t psa_driver_wrapper_cipher_encrypt(const psa_key_attributes_t *attri size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -965,7 +976,8 @@ psa_status_t psa_driver_wrapper_cipher_decrypt(const psa_key_attributes_t *attri size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { #if defined(PSA_NEED_CRACEN_KMU_DRIVER) @@ -1024,7 +1036,8 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup(psa_cipher_operation_t *ope size_t key_buffer_size, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1087,7 +1100,8 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup(psa_cipher_operation_t *ope size_t key_buffer_size, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1538,7 +1552,8 @@ psa_status_t psa_driver_wrapper_aead_encrypt(const psa_key_attributes_t *attribu size_t *ciphertext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1608,7 +1623,8 @@ psa_status_t psa_driver_wrapper_aead_decrypt(const psa_key_attributes_t *attribu size_t *plaintext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { #if defined(PSA_NEED_CRACEN_AEAD_DRIVER) @@ -1680,7 +1696,8 @@ psa_status_t psa_driver_wrapper_aead_encrypt_setup(psa_aead_operation_t *operati size_t key_buffer_size, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1744,7 +1761,8 @@ psa_status_t psa_driver_wrapper_aead_decrypt_setup(psa_aead_operation_t *operati size_t key_buffer_size, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -2010,7 +2028,8 @@ psa_status_t psa_driver_wrapper_mac_compute(const psa_key_attributes_t *attribut size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); #if !defined(PSA_WANT_ALG_SHA_1) if (PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1) { @@ -2071,7 +2090,8 @@ psa_status_t psa_driver_wrapper_mac_sign_setup(psa_mac_operation_t *operation, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); #if !defined(PSA_WANT_ALG_SHA_1) if (PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1) { @@ -2136,7 +2156,8 @@ psa_status_t psa_driver_wrapper_mac_verify_setup(psa_mac_operation_t *operation, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); #if !defined(PSA_WANT_ALG_SHA_1) if (PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1) { @@ -2479,8 +2500,8 @@ psa_status_t psa_driver_wrapper_key_agreement(const psa_key_attributes_t *attrib size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -2551,10 +2572,11 @@ psa_status_t psa_driver_wrapper_encapsulate(const psa_key_attributes_t *attribut size_t *output_key_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length) { - psa_status_t status; - (void)status; + psa_status_t status __attribute__((unused)); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); - switch (PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime)) { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Add cases for transparent drivers here */ #ifdef PSA_CRYPTO_DRIVER_IRONSIDE @@ -2598,10 +2620,11 @@ psa_status_t psa_driver_wrapper_decapsulate(const psa_key_attributes_t *attribut uint8_t *output_key, size_t output_key_size, size_t *output_key_length) { - psa_status_t status; - (void)status; + psa_status_t status __attribute__((unused)); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); - switch (PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime)) { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Add cases for transparent drivers here */ #ifdef PSA_CRYPTO_DRIVER_IRONSIDE @@ -2646,7 +2669,10 @@ psa_status_t psa_driver_wrapper_pake_setup(psa_pake_operation_t *operation, const psa_pake_cipher_suite_t *cipher_suite) { psa_status_t status; - switch (PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime)) { + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); + + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Add cases for transparent drivers here */ #ifdef PSA_CRYPTO_DRIVER_IRONSIDE @@ -2919,8 +2945,8 @@ psa_status_t psa_driver_wrapper_asymmetric_encrypt( size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -2976,8 +3002,8 @@ psa_status_t psa_driver_wrapper_asymmetric_decrypt( size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -3054,7 +3080,10 @@ psa_status_t psa_driver_wrapper_wrap_key(const psa_key_attributes_t *wrapping_ke const uint8_t *key_data, size_t key_size, uint8_t *data, size_t data_size, size_t *data_length) { - switch (PSA_KEY_LIFETIME_GET_LOCATION(wrapping_key_attributes->lifetime)) { + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(wrapping_key_attributes)); + + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: #if defined(PSA_NEED_CRACEN_KMU_DRIVER) case PSA_KEY_LOCATION_CRACEN_KMU: @@ -3097,7 +3126,11 @@ psa_status_t psa_driver_wrapper_unwrap_key(const psa_key_attributes_t *attribute const uint8_t *data, size_t data_length, uint8_t *key, size_t key_size, size_t *key_length) { - switch (PSA_KEY_LIFETIME_GET_LOCATION(wrapping_key_attributes->lifetime)) { + + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(wrapping_key_attributes)); + + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: #if defined(PSA_NEED_CRACEN_KMU_DRIVER) case PSA_KEY_LOCATION_CRACEN_KMU: @@ -3216,7 +3249,8 @@ psa_status_t psa_driver_wrapper_get_entropy(uint32_t flags, size_t *estimate_bit psa_status_t psa_driver_wrapper_destroy_builtin_key(const psa_key_attributes_t *attributes) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); switch (location) { #if defined(PSA_CRYPTO_DRIVER_IRONSIDE) diff --git a/subsys/nrf_security/src/tf-psa-crypto/CMakeLists.txt b/subsys/nrf_security/src/tf-psa-crypto/CMakeLists.txt new file mode 100644 index 000000000000..96eff0b983be --- /dev/null +++ b/subsys/nrf_security/src/tf-psa-crypto/CMakeLists.txt @@ -0,0 +1,95 @@ +# +# Copyright (c) 2026 - 2099 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +if(CONFIG_MBEDTLS_MEMORY_BUFFER_ALLOC_C) + append_with_prefix(src_crypto ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/platform + memory_buffer_alloc.c + ) +endif() + +# Build TF-PSA-Crypto files when not building the TF-M S image. +if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + + append_with_prefix(src_crypto ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/utilities + asn1parse.c + asn1write.c + base64.c + oid.c + pem.c + pkcs5.c + ) + + append_with_prefix(src_crypto ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/legacy_sub/src + bignum.c + bignum_core.c + ecp.c + ecp_curves.c + psa_util_internal.c + ) + + append_with_prefix(src_crypto ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/extras + md.c + nist_kw.c + pk.c + pk_ecc.c + pk_rsa.c + pk_wrap.c + pkparse.c + pkwrite.c + ) + + append_with_prefix(src_crypto ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/core + psa_util.c + ) + + # Add some TF-PSA-Crypto source files only when building client-only images + # (TF-M NS, PSA_SSF_CRYPTO_CLIENT). + # In other cases they are built as part of the PSA Crypto core, but when + # building client-only images the functions these files implement are not + # made available so we need their implementation in this image. + if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_C) + append_with_prefix(src_crypto ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/platform + platform_util.c + ) + append_with_prefix(src_crypto ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/utilities + constant_time.c + ) + endif() + + if(CONFIG_MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS) + append_with_prefix(src_crypto ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/legacy_sub/src + aes.c + cipher.c + cipher_wrap.c + ccm.c + gcm.c + md5.c + rsa.c + rsa_alt_helpers.c + sha1.c + sha256.c + sha512.c + ) + endif() + + target_include_directories(${mbedcrypto_target} + PUBLIC # public because needed by Mbed TLS which links to mbedcrypto via tfpsacrypto ALIAS below + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/utilities + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/legacy_sub/include + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/legacy_sub/src + ) +endif() + +if(CONFIG_MBEDTLS) + if(NOT (CONFIG_MBEDTLS_BUILTIN AND CONFIG_TF_PSA_CRYPTO_CUSTOM)) + message(FATAL_ERROR "Invalid Mbed TLS/TF-PSA-Crypto configuration.") + endif() + # Mbed TLS has a hard dependency on there being a tfpsacrypto library. + # Making it as an alias to mbedcrypto works well. + add_library(tfpsacrypto ALIAS ${mbedcrypto_target}) +endif() + +target_sources(${mbedcrypto_target} PRIVATE ${src_crypto}) diff --git a/subsys/nrf_security/src/threading/include/threading_alt.h b/subsys/nrf_security/src/threading/include/threading_alt.h index 2bd2c6d5a90e..7ea7f38bf008 100644 --- a/subsys/nrf_security/src/threading/include/threading_alt.h +++ b/subsys/nrf_security/src/threading/include/threading_alt.h @@ -9,6 +9,21 @@ #include -typedef struct k_mutex mbedtls_threading_mutex_t; +#if !defined(CONFIG_HW_CC3XX) + +/* This needs to be a k_mutex and not a pointer because Oberon uses this + * directly in its oberon_ctr_drbg_context_t struct. + */ +typedef struct k_mutex mbedtls_platform_mutex_t; + +#else + +#include +typedef nrf_cc3xx_platform_mutex_t mbedtls_platform_mutex_t; + +#endif + +/* Unused, but needs to be defined. */ +typedef int mbedtls_platform_condition_variable_t; #endif /* MBEDTLS_THREADING_ALT_H */ diff --git a/subsys/nrf_security/src/threading/threading.cmake b/subsys/nrf_security/src/threading/threading.cmake index 9c870cc95678..164224842edf 100644 --- a/subsys/nrf_security/src/threading/threading.cmake +++ b/subsys/nrf_security/src/threading/threading.cmake @@ -4,12 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# This file includes threading support required by the PSA crypto core -# Which was added in Mbed TLS 3.6.0. +if(CONFIG_MBEDTLS_THREADING_C) -if(CONFIG_MBEDTLS_THREADING_C AND NOT CONFIG_NRF_CC3XX_PLATFORM) - - append_with_prefix(src_crypto_base ${CMAKE_CURRENT_LIST_DIR} + append_with_prefix(src_crypto_core_oberon ${CMAKE_CURRENT_LIST_DIR} threading_alt.c ) @@ -25,11 +22,4 @@ if(CONFIG_MBEDTLS_THREADING_C AND NOT CONFIG_NRF_CC3XX_PLATFORM) ${CMAKE_CURRENT_LIST_DIR}/include ) - - # Add include of threading_alt.h in interface build - target_include_directories(psa_crypto_config - INTERFACE - ${CMAKE_CURRENT_LIST_DIR}/include - ) - endif() diff --git a/subsys/nrf_security/src/threading/threading_alt.c b/subsys/nrf_security/src/threading/threading_alt.c index e1ab2b84018d..293521608baf 100644 --- a/subsys/nrf_security/src/threading/threading_alt.c +++ b/subsys/nrf_security/src/threading/threading_alt.c @@ -4,38 +4,91 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ -#include "threading_alt.h" -#include -#include -#include -#include +#include #include -#include -K_MUTEX_DEFINE(mbedtls_threading_key_slot_mutex); -K_MUTEX_DEFINE(mbedtls_threading_psa_globaldata_mutex); -K_MUTEX_DEFINE(mbedtls_threading_psa_rngdata_mutex); +#if !defined(CONFIG_HW_CC3XX) -void mbedtls_mutex_init_fn(mbedtls_threading_mutex_t *mutex) +#define MBEDTLS_MUTEX_DEFINE(name) \ + mbedtls_threading_mutex_t name = { \ + .MBEDTLS_PRIVATE(mutex) = \ + Z_MUTEX_INITIALIZER(name.MBEDTLS_PRIVATE(mutex)), \ + } + +MBEDTLS_MUTEX_DEFINE(mbedtls_threading_key_slot_mutex); +MBEDTLS_MUTEX_DEFINE(mbedtls_threading_psa_globaldata_mutex); +MBEDTLS_MUTEX_DEFINE(mbedtls_threading_psa_rngdata_mutex); +MBEDTLS_MUTEX_DEFINE(mbedtls_threading_heap_mutex); + +void mbedtls_mutex_init(mbedtls_threading_mutex_t *mutex) +{ + k_mutex_init(&mutex->MBEDTLS_PRIVATE(mutex)); +} + +void mbedtls_mutex_free(mbedtls_threading_mutex_t *mutex) { - k_mutex_init(mutex); } -void mbedtls_mutex_free_fn(mbedtls_threading_mutex_t *mutex) +int mbedtls_mutex_lock(mbedtls_threading_mutex_t *mutex) { + return k_mutex_lock(&mutex->MBEDTLS_PRIVATE(mutex), K_FOREVER); } -int mbedtls_mutex_lock_fn(mbedtls_threading_mutex_t *mutex) +int mbedtls_mutex_unlock(mbedtls_threading_mutex_t *mutex) { - return k_mutex_lock(mutex, K_FOREVER); + return k_mutex_unlock(&mutex->MBEDTLS_PRIVATE(mutex)); } -int mbedtls_mutex_unlock_fn(mbedtls_threading_mutex_t *mutex) +#else + +#include + +/* These live in hw_cc3xx.c because they need to be initialized during SYS_INIT */ +extern mbedtls_threading_mutex_t mbedtls_threading_key_slot_mutex; +extern mbedtls_threading_mutex_t mbedtls_threading_psa_globaldata_mutex; +extern mbedtls_threading_mutex_t mbedtls_threading_psa_rngdata_mutex; +extern mbedtls_threading_mutex_t mbedtls_threading_heap_mutex; + +/* + * When CC3XX is enabled, global mutex objects are provided by + * nrf_cc3xx_platform_mutex_zephyr.c. Keep init/free as no-op wrappers and + * expose real function symbols for lock/unlock to avoid resolving to the + * CC3XX archive's data symbols with the same names. + */ +void mbedtls_mutex_init(mbedtls_threading_mutex_t *mutex) { - return k_mutex_unlock(mutex); + if (platform_mutex_apis.mutex_init_fn == NULL) { + return; + } + + platform_mutex_apis.mutex_init_fn(&mutex->MBEDTLS_PRIVATE(mutex)); +} + +void mbedtls_mutex_free(mbedtls_threading_mutex_t *mutex) +{ + if (platform_mutex_apis.mutex_free_fn == NULL) { + return; + } + + platform_mutex_apis.mutex_free_fn(&mutex->MBEDTLS_PRIVATE(mutex)); +} + +int mbedtls_mutex_lock(mbedtls_threading_mutex_t *mutex) +{ + if (platform_mutex_apis.mutex_lock_fn == NULL) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } + + return platform_mutex_apis.mutex_lock_fn(&mutex->MBEDTLS_PRIVATE(mutex)); +} + +int mbedtls_mutex_unlock(mbedtls_threading_mutex_t *mutex) +{ + if (platform_mutex_apis.mutex_unlock_fn == NULL) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } + + return platform_mutex_apis.mutex_unlock_fn(&mutex->MBEDTLS_PRIVATE(mutex)); } -void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_init_fn; -void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_free_fn; -int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_lock_fn; -int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_unlock_fn; +#endif diff --git a/subsys/nrf_security/src/zephyr/CMakeLists.txt b/subsys/nrf_security/src/zephyr/CMakeLists.txt index a1d47f0d662f..2371a1a72412 100644 --- a/subsys/nrf_security/src/zephyr/CMakeLists.txt +++ b/subsys/nrf_security/src/zephyr/CMakeLists.txt @@ -28,12 +28,6 @@ if(CONFIG_MBEDTLS_ENABLE_HEAP) ) endif() -if(CONFIG_MBEDTLS_ENTROPY_POLL) - list(APPEND src_zephyr - ${NRF_SECURITY_ROOT}/src/zephyr/entropy_poll.c - ) -endif() - if(CONFIG_PSA_CRYPTO_SYS_INIT) # Include a late initialization of psa_crypto_init just-in-case list(APPEND src_zephyr @@ -78,6 +72,10 @@ endif() # Add the generic mbedtls_external library to interface with zephyr add_library(mbedtls_external INTERFACE) +target_include_directories(mbedtls_external INTERFACE + ${ZEPHYR_MBEDTLS_MODULE_DIR}/include +) + # Link to the NSPE versions of the libraries providing TLS/DTLS and x509 APIs if(TARGET mbedtls) target_link_libraries(mbedtls_external INTERFACE mbedtls) diff --git a/subsys/nrf_security/src/zephyr/entropy_poll.c b/subsys/nrf_security/src/zephyr/entropy_poll.c deleted file mode 100644 index 7614121c45aa..000000000000 --- a/subsys/nrf_security/src/zephyr/entropy_poll.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len, size_t *olen) -{ - const struct device *dev = DEVICE_DT_GET(DT_CHOSEN(zephyr_entropy)); - size_t chunk_size; - - (void)data; - - if (output == NULL) { - return -1; - } - - if (olen == NULL) { - return -1; - } - - if (len == 0) { - return -1; - } - - if (!device_is_ready(dev)) { - return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; - } - - while (len > 0) { - chunk_size = MIN(MBEDTLS_ENTROPY_MAX_GATHER, len); - - if (entropy_get_entropy(dev, output, chunk_size) < 0) { - return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; - } - - *olen += chunk_size; - output += chunk_size; - len -= chunk_size; - } - - return 0; -} diff --git a/subsys/nrf_security/src/zephyr/psa_crypto_init.c b/subsys/nrf_security/src/zephyr/psa_crypto_init.c index b48bc60ffab9..895c6a5631d4 100644 --- a/subsys/nrf_security/src/zephyr/psa_crypto_init.c +++ b/subsys/nrf_security/src/zephyr/psa_crypto_init.c @@ -12,7 +12,7 @@ #include #include -#if defined(CONFIG_MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(CONFIG_MBEDTLS_BUILTIN) +#if defined(CONFIG_PSA_CRYPTO) && !defined(CONFIG_TF_PSA_CRYPTO_BUILTIN) #include "psa/crypto.h" diff --git a/subsys/nrf_security/tfm/CMakeLists.txt b/subsys/nrf_security/tfm/CMakeLists.txt index 1d734a87f5c1..154c5331e03f 100644 --- a/subsys/nrf_security/tfm/CMakeLists.txt +++ b/subsys/nrf_security/tfm/CMakeLists.txt @@ -5,7 +5,7 @@ # include(${TFM_EXTRA_CONFIG_PATH}) -include(${NRF_SECURITY_ROOT}/cmake/extensions.cmake) +include(${NRF_SECURITY_DIR}/cmake/extensions.cmake) # Prefix targets as expected from TF-M set(mbedcrypto_target ${MBEDTLS_TARGET_PREFIX}mbedcrypto) @@ -18,7 +18,7 @@ set(BUILD_INSIDE_TFM True) # Variables transferred from Zephyr to nRF Security TF-M build includes: # - /zephyr/.configc # - GCC_M_CPU -# - ARM_MBEDTLS_PATH +# - ZEPHYR_MBEDTLS_MODULE_DIR # - autoconf.h separate_arguments(NRF_SECURITY_SETTINGS) @@ -44,12 +44,6 @@ import_kconfig(CONFIG_ ${ZEPHYR_DOTCONFIG}) # prefixed names for mbedcrypto symbols (mbedcrypto__) set(CONFIG_MBEDTLS_PSA_CRYPTO_SPM True) -# Additional TF-M settings when application has enabled legacy MBedTLS APIs. -# TF-M should not be configured using these settings so force them off. -set(CONFIG_MBEDTLS_LEGACY_CRYPTO_C False) -set(CONFIG_MBEDTLS_NO_PLATFORM_ENTROPY False) -set(CONFIG_MBEDTLS_MD_C False) - # Platform cannot be selected when building for TF-M, because TF-M itself has # control of the CryptoCell. Therefore, specifically for building TF-M we # enable it manually. @@ -61,15 +55,9 @@ endif() set(CONFIG_MBEDTLS_THREADING_ALT False) set(CONFIG_MBEDTLS_THREADING_C False) -# mbedtls_printf is used to print messages including error information. -set(MBEDTLS_PLATFORM_PRINTF_ALT True) - # Set the a define stating that KEY_ID encodes owner set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER True) -# Set the a _usage_ of PSA crypto to false for TF-M image build -set(CONFIG_MBEDTLS_USE_PSA_CRYPTO False) - # By setting CONFIG_BUILD_WITH_TFM to false, the nrf_security will make a # complete build with all libraries and a full mbedcrypto library for linking. set(CONFIG_BUILD_WITH_TFM False) @@ -80,6 +68,9 @@ set(CONFIG_MBEDTLS_ENABLE_HEAP True) # Ensure that PSA core is built inside TF-M image set(CONFIG_MBEDTLS_PSA_CRYPTO_C True) +# TF-M has nothing to do with Mbed TLS +set(CONFIG_MBEDTLS False) + if("${PROJECT_NAME}" STREQUAL "Bootloader") set(CONFIG_MBEDTLS_RSA_C True) set(CONFIG_MBEDTLS_PKCS1_V21 True) @@ -87,9 +78,9 @@ if("${PROJECT_NAME}" STREQUAL "Bootloader") endif() # common.cmake has a function that can compute binary paths -include(${NRFXLIB_DIR}/common.cmake) +include(${ZEPHYR_NRFXLIB_MODULE_DIR}/common.cmake) -add_subdirectory(${NRFXLIB_DIR}/crypto ${CMAKE_CURRENT_BINARY_DIR}/nrf_security_crypto) +add_subdirectory(${ZEPHYR_NRFXLIB_MODULE_DIR}/crypto ${CMAKE_CURRENT_BINARY_DIR}/nrf_security_crypto) # Add nrf_security libraries -add_subdirectory(${NRF_SECURITY_ROOT}/src ${CMAKE_CURRENT_BINARY_DIR}/nrf_security_src) +add_subdirectory(${NRF_SECURITY_DIR}/src ${CMAKE_CURRENT_BINARY_DIR}/nrf_security_src) diff --git a/subsys/secure_storage/CMakeLists.txt b/subsys/secure_storage/CMakeLists.txt index a01faeb74bf7..70cfbd50fa8f 100644 --- a/subsys/secure_storage/CMakeLists.txt +++ b/subsys/secure_storage/CMakeLists.txt @@ -34,6 +34,9 @@ endif() # CONFIG_SECURE_STORAGE_TRUSTED_STORAGE_COMPATIBILITY if(ncs_secure_storage_src) zephyr_library() - zephyr_library_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS) + if(CONFIG_TF_PSA_CRYPTO_BUILTIN) + # Inherit tfpsacrypto's private include directories for access to psa_crypto_driver_wrappers.h. + zephyr_library_include_directories($) + endif() zephyr_library_sources(${ncs_secure_storage_src}) endif() diff --git a/subsys/secure_storage/compatibility/src/its_store_settings_get.c b/subsys/secure_storage/compatibility/src/its_store_settings_get.c index 2d11f94e701c..26579a535e33 100644 --- a/subsys/secure_storage/compatibility/src/its_store_settings_get.c +++ b/subsys/secure_storage/compatibility/src/its_store_settings_get.c @@ -16,7 +16,7 @@ void secure_storage_its_store_settings_get_name( secure_storage_its_uid_t uid, char name[static SECURE_STORAGE_ITS_STORE_SETTINGS_NAME_BUF_SIZE]) { - /* Both SECURE_STORAGE_ITS_CALLER_PSA_ITS and SECURE_STORAGE_ITS_CALLER_MBEDTLS + /* Both SECURE_STORAGE_ITS_CALLER_PSA_ITS and SECURE_STORAGE_ITS_CALLER_PSA_CRYPTO * indicate calls to the PSA ITS API. */ const char *prefix = (uid.caller_id == SECURE_STORAGE_ITS_CALLER_PSA_PS) ? diff --git a/subsys/secure_storage/compatibility/src/its_transform_tsbc.c b/subsys/secure_storage/compatibility/src/its_transform_tsbc.c index 7cd5ccd5ae77..9aa8b7209e9f 100644 --- a/subsys/secure_storage/compatibility/src/its_transform_tsbc.c +++ b/subsys/secure_storage/compatibility/src/its_transform_tsbc.c @@ -11,7 +11,7 @@ #include #include -#include <../library/psa_crypto_driver_wrappers.h> +#include BUILD_ASSERT(CONFIG_SECURE_STORAGE_ITS_TRANSFORM_OUTPUT_OVERHEAD == sizeof(uint32_t) - sizeof(secure_storage_packed_create_flags_t) + sizeof(size_t) + 28); diff --git a/tests/crypto/CMakeLists.txt b/tests/crypto/CMakeLists.txt deleted file mode 100644 index 02b9c0b8f5ed..000000000000 --- a/tests/crypto/CMakeLists.txt +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright (c) 2019 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -cmake_minimum_required(VERSION 3.20.0) -find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) - -project(NONE) -set(CMAKE_EXPORT_COMPILE_COMMANDS ON) - -FILE(GLOB app_src src/*.c) - -target_sources(app PRIVATE ${app_src}) -target_include_directories(app PRIVATE src) - -add_subdirectory(test_cases) diff --git a/tests/crypto/Kconfig b/tests/crypto/Kconfig deleted file mode 100644 index bdd72742afd5..000000000000 --- a/tests/crypto/Kconfig +++ /dev/null @@ -1,37 +0,0 @@ -config REDUCED_TEST_SUITE - bool "Reduced test suite" - help - If False, all test vectors in all test_vector_* files are used as a test basis. - If True, only the test vectors in test_vectors.c are used. - -config CRYPTO_TEST_LONG_RUNNING_VECTORS - bool "Test slow vectors" - default y - help - Some test vectors are much slower than others. - If True these will be tested. - Do a search of CRYPTO_TEST_LONG_RUNNING_VECTORS amongst the - test_vectors_* files to see which vectors are affected. - -config CRYPTO_TEST_LARGE_VECTORS - bool "Test large vectors" - default y - help - Some test vectors are very large. - This might be inappropriate for devices with - limited resources. - If True large test vectors will be compiled and executed. - Also, some test suites have a very large amount of similar but small - test vectors, this amount will be somewhat reduced when False. - -config CRYPTO_TEST_HASH - bool "Test hash (SHA, hmac, hkdf)" - default y - help - Hash support is always enabled. - In order to save space on smaller devices, - allow skipping these tests by setting this to False, - which means the tests are neither executed nor compiled in. - - -source "Kconfig.zephyr" diff --git a/tests/crypto/Kconfig.sysbuild b/tests/crypto/Kconfig.sysbuild deleted file mode 100644 index 0db12fee3611..000000000000 --- a/tests/crypto/Kconfig.sysbuild +++ /dev/null @@ -1,10 +0,0 @@ -# -# Copyright (c) 2025 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -config PARTITION_MANAGER - default n if !BOARD_IS_NON_SECURE - -source "share/sysbuild/Kconfig" diff --git a/tests/crypto/README.rst b/tests/crypto/README.rst deleted file mode 100644 index 129b81765d8c..000000000000 --- a/tests/crypto/README.rst +++ /dev/null @@ -1,351 +0,0 @@ -.. _crypto_test: - -Cryptography tests -################## - -.. contents:: - :local: - :depth: 2 - -Cryptography tests verify the functionality of the :ref:`nrf_security` by using known test vectors approved by the National Institute of Standards and Technology (NIST) and others. - -Requirements -************ - -The tests support the following development kits: - -.. table-from-rows:: /includes/sample_board_rows.txt - :header: heading - :rows: nrf52840dk_nrf52840, nrf5340dk_nrf5340_cpuapp, nrf9151dk_nrf9151, nrf9160dk_nrf9160, nrf9161dk_nrf9161 - -.. note:: - Nordic Semiconductor devices for nRF51 Series, nRF52810, or nRF52811 cannot run the full test suite because of limited flash capacity. - A recommended approach in such case is to run subsets of the tests one by one. - -Overview -******** - -Cryptography tests use Zephyr Test Framework (Ztest) to run the tests. -See :ref:`zephyr:test-framework` for details. -The tests do not use the standard Ztest output but provide custom output for the test reports. -See :ref:`crypto_test_ztest_custom` for details. - -The tests are executed if the cryptographic functionality is enabled in Kconfig. -Make sure to configure :ref:`nrf_security` and all available hardware or software backends to enable the tests. -See :kconfig:option:`CONFIG_NORDIC_SECURITY_BACKEND`. - -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| Cryptographic mode | Sub-mode | Link to standard | Test Vector Source | -+====================+=============+============================================================================+============================================================================+ -| AES | CBC | `NIST - AES`_ | `NIST - AES`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | CFB | | `NIST - AES`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | ECB | | `NIST - AES`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | CTR | `NIST SP 800-38A`_ | `NIST SP 800-38A`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | CBC MAC | CBC MAC | No official test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | CMAC | `NIST SP 800-38B`_ | `NIST SP 800-38B`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| AEAD | CCM | `NIST - CCM`_ | `NIST - CCM`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | CCM* | Formal Specification of the CCM* | Formal Specification of the CCM* | -| | | Mode of Operation - September 9, 2005 | Mode of Operation - September 9, 2005 | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | EAX | `The EAX Mode of Operation`_ | `The EAX Mode of Operation`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | GCM | `NIST - GCM`_ | `NIST - GCM`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | ChaCha-Poly | `RFC 7539 - ChaCha20 and Poly1305 for IETF Protocols`_ | `RFC 7539 - ChaCha20 and Poly1305 for IETF Protocols`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| ECDH | secp160r1 | `NIST - ECDH`_ | GEC 2: Test Vectors for SEC 1 | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp160r2 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp192r1 | | `NIST - ECDH`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp224r1 | | `NIST - ECDH`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp256r1 | | `NIST - ECDH`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp384r1 | | `NIST - ECDH`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp521r1 | | `NIST - ECDH`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp160k1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp192k1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp224k1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp256k1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | bp256r1 | `RFC 7027 - ECC Brainpool Curves for TLS`_ | `RFC 7027 - ECC Brainpool Curves for TLS`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | bp384r1 | | `RFC 7027 - ECC Brainpool Curves for TLS`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | bp512r1 | | `RFC 7027 - ECC Brainpool Curves for TLS`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | Curve25519 | `RFC 7748 - Elliptic Curves for Security`_ | `RFC 7748 - Elliptic Curves for Security`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| ECDSA | secp160r1 | `NIST - ECDSA`_ | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp160r2 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp192r1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp224r1 | | `NIST - ECDSA`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp256r1 | | `NIST - ECDSA`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp384r1 | | `NIST - ECDSA`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp521r1 | | `NIST - ECDSA`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp160k1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp192k1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp224k1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | secp256k1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | bp256r1 | `RFC 5639 - ECC Brainpool Standard Curves and Curve Generation`_ | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | bp384r1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | bp512r1 | | No test vectors | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | EdDSA | `RFC 8032 - Edwards-Curve Digital Signature Algorithm (EdDSA)`_ | `RFC 8032 - Edwards-Curve Digital Signature Algorithm (EdDSA)`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| Hash | SHA256 | `NIST - SHA`_ | `NIST - SHA`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | SHA512 | | `NIST - SHA`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| HMAC | HMAC SHA256 | `NIST - HMAC`_ | `NIST - HMAC`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | HMAC SHA512 | | `NIST - HMAC`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| HKDF | HKDF SHA256 | `RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)`_ | `RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| | HKDF SHA512 | | `RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)`_ | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ -| EC-JPAKE | secp256r1 | `J-PAKE: Password-Authenticated Key Exchange by Juggling`_ | Custom | -+--------------------+-------------+----------------------------------------------------------------------------+----------------------------------------------------------------------------+ - -Building and running -******************** - -.. |test path| replace:: :file:`tests/crypto/` - -.. include:: /includes/build_and_run_test.txt - -There are multiple ways to build the tests. -See :ref:`nrf_security` for additional information about configuring the nRF Security subsystem. -You can use the following configuration files to build the test in a specific setup: - -* :file:`overlay-cc3xx.conf` uses hardware acceleration using the Arm CryptoCell accelerator (for cryptography and entropy for random number generation). -* :file:`overlay-oberon.conf` uses only the Oberon software library for all cryptographic operations. - -You can use one of the listed overlay configurations by adding the ``-- -DEXTRA_CONF_FILE=`` flag to your build. Also see :ref:`cmake_options` for instructions on how to add this option. - -.. _crypto_test_ztest_custom: - -Ztest custom log formatting -=========================== - -Cryptography tests replace the standard Ztest formatting to assure more efficient reporting of running tests and test results. -Set the configuration option :kconfig:option:`CONFIG_ZTEST_TC_UTIL_USER_OVERRIDE` to replace the Ztest macros ``TC_START`` and ``Z_TC_END_RESULT`` with versions more suited for reporting results of cryptographic tests. - -:kconfig:option:`CONFIG_ZTEST_TC_UTIL_USER_OVERRIDE` uses :file:`tests/crypto/include_override/tc_util_user_override.h` to define the custom formatting. - -.. _crypto_test_testing: - -Testing -======= - -1. Compile and program the application. -#. |connect_kit| -#. |connect_terminal| -#. Observe the result of the different test vectors in the terminal emulator log. - The last line of the output indicates the test result:: - - PROJECT EXECUTION SUCCESSFUL - -Additional test cases and test vectors -====================================== - -You can add test cases and test vectors to the test suite either by including additional source files or by extending the existing files. - - -Test case ---------- - -A test case is a function designed to verify parts of the functionality of a cryptographic operation. -Most cryptographic operations, like hash calculations and ECDH, have multiple test cases to be able to cover all features. -A typical test case is called by looping over the registered test vectors and calling the test case. -The execution logs the verdict for each test vector. - -Registering a test case -~~~~~~~~~~~~~~~~~~~~~~~ - -A new test case must be registered to the ``test_case_data`` section using ``ITEM_REGISTER``, which registers it with the named section ``test_case_hmac_data``:: - - ITEM_REGISTER(test_case_hmac_data, test_case_t test_hmac) = { - .p_test_case_name = "HMAC", - .setup = hmac_setup, - .exec = exec_test_case_hmac, - .teardown = hmac_teardown, - .vector_type = TV_HMAC, - .vectors_start = __start_test_vector_hmac_data, - .vectors_stop = __stop_test_vector_hmac_data, - }; - - -.. note:: - The macro call to ``ITEM_REGISTER`` must be done in a :file:`.c` file. - -Setting up a test case -~~~~~~~~~~~~~~~~~~~~~~ - -As part of the test case setup, any previously used buffers are cleared. -The next test vector is fetched using the ``ITEM_GET`` macro. -The macro requires the following parameters: - -* ``test_vector_hmac_data`` - The section to fetch the test vector from (HMAC in this example). -* ``test_vector_hmac_t`` - Information about which type of test vector to expect in the given section. - In the example, ``test_vector_hmac_t`` is expected. - It is the same type that is used when registering HMAC test vectors. -* Information about which index to fetch a test vector from. - -The fetched test vector is then unhexified. - -Test vector data is stored as strings of hexadecimal characters. -To use them, they must be parsed to binary, which is also done in the setup procedure. - -The following example shows a test vector setup:: - - void hmac_setup(void) - { - hmac_clear_buffers(); - p_test_vector = ITEM_GET(test_vector_hmac_data, test_vector_hmac_t, - hmac_vector_n); - unhexify_hmac(); - } - void exec_test_case_hmac(void) - ... - -On teardown, the test vector index is incremented, so that the next call to ``hmac_setup`` by the Ztest framework fetches the next test vector:: - - void hmac_combined_teardown(void) - { - hmac_combined_vector_n++; - } - -Executing a test case -~~~~~~~~~~~~~~~~~~~~~ - -An example of an HMAC test case in a simplified form is shown below:: - - void exec_test_case_hmac(void) - { - int err_code = -1; - - /* Initialize the HMAC module. */ - mbedtls_md_init(&md_context); - - const mbedtls_md_info_t *p_md_info = - mbedtls_md_info_from_type(p_test_vector->digest_type); - err_code = mbedtls_md_setup(&md_context, p_md_info, 1); - if (err_code != 0) { - LOG_WRN("mb setup ec: -0x%02X", -err_code); - } - TEST_VECTOR_ASSERT_EQUAL(err_code, 0); - - start_time_measurement(); - err_code = mbedtls_md_hmac_starts(&md_context, m_hmac_key_buf, key_len); - TEST_VECTOR_ASSERT_EQUAL(err_code, 0); - - err_code = - mbedtls_md_hmac_update(&md_context, m_hmac_input_buf, in_len); - TEST_VECTOR_ASSERT_EQUAL(err_code, 0); - - /* Finalize the HMAC computation. */ - err_code = mbedtls_md_hmac_finish(&md_context, m_hmac_output_buf); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated HMAC. */ - TEST_VECTOR_ASSERT_EQUAL(expected_hmac_len, hmac_len); - TEST_VECTOR_MEMCMP_ASSERT(m_hmac_output_buf, m_hmac_expected_output_buf, - expected_hmac_len, - p_test_vector->expected_result, - "Incorrect hmac"); - - mbedtls_md_free(&md_context); - } - - -Test vectors ------------- - -A test vector is a set of inputs and expected outputs to verify the functionality provided in a test case:: - - typedef const struct { - const uint32_t digest_type; /**< Digest type of HMAC operation. */ - const int expected_err_code; /**< Expected error code from HMAC operation. */ - const uint8_t expected_result; /**< Expected result of HMAC operation. */ - const char *p_test_vector_name; /**< Pointer to HMAC test vector name. */ - const char - *p_input; /**< Pointer to input message in hex string format. */ - const char *p_key; /**< Pointer to HMAC key in hex string format. */ - const char *p_expected_output; /**< Pointer to expected HMAC digest in hex string format. */ - } test_vector_hmac_t; - -Registering a test vector -------------------------- - -Test vectors are added by registering them for a section defined in the test case code. -The test vector is registered in the section ``test_vector_hmac_data``, which is defined in the test case example ``exec_test_case_hmac``. -The test vector can reuse the already defined hash test vector structure ``test_vector_hmac_t``, as shown in the code block below:: - - /* HMAC - Custom test vector */ - ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_min_key_min_message_0) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=1 message_len=1 zeros"), - .p_input = "00", - .p_key = "00", - .p_expected_output = - "6620b31f2924b8c01547745f41825d322336f83ebb13d723678789d554d8a3ef" - }; - - -Output logging --------------- - -The test project generates a test log using RTT or UART output. -Executing ``exec_test_case_hmac`` with its registered test vectors adds the following output to the test log:: - - Running test suite HMAC - 357: SHA256 key_len=131 message_len=152 -- PASS -- [../test_cases/test_vectors_hmac.c:259] - 358: SHA256 key_len=131 message_len=54 -- PASS -- [../test_cases/test_vectors_hmac.c:240] - 359: SHA256 key_len=25 message_len=50 -- PASS -- [../test_cases/test_vectors_hmac.c:225] - 360: SHA256 key_len=20 message_len=50 -- PASS -- [../test_cases/test_vectors_hmac.c:210] - 361: SHA256 key_len=4 message_len=28 -- PASS -- [../test_cases/test_vectors_hmac.c:197] - 362: SHA256 key_len=20 message_len=8 -- PASS -- [../test_cases/test_vectors_hmac.c:184] - 363: SHA256 key_len=74 message_len=128 -- PASS -- [../test_cases/test_vectors_hmac.c:164] - 364: SHA256 key_len=64 message_len=128 -- PASS -- [../test_cases/test_vectors_hmac.c:145] - 365: SHA256 key_len=45 message_len=128 -- PASS -- [../test_cases/test_vectors_hmac.c:127] - 366: SHA256 key_len=40 message_len=128 -- PASS -- [../test_cases/test_vectors_hmac.c:109] - 367: SHA256 key_len=1 message_len=1 non-zeros -- PASS -- [../test_cases/test_vectors_hmac.c:96] - 368: SHA256 key_len=1 message_len=1 zeros -- PASS -- [../test_cases/test_vectors_hmac.c:82] - 369: SHA256 invalid - signature changed -- PASS -- [../test_cases/test_vectors_hmac.c:64] - 370: SHA256 invalid - key changed -- PASS -- [../test_cases/test_vectors_hmac.c:46] - 371: SHA256 invalid - message changed -- PASS -- [../test_cases/test_vectors_hmac.c:28] - Test suite HMAC succeeded diff --git a/tests/crypto/overlay-cc3xx.conf b/tests/crypto/overlay-cc3xx.conf deleted file mode 100644 index d5dd559a2fa6..000000000000 --- a/tests/crypto/overlay-cc3xx.conf +++ /dev/null @@ -1,9 +0,0 @@ -# -# Copyright (c) 2019 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -CONFIG_CC3XX_BACKEND=y -CONFIG_PSA_CRYPTO_DRIVER_OBERON=n -CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y -CONFIG_MBEDTLS_FORCE_LEGACY_MD=y diff --git a/tests/crypto/overlay-oberon.conf b/tests/crypto/overlay-oberon.conf deleted file mode 100644 index 3ce76f7a5227..000000000000 --- a/tests/crypto/overlay-oberon.conf +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright (c) 2019 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -CONFIG_CC3XX_BACKEND=n -CONFIG_OBERON_BACKEND=y -CONFIG_PSA_CRYPTO_DRIVER_CC3XX=n -CONFIG_MBEDTLS_FORCE_LEGACY_MD=y diff --git a/tests/crypto/prj.conf b/tests/crypto/prj.conf deleted file mode 100644 index 54dced9746d2..000000000000 --- a/tests/crypto/prj.conf +++ /dev/null @@ -1,33 +0,0 @@ -CONFIG_SRAM_SIZE=128 -CONFIG_MAIN_STACK_SIZE=16384 -CONFIG_ZTEST_STACK_SIZE=16384 -CONFIG_ENTROPY_GENERATOR=y -CONFIG_DK_LIBRARY=y -CONFIG_LOG=y -CONFIG_LOG_MODE_IMMEDIATE=y -CONFIG_LOG_BACKEND_SHOW_COLOR=n -CONFIG_LOG_BACKEND_FORMAT_TIMESTAMP=n -CONFIG_LOG_PRINTK=y -CONFIG_ZTEST=y -CONFIG_ZTEST_FAIL_FAST=y -CONFIG_TEST_LOGGING_DEFAULTS=n -CONFIG_SPEED_OPTIMIZATIONS=y - -CONFIG_NORDIC_SECURITY_BACKEND=y -CONFIG_MBEDTLS_ENABLE_HEAP=y -CONFIG_MBEDTLS_HEAP_SIZE=16384 - -CONFIG_MBEDTLS_AES_C=y -CONFIG_MBEDTLS_CIPHER_MODE_CBC=y -CONFIG_MBEDTLS_CCM_C=y -CONFIG_MBEDTLS_SHA512_C=y -CONFIG_MBEDTLS_HKDF_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y -CONFIG_MBEDTLS_ECP_C=y -CONFIG_MBEDTLS_ECDH_C=y -CONFIG_MBEDTLS_ECDSA_C=y -CONFIG_MBEDTLS_CMAC_C=y -CONFIG_MBEDTLS_CHACHA20_C=y -CONFIG_MBEDTLS_POLY1305_C=y -CONFIG_MBEDTLS_CHACHAPOLY_C=y -CONFIG_MBEDTLS_GCM_C=y diff --git a/tests/crypto/src/common_test.c b/tests/crypto/src/common_test.c deleted file mode 100644 index d73bf2f9ad27..000000000000 --- a/tests/crypto/src/common_test.c +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "common_test.h" - -/* Entries must correspond to order in enum test_vector_t found in common_test.h */ -const size_t test_vector_sizes[] = { - sizeof(test_vector_aes_t), sizeof(test_vector_aead_t), - sizeof(test_vector_ecdsa_verify_t), sizeof(test_vector_ecdsa_sign_t), - sizeof(test_vector_ecdsa_random_t), sizeof(test_vector_ecdh_t), - sizeof(test_vector_hash_t), sizeof(test_vector_hmac_t), - sizeof(test_vector_hkdf_t), sizeof(test_vector_ecjpake_t), -}; - -/* Entries must correspond to order in enum test_vector_t found in common_test.h */ -const size_t test_vector_name_offset[] = { - offsetof(test_vector_aes_t, p_test_vector_name), - offsetof(test_vector_aead_t, p_test_vector_name), - offsetof(test_vector_ecdsa_verify_t, p_test_vector_name), - offsetof(test_vector_ecdsa_sign_t, p_test_vector_name), - offsetof(test_vector_ecdsa_random_t, p_test_vector_name), - offsetof(test_vector_ecdh_t, p_test_vector_name), - offsetof(test_vector_hash_t, p_test_vector_name), - offsetof(test_vector_hmac_t, p_test_vector_name), - offsetof(test_vector_hkdf_t, p_test_vector_name), - offsetof(test_vector_ecjpake_t, p_test_vector_name), -}; - -/* Dummy context since we don't use it in the external_rng function */ -char drbg_ctx; - -int external_rng(void *ctx, unsigned char *output, size_t len) -{ - /* No context is required for the nrf_cc3xx_platform library */ - (void) ctx; - int out_len; - int ret = nrf_cc3xx_platform_ctr_drbg_get(NULL, output, len, &out_len); - return ret; -} - -int (*drbg_random)(void *, unsigned char *, size_t) = &external_rng; - -const char *get_vector_name(const test_case_t *tc, uint32_t v) -{ - uint32_t tv_offset = test_vector_sizes[tc->vector_type] * v; - uint32_t name_offset = test_vector_name_offset[tc->vector_type]; - - uint32_t tv_addr = (size_t)tc->vectors_start + tv_offset; - const char **p_name = (const char **)(tv_addr + name_offset); - - return *p_name; -} - -uint32_t get_vector_count(const test_case_t *tc) -{ - return ((size_t)tc->vectors_stop - (size_t)tc->vectors_start) / - test_vector_sizes[tc->vector_type]; -} - -size_t hex2bin_safe(const char *hex, uint8_t *buf, size_t buflen) -{ - return hex == NULL ? 0 : hex2bin(hex, strlen(hex), buf, buflen); -} - -/* Weak definition, user overridable */ -__weak void start_time_measurement(void) -{ - ; -} - -/* Weak definition, user overridable */ -__weak void stop_time_measurement(void) -{ - ; -} diff --git a/tests/crypto/src/common_test.h b/tests/crypto/src/common_test.h deleted file mode 100644 index 4fc43a5e4812..000000000000 --- a/tests/crypto/src/common_test.h +++ /dev/null @@ -1,570 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include "common.h" -#include -#include -#include - -#if defined(CONFIG_ZTEST) -#include -#endif - -#include -#include - -/* Found in nrfxlib/nrf_security/mbedtls/mbedtls_heap.c - * Used for reallocating the heap between suites. - */ -extern void _heap_init(void); -extern void _heap_free(void); - -/* Points to either CTR or HMAC drbg random depending on what's compiled in */ -extern int (*drbg_random)(void *, unsigned char *, size_t); - -/**@brief Function for initializing deterministic random byte generator. - * - * @details Should only be called once. - * - * @param[in] p_optional_seed Pointer to a seed. Can be NULL. In that case uses internal seed. - * @param[in] len Length of seed in bytes. Ignored if seed is NULL. - * - * @return 0 on success, else an error code. - */ -int init_drbg(const unsigned char *p_optional_seed, size_t len); - -/**@brief Wrapper function for hex2bin that makes sure that the input pointer is valid. - * - * @details Will return 0 if given param hex is NULL. - * - * @param hex The hexadecimal string to convert - * @param buf Address of where to store the binary data - * @param buflen Size of the storage area for binary data - * - * @return The length of the binary array, or 0 if an error occurred. - */ -size_t hex2bin_safe(const char *hex, uint8_t *buf, size_t buflen); - -#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) -#include "psa/crypto.h" -#include "nrf_cc3xx_platform_ctr_drbg.h" -extern char drbg_ctx; - -#else -#error "No RNG is enabled, MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG needs to be defined in nrf-config.h" - -#endif - -#if defined(CONFIG_ENTROPY_GENERATOR) -#include -#endif - -/**@brief Test vector expected result. - * Used to verify invalid behavior test cases. - */ -typedef enum { - EXPECTED_TO_PASS = 0, /**< Test vector is expected to pass. */ - EXPECTED_TO_FAIL = 1 /**< Test vector is expected to fail. */ -} expected_results_t; - -/**@brief Types of memory operations in sha test cases. - * Used to measure the time cost of memcpy operation between hash updates. - */ -typedef enum { - NO_MODE = 0, /**< No memcpy operation of test vector. */ - DO_MEMCPY = 1 /**< Do a memcpy operation of test vector. */ -} hash_mem_mode_t; - -/**@brief General test suite information. - */ -typedef struct { - uint32_t current_id; - char *p_test_case_name; - uint16_t tests_passed; - uint16_t tests_failed; -} test_info_t; - -/**@brief Test case setup function. - */ -typedef void (*test_setup_fn_t)(void); - -/**@brief Test case execute function. - * - * @param[in] p_test_info Pointer to global test info structure. - */ -typedef void (*test_exec_fn_t)(void); - -/**@brief Test case teardown function. - */ -typedef void (*test_teardown_fn_t)(void); - -/**@brief Empty passing teardown function. - */ -static inline void teardown_pass(void) -{ -} - -enum test_vector_t { - TV_AES = 0, - TV_AEAD, - TV_ECDSA_VERIFY, - TV_ECDSA_SIGN, - TV_ECDSA_RANDOM, - TV_ECDH, - TV_HASH, - TV_HMAC, - TV_HKDF, - TV_ECJPAKE, -}; - -/**@brief General test case information. - */ -typedef const struct { - const char *p_test_case_name; - test_setup_fn_t setup; /**< Setup function for test case. */ - test_exec_fn_t exec; /**< Test case function. */ - test_teardown_fn_t teardown; /**< Teardown function for test case. */ - enum test_vector_t vector_type; /**< Test vector differentiating type. */ - const void *vectors_start; /**< Base test vector pointer. */ - const void *vectors_stop; /**< End test vector pointer. */ -} test_case_t; - -extern test_case_t __start_test_case_sha_256_data[]; -extern test_case_t __stop_test_case_sha_256_data[]; - -extern test_case_t __start_test_case_sha_512_data[]; -extern test_case_t __stop_test_case_sha_512_data[]; - -extern test_case_t __start_test_case_hmac_data[]; -extern test_case_t __stop_test_case_hmac_data[]; - -extern test_case_t __start_test_case_hkdf_data[]; -extern test_case_t __stop_test_case_hkdf_data[]; - -extern test_case_t __start_test_case_ecdh_data[]; -extern test_case_t __stop_test_case_ecdh_data[]; - -extern test_case_t __start_test_case_ecdsa_data[]; -extern test_case_t __stop_test_case_ecdsa_data[]; - -extern test_case_t __start_test_case_aes_cbc_data[]; -extern test_case_t __stop_test_case_aes_cbc_data[]; - -extern test_case_t __start_test_case_aes_cbc_mac_data[]; -extern test_case_t __stop_test_case_aes_cbc_mac_data[]; - -extern test_case_t __start_test_case_aes_ecb_mac_data[]; -extern test_case_t __stop_test_case_aes_ecb_mac_data[]; - -extern test_case_t __start_test_case_aes_ecb_data[]; -extern test_case_t __stop_test_case_aes_ecb_data[]; - -extern test_case_t __start_test_case_aes_ctr_data[]; -extern test_case_t __stop_test_case_aes_ctr_data[]; - -extern test_case_t __start_test_case_aead_ccm_data[]; -extern test_case_t __stop_test_case_aead_ccm_data[]; - -extern test_case_t __start_test_case_aead_ccm_simple_data[]; -extern test_case_t __stop_test_case_aead_ccm_simple_data[]; - -extern test_case_t __start_test_case_aead_gcm_data[]; -extern test_case_t __stop_test_case_aead_gcm_data[]; - -extern test_case_t __start_test_case_aead_gcm_simple_data[]; -extern test_case_t __stop_test_case_aead_gcm_simple_data[]; - -extern test_case_t __start_test_case_aead_chachapoly_data[]; -extern test_case_t __stop_test_case_aead_chachapoly_data[]; - -extern test_case_t __start_test_case_aead_chachapoly_simple_data[]; -extern test_case_t __stop_test_case_aead_chachapoly_simple_data[]; - -extern test_case_t __start_test_case_ecjpake_data[]; -extern test_case_t __stop_test_case_ecjpake_data[]; - -/**@brief ECJPAKE test vector information. - */ -typedef const struct { - const int expected_err_code; /**< Expected error code of operation. */ - const uint8_t expected_result; /**< Expected result of operation. */ - const char - *p_test_vector_name; /**< Pointer to ECJPAKE test vector name in - hex string format. */ - const char *p_password; /**< Pointer to ECJPAKE password. */ - const char - *p_priv_key_client_1; /**< Pointer to ECJPAKE client private key - point component 1. */ - const char - *p_priv_key_client_2; /**< Pointer to ECJPAKE client private key - point component 2. */ - const char - *p_priv_key_server_1; /**< Pointer to ECJPAKE server private key - point component 1. */ - const char - *p_priv_key_server_2; /**< Pointer to ECJPAKE server private key - point component 2. */ - const char * - p_round_message_client_1; /**< Pointer to ECJPAKE round message. */ - const char * - p_round_message_client_2; /**< Pointer to ECJPAKE round message. */ - const char * - p_round_message_server_1; /**< Pointer to ECJPAKE round message. */ - const char * - p_round_message_server_2; /**< Pointer to ECJPAKE round message. */ - const char * - p_expected_shared_secret; /**< Pointer to ECJPAKE expected shared - secret. */ -} test_vector_ecjpake_t; - -/**@brief AES test vector information. - */ -typedef const struct { - const mbedtls_cipher_mode_t mode; /**< Mode, e.g. CBC, ECB, GCM, etc. */ - const mbedtls_cipher_padding_t - padding; /**< Padding, e.g. ZEROS, PKCS7, etc. */ - const int expected_err_code; /**< Expected error code from AES operation. */ - const uint8_t expected_result; /**< Expected result of AES operation. */ - const mbedtls_operation_t direction; /**< Encrypt or decrypt. */ - const char - *p_test_vector_name; /**< Pointer to AES test vector name in hex - string format. */ - const char * - p_plaintext; /**< Pointer to AES plaintext in hex string format. */ - const char * - p_ciphertext; /**< Pointer to AES ciphertext in hex string format. */ - const char *p_key; /**< Pointer to AES key in hex string format. */ - const char * - p_iv; /**< Pointer to AES initialization vector in hex string format. */ - const char * - p_ad; /**< Pointer to AES additional Data in hex string format. */ -} test_vector_aes_t; - -/**@brief AEAD test vector information. - */ -typedef const struct { - const mbedtls_cipher_mode_t - mode; /**< Cipher mode, e.g. CCM. See mbedtls/cipher.h. */ - const mbedtls_cipher_id_t - id; /**< Cipher mode, e.g. CCM. See mbedtls/cipher.h. */ - const bool - ccm_star; /**< There is no mode for CCM STAR. Thus CCM && this bool - == CCM STAR. */ - const int expected_err_code; /**< Expected error code from AEAD operation. */ - const uint8_t - crypt_expected_result; /**< Expected result of AEAD crypt operation. */ - const uint8_t - mac_expected_result; /**< Expected result of AEAD MAC operation. */ - const mbedtls_operation_t direction; /**< Encrypt or decrypt. */ - const char *p_test_vector_name; /**< Pointer to AEAD test vector name. */ - const char * - p_plaintext; /**< Pointer to AEAD plaintext in hex string format. */ - const char * - p_ciphertext; /**< Pointer to AEAD ciphertext in hex string format. */ - const char *p_key; /**< Pointer to AEAD key in hex string format. */ - const char * - p_ad; /**< Pointer to AEAD additional Data in hex string format. */ - const char *p_nonce; /**< Pointer to AEAD nonce in hex string format. */ - const char *p_mac; /**< Pointer to AEAD message Authentication Code in hex - string format. */ -} test_vector_aead_t; - -/**@brief ECDSA Verify test vector information. - */ -typedef const struct { - const uint32_t src_line_num; /**< Test vector source file line number. */ - const uint32_t curve_type; /**< Curve type for test vector. */ - const int expected_err_code; /**< Expected error code from ECDSA verify - operation. */ - const char *p_test_vector_name; /**< Pointer to ECDSA test vector name. */ - const char * - p_input; /**< Pointer to ECDSA hash input in hex string format. */ - const char * - p_qx; /**< Pointer to ECDSA public Key X component in hex string - format. */ - const char * - p_qy; /**< Pointer to ECDSA public Key Y component in hex string - format. */ - const char * - p_r; /**< Pointer to ECDSA signature R component in hex string format. */ - const char * - p_s; /**< Pointer to ECDSA signature S component in hex string format. */ -} test_vector_ecdsa_verify_t; - -/**@brief ECDSA Sign test vector information. - */ -typedef const struct { - const uint32_t src_line_num; /**< Test vector source file line number. */ - const uint32_t curve_type; /**< Curve type for test vector. */ - const int expected_sign_err_code; /**< Expected error code from ECDSA sign - operation. */ - const int expected_verify_err_code; /**< Expected result of following ECDSA - verify operation. */ - const char *p_test_vector_name; /**< Pointer to ECDSA test vector name. */ - const char * - p_input; /**< Pointer to ECDSA hash input in hex string format. */ - const char * - p_qx; /**< Pointer to ECDSA public key X component in hex string - format. */ - const char * - p_qy; /**< Pointer to ECDSA public key Y component in hex string - format. */ - const char * - p_x; /**< Pointer to ECDSA private key component in hex string format. */ -} test_vector_ecdsa_sign_t; - -/**@brief ECDSA Random test vector information. - */ -typedef const struct { - const uint32_t src_line_num; /**< Test vector source file line number. */ - const uint32_t curve_type; /**< Curve type for test vector. */ - const char *p_test_vector_name; /**< Pointer to ECDSA test vector name. */ - const char * - p_input; /**< Pointer to ECDSA hash input in hex string format. */ - const size_t sig_len; /**< Length of the signature. */ -} test_vector_ecdsa_random_t; - -/**@brief ECDH test vector information. - */ -typedef const struct { - const uint32_t curve_type; /**< Curve type for test vector. */ - const int expected_err_code; /**< Expected error code from ECDH operation. */ - const uint8_t expected_result; /**< Expected result of ECDH operation. */ - const char *p_test_vector_name; /**< Pointer to ECDH test vector name. */ - const char - *p_initiator_priv; /**< Pointer to ECDH initiator private key in - hex string format. */ - const char - *p_responder_priv; /**< Pointer to ECDH responder private key in - hex string format. */ - const char - *p_initiator_publ_x; /**< Pointer to ECDH initiator public key X - component in hex string format. */ - const char - *p_initiator_publ_y; /**< Pointer to ECDH initiator public key Y - component in hex string format. */ - const char - *p_responder_publ_x; /**< Pointer to ECDH responder public key X - component in hex string format. */ - const char - *p_responder_publ_y; /**< Pointer to ECDH responder public key Y - component in hex string format. */ - const char *p_expected_shared_secret; /**< Pointer to ECDH expected Shared - Secret in hex string format. */ -} test_vector_ecdh_t; - -/**@brief Hash test vector information. - */ -typedef const struct { - const uint32_t digest_type; /**< Digest type of hash operation. */ - const int expected_err_code; /**< Expected error code from hash operation. */ - const uint8_t expected_result; /**< Expected result of hash operation. */ - const hash_mem_mode_t mode; /**< Hash memory operation. */ - const uint32_t - chunk_length; /**< Size of input chunks to hash function in bytes. */ - const uint32_t - update_iterations; /**< Number of update iterations of input. */ - const char *p_test_vector_name; /**< Pointer to hash test vector name. */ - const char - *p_input; /**< Pointer to input message in hex string format. */ - const char * - p_expected_output; /**< Pointer to expected message digest in hex - string format. */ -} test_vector_hash_t; - -/**@brief hmac test vector information. - */ -typedef const struct { - const uint32_t digest_type; /**< Digest type of hmac operation. */ - const int expected_err_code; /**< Expected error code from hmac operation. */ - const uint8_t expected_result; /**< Expected result of hmac operation. */ - const char *p_test_vector_name; /**< Pointer to hmac test vector name. */ - const char - *p_input; /**< Pointer to input message in hex string format. */ - const char *p_key; /**< Pointer to hmac key in hex string format. */ - const char *p_expected_output; /**< Pointer to expected hmac digest in hex - string format. */ -} test_vector_hmac_t; - -/**@brief hkdf test vector information. - */ -typedef const struct { - const uint32_t digest_type; /**< Digest type of hkdf operation. */ - const int expected_err_code; /**< Expected error code from hkdf operation. */ - const int expected_err_code_expand; /**< Expected error code from hkdf expand - operation. */ - const uint8_t expected_result; /**< Expected result of hkdf operation. */ - const uint8_t - expected_result_expand; /**< Expected result of hkdf expand operation. */ - const char *p_test_vector_name; /**< Pointer to hkdf test vector name. */ - const char * - p_ikm; /**< Pointer to hkdf Input Key Material in hex string format. */ - const char * - p_okm; /**< Pointer to hkdf Output Key Material in hex string format. */ - const char * - p_prk; /**< Pointer to hkdf PseudoRandom Key in hex string format. */ - const char *p_salt; /**< Pointer to hkdf salt in hex string format. */ - const char *p_info; /**< Pointer to hkdf optional application specific - information in hex string format. */ -} test_vector_hkdf_t; - -const char *get_vector_name(const test_case_t *tc, uint32_t v); -uint32_t get_vector_count(const test_case_t *tc); - -/* Placeholder for time measurements. - * Is called from various tests, but implementation is currently a no-op. - */ -void start_time_measurement(void); -void stop_time_measurement(void); - -/**@brief Macro(s) for decorating test vector names with file and line information. - */ -#ifndef TV_NAME -#define TV_NAME(name) name " -- [" __FILE__ ":" STRINGIFY(__LINE__) "]" -#endif - -/**@brief Macro for obtaining the address of the beginning of a section. - * - * param[in] section_name Name of the section. - * @hideinitializer - */ -#ifndef SECTION_START_ADDR -#define SECTION_START_ADDR(section_name) (&UTIL_CAT(__start_, section_name)) -#endif - -/**@brief Macro for obtaining the address of the end of a section. - * - * @param[in] section_name Name of the section. - * @hideinitializer - */ -#ifndef SECTION_END_ADDR -#define SECTION_END_ADDR(section_name) (&UTIL_CAT(__stop_, section_name)) -#endif - -/**@brief Macro for retrieving the length of a given section, in bytes. - * - * @param[in] section_name Name of the section. - * @hideinitializer - */ -#ifndef SECTION_LENGTH -#define SECTION_LENGTH(section_name) \ - ((size_t)SECTION_END_ADDR(section_name) - \ - (size_t)SECTION_START_ADDR(section_name)) -#endif - -/**@brief Macro for declaring a variable and registering it in a section. - * - * @details Declares a variable and registers it in a named section. This macro ensures that the - * variable is not stripped away when using optimizations. - * - * @note The order in which variables are placed in a section is dependent on the order in - * which the linker script encounters the variables during linking. - * - * @param[in] section_name Name of the section. - * @param[in] section_var Variable to register in the given section. - * @hideinitializer - */ -#ifndef ITEM_REGISTER -#define ITEM_REGISTER(section_name, section_var) \ - Z_GENERIC_SECTION(section_name) __attribute__((used)) section_var -#endif - -/**@brief Macro for retrieving a variable from a section. - * - * @note The stored symbol can only be resolved using this macro if the - * type of the data is word aligned. The operation of acquiring - * the stored symbol relies on the size of the stored type. No - * padding can exist in the named section in between individual - * stored items or this macro will fail. - * - * @param[in] section_name Name of the section. - * @param[in] data_type Data type of the variable. - * @param[in] i Index of the variable in section. - * @hideinitializer - */ -#ifndef ITEM_GET -#define ITEM_GET(section_name, data_type, i) \ - ((data_type *)SECTION_START_ADDR(section_name) + (i)) -#endif - -/**@brief Macro for getting the number of variables in a section. - * - * @param[in] section_name Name of the section. - * @param[in] data_type Data type of the variables in the section. - * @hideinitializer - */ -#ifndef ITEM_COUNT -#define ITEM_COUNT(section_name, data_type) \ - (SECTION_LENGTH(section_name) / sizeof(data_type)) -#endif - -/**@brief Macro for comparing two data buffers. - * - * @details Equal to a memcmp, except that it returns a 1 if memory areas are different. - * - * @param[in] x First Memory pointer. - * @param[in] y Second Memory pointer. - * @param[in] size Number of bytes to compare. - * - * @retval 1 If buffers does not match. - * @retval 0 If buffers match. - */ -#ifndef TEST_MEMCMP -#define TEST_MEMCMP(x, y, size) ((memcmp(x, y, size) == 0) ? 0 : 1) -#endif - -/**@brief Macro asserting equality. - */ -#ifndef TEST_VECTOR_ASSERT_EQUAL -#define TEST_VECTOR_ASSERT_EQUAL(expected, actual) \ - zassert_equal((expected), (actual), \ - "\tAssert values: 0x%04X != -0x%04X", (expected), \ - (-actual)) -#endif - -/**@brief Macro asserting inequality. - */ -#ifndef TEST_VECTOR_ASSERT_NOT_EQUAL -#define TEST_VECTOR_ASSERT_NOT_EQUAL(expected, actual) \ - zassert_not_equal((expected), (actual), \ - "\tAssert values: 0x%04X == -0x%04X", (expected), \ - (-actual)) -#endif - -/**@brief Macro for checking buffer overflow for a given buffer. Requires that the two following - * bytes after the buffer are set to 0xFF. - * - * @details Requires a label statement "exit_test_vector" to jump to if condition is false. - * - * @param[in] p_buffer Pointer to buffer to check for overflow. - * @param[in] length Length of buffer (Not including overflow bytes). - * @param[in] tc_info Additional information to log if condition is false. - */ -#ifndef TEST_VECTOR_OVERFLOW_ASSERT -#define TEST_VECTOR_OVERFLOW_ASSERT(p_buffer, length, tc_info) \ - do { \ - TEST_VECTOR_ASSERT_EQUAL(0xFF, p_buffer[length]); \ - TEST_VECTOR_ASSERT_EQUAL(0xFF, p_buffer[length + 1]); \ - } while (0) -#endif - -/**@brief Macro for verifying a memcmp inside a test vector test, and logging the result. - * - * @details Requires a label statement "exit_test_vector" to jump to if condition is false. - * - * @param[in] buf1 First buffer. - * @param[in] buf2 Second buffer. - * @param[in] len Length to compare in bytes. - * @param[in] required_result Required memcmp result to pass (EXPECTED_TO_PASS, EXPECTED_TO_FAIL). - * @param[in] tc_info Additional information to log if condition is false. - */ -#ifndef TEST_VECTOR_MEMCMP_ASSERT -#define TEST_VECTOR_MEMCMP_ASSERT(buf1, buf2, len, expected_result, tc_info) \ - TEST_VECTOR_ASSERT_EQUAL(expected_result, TEST_MEMCMP(buf1, buf2, len)) -#endif diff --git a/tests/crypto/test_cases/CMakeLists.txt b/tests/crypto/test_cases/CMakeLists.txt deleted file mode 100644 index 7cbe9f2566b2..000000000000 --- a/tests/crypto/test_cases/CMakeLists.txt +++ /dev/null @@ -1,50 +0,0 @@ -# -# Copyright (c) 2019 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -zephyr_include_directories( - ${CMAKE_CURRENT_SOURCE_DIR}/../src - ${CMAKE_CURRENT_SOURCE_DIR}/../include_override -) -zephyr_linker_sources(RODATA - ${CMAKE_CURRENT_SOURCE_DIR}/custom-rodata.ld -) - -zephyr_sources(test_sha_256.c) -zephyr_sources(test_sha_512.c) -zephyr_sources(test_hmac.c) -zephyr_sources(test_hkdf.c) -zephyr_sources(test_ecdh.c) -zephyr_sources(test_ecdsa.c) -zephyr_sources(test_aes_ecb.c) -zephyr_sources(test_aead.c) -zephyr_sources(test_ecjpake.c) -zephyr_sources(test_aes_cbc.c) -zephyr_sources(test_aes_cbc_mac.c) -zephyr_sources(test_aes_ecb_mac.c) -zephyr_sources(test_aes_ctr.c) - -if(CONFIG_REDUCED_TEST_SUITE) - # Quick reduced case: Run only a selection of test vectors, - # found in the single file test_vectors.c - zephyr_sources( test_vectors.c) -else() - zephyr_sources(test_vectors_aead_chachapoly.c) - zephyr_sources(test_vectors_aead_gcm.c) - zephyr_sources(test_vectors_aes_cbc_mac.c) - zephyr_sources(test_vectors_aes_cbc.c) - zephyr_sources(test_vectors_aes_ctr.c) - zephyr_sources(test_vectors_aes_ecb.c) - zephyr_sources(test_vectors_ecdh.c) - zephyr_sources(test_vectors_ecdsa_random.c) - zephyr_sources(test_vectors_ecdsa_sign.c) - zephyr_sources(test_vectors_ecdsa_verify.c) - zephyr_sources(test_vectors_ecjpake.c) - zephyr_sources(test_vectors_hkdf.c) - zephyr_sources(test_vectors_hmac.c) - zephyr_sources(test_vectors_sha_256.c) - zephyr_sources(test_vectors_sha_512.c) - zephyr_sources(test_vectors_aes_ecb_mac.c) - zephyr_sources(test_vectors_aead_ccm.c) -endif() diff --git a/tests/crypto/test_cases/custom-rodata.ld b/tests/crypto/test_cases/custom-rodata.ld deleted file mode 100644 index d9bb17e8fd83..000000000000 --- a/tests/crypto/test_cases/custom-rodata.ld +++ /dev/null @@ -1,254 +0,0 @@ -. = ALIGN(4); -__start_test_vector_aes_mac_data = .; -KEEP(*(test_vector_aes_mac_data)) -__stop_test_vector_aes_mac_data = .; - -. = ALIGN(4); -__start_test_vector_aes_func_data = .; -KEEP(*(test_vector_aes_func_data)) -__stop_test_vector_aes_func_data = .; - -. = ALIGN(4); -__start_test_vector_aes_monte_carlo_data = .; -KEEP(*(test_vector_aes_monte_carlo_data)) -__stop_test_vector_aes_monte_carlo_data = .; - -. = ALIGN(4); -__start_test_vector_aes_cbc_data = .; -KEEP(*(test_vector_aes_cbc_data)) -__stop_test_vector_aes_cbc_data = .; - -. = ALIGN(4); -__start_test_vector_aes_cbc_func_data = .; -KEEP(*(test_vector_aes_cbc_func_data)) -__stop_test_vector_aes_cbc_func_data = .; - -. = ALIGN(4); -__start_test_vector_aes_cbc_monte_carlo_data = .; -KEEP(*(test_vector_aes_cbc_monte_carlo_data)) -__stop_test_vector_aes_cbc_monte_carlo_data = .; - -. = ALIGN(4); -__start_test_vector_aes_cbc_mac_data = .; -KEEP(*(test_vector_aes_cbc_mac_data)) -__stop_test_vector_aes_cbc_mac_data = .; - -. = ALIGN(4); -__start_test_vector_aes_ecb_mac_data = .; -KEEP(*(test_vector_aes_ecb_mac_data)) -__stop_test_vector_aes_ecb_mac_data = .; - -. = ALIGN(4); -__start_test_vector_aes_ecb_data = .; -KEEP(*(test_vector_aes_ecb_data)) -__stop_test_vector_aes_ecb_data = .; - -. = ALIGN(4); -__start_test_vector_aes_ecb_func_data = .; -KEEP(*(test_vector_aes_ecb_func_data)) -__stop_test_vector_aes_ecb_func_data = .; - -. = ALIGN(4); -__start_test_vector_aes_ecb_monte_carlo_data = .; -KEEP(*(test_vector_aes_ecb_monte_carlo_data)) -__stop_test_vector_aes_ecb_monte_carlo_data = .; - -. = ALIGN(4); -__start_test_vector_aes_ctr_data = .; -KEEP(*(test_vector_aes_ctr_data)) -__stop_test_vector_aes_ctr_data = .; - -. = ALIGN(4); -__start_test_vector_aes_ctr_func_data = .; -KEEP(*(test_vector_aes_ctr_func_data)) -__stop_test_vector_aes_ctr_func_data = .; - -. = ALIGN(4); -__start_test_vector_ecdsa_random_data = .; -KEEP(*(test_vector_ecdsa_random_data)) -__stop_test_vector_ecdsa_random_data = .; - -. = ALIGN(4); -__start_test_vector_ecdsa_verify_data = .; -KEEP(*(test_vector_ecdsa_verify_data)) -__stop_test_vector_ecdsa_verify_data = .; - -. = ALIGN(4); -__start_test_vector_ecdsa_sign_data = .; -KEEP(*(test_vector_ecdsa_sign_data)) -__stop_test_vector_ecdsa_sign_data = .; - -. = ALIGN(4); -__start_test_vector_ecdh_data_random = .; -KEEP(*(test_vector_ecdh_data_random)) -__stop_test_vector_ecdh_data_random = .; - -. = ALIGN(4); -__start_test_vector_ecdh_data_deterministic_simple = .; -KEEP(*(test_vector_ecdh_data_deterministic_simple)) -__stop_test_vector_ecdh_data_deterministic_simple = .; - -. = ALIGN(4); -__start_test_vector_ecdh_data_deterministic_full = .; -KEEP(*(test_vector_ecdh_data_deterministic_full)) -__stop_test_vector_ecdh_data_deterministic_full = .; - -. = ALIGN(4); -__start_test_vector_aead_ccm_data = .; -KEEP(*(test_vector_aead_ccm_data)) -__stop_test_vector_aead_ccm_data = .; - -. = ALIGN(4); -__start_test_vector_aead_ccm_simple_data = .; -KEEP(*(test_vector_aead_ccm_simple_data)) -__stop_test_vector_aead_ccm_simple_data = .; - -. = ALIGN(4); -__start_test_vector_aead_gcm_data = .; -KEEP(*(test_vector_aead_gcm_data)) -__stop_test_vector_aead_gcm_data = .; - -. = ALIGN(4); -__start_test_vector_aead_gcm_simple_data = .; -KEEP(*(test_vector_aead_gcm_simple_data)) -__stop_test_vector_aead_gcm_simple_data = .; - -. = ALIGN(4); -__start_test_vector_aead_chachapoly_data = .; -KEEP(*(test_vector_aead_chachapoly_data)) -__stop_test_vector_aead_chachapoly_data = .; - -. = ALIGN(4); -__start_test_vector_aead_chachapoly_simple_data = .; -KEEP(*(test_vector_aead_chachapoly_simple_data)) -__stop_test_vector_aead_chachapoly_simple_data = .; - -. = ALIGN(4); -__start_test_vector_hkdf_data = .; -KEEP(*(test_vector_hkdf_data)) -__stop_test_vector_hkdf_data = .; - -. = ALIGN(4); -__start_test_vector_hmac_data = .; -KEEP(*(test_vector_hmac_data)) -__stop_test_vector_hmac_data = .; - -. = ALIGN(4); -__start_test_vector_hash_256_data = .; -KEEP(*(test_vector_hash_256_data)) -__stop_test_vector_hash_256_data = .; - -. = ALIGN(4); -__start_test_vector_hash_512_data = .; -KEEP(*(test_vector_hash_512_data)) -__stop_test_vector_hash_512_data = .; - -. = ALIGN(4); -__start_test_vector_hash_512_long_data = .; -KEEP(*(test_vector_hash_512_long_data)) -__stop_test_vector_hash_512_long_data = .; - -. = ALIGN(4); -__start_test_vector_hash_256_long_data = .; -KEEP(*(test_vector_hash_256_long_data)) -__stop_test_vector_hash_256_long_data = .; - -. = ALIGN(4); -__start_test_vector_ecjpake_given_data = .; -KEEP(*(test_vector_ecjpake_given_data)) -__stop_test_vector_ecjpake_given_data = .; - -. = ALIGN(4); -__start_test_vector_ecjpake_random_data = .; -KEEP(*(test_vector_ecjpake_random_data)) -__stop_test_vector_ecjpake_random_data = .; - -. = ALIGN(4); -__start_test_case_sha_256_data = .; -KEEP(*(test_case_sha_256_data)) -__stop_test_case_sha_256_data = .; - -. = ALIGN(4); -__start_test_case_sha_512_data = .; -KEEP(*(test_case_sha_512_data)) -__stop_test_case_sha_512_data = .; - -. = ALIGN(4); -__start_test_case_hmac_data = .; -KEEP(*(test_case_hmac_data)) -__stop_test_case_hmac_data = .; - -. = ALIGN(4); -__start_test_case_hkdf_data = .; -KEEP(*(test_case_hkdf_data)) -__stop_test_case_hkdf_data = .; - -. = ALIGN(4); -__start_test_case_ecdh_data = .; -KEEP(*(test_case_ecdh_data)) -__stop_test_case_ecdh_data = .; - -. = ALIGN(4); -__start_test_case_ecdsa_data = .; -KEEP(*(test_case_ecdsa_data)) -__stop_test_case_ecdsa_data = .; - -. = ALIGN(4); -__start_test_case_aes_ctr_data = .; -KEEP(*(test_case_aes_ctr_data)) -__stop_test_case_aes_ctr_data = .; - -. = ALIGN(4); -__start_test_case_aes_cbc_data = .; -KEEP(*(test_case_aes_cbc_data)) -__stop_test_case_aes_cbc_data = .; - -. = ALIGN(4); -__start_test_case_aes_cbc_mac_data = .; -KEEP(*(test_case_aes_cbc_mac_data)) -__stop_test_case_aes_cbc_mac_data = .; - -. = ALIGN(4); -__start_test_case_aes_ecb_mac_data = .; -KEEP(*(test_case_aes_ecb_mac_data)) -__stop_test_case_aes_ecb_mac_data = .; - -. = ALIGN(4); -__start_test_case_aes_ecb_data = .; -KEEP(*(test_case_aes_ecb_data)) -__stop_test_case_aes_ecb_data = .; - -. = ALIGN(4); -__start_test_case_aead_ccm_data = .; -KEEP(*(test_case_aead_ccm_data)) -__stop_test_case_aead_ccm_data = .; - -. = ALIGN(4); -__start_test_case_aead_gcm_data = .; -KEEP(*(test_case_aead_gcm_data)) -__stop_test_case_aead_gcm_data = .; - -. = ALIGN(4); -__start_test_case_aead_chachapoly_data = .; -KEEP(*(test_case_aead_chachapoly_data)) -__stop_test_case_aead_chachapoly_data = .; - -. = ALIGN(4); -__start_test_case_aead_ccm_simple_data = .; -KEEP(*(test_case_aead_ccm_simple_data)) -__stop_test_case_aead_ccm_simple_data = .; - -. = ALIGN(4); -__start_test_case_aead_gcm_simple_data = .; -KEEP(*(test_case_aead_gcm_simple_data)) -__stop_test_case_aead_gcm_simple_data = .; - -. = ALIGN(4); -__start_test_case_aead_chachapoly_simple_data = .; -KEEP(*(test_case_aead_chachapoly_simple_data)) -__stop_test_case_aead_chachapoly_simple_data = .; - -. = ALIGN(4); -__start_test_case_ecjpake_data = .; -KEEP(*(test_case_ecjpake_data)) -__stop_test_case_ecjpake_data = .; diff --git a/tests/crypto/test_cases/test_aead.c b/tests/crypto/test_cases/test_aead.c deleted file mode 100644 index 3eb0ba6b305c..000000000000 --- a/tests/crypto/test_cases/test_aead.c +++ /dev/null @@ -1,653 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_aead, LOG_LEVEL_INF); - -extern test_vector_aead_t __start_test_vector_aead_ccm_data[]; -extern test_vector_aead_t __stop_test_vector_aead_ccm_data[]; -extern test_vector_aead_t __start_test_vector_aead_ccm_simple_data[]; -extern test_vector_aead_t __stop_test_vector_aead_ccm_simple_data[]; - -extern test_vector_aead_t __start_test_vector_aead_gcm_data[]; -extern test_vector_aead_t __stop_test_vector_aead_gcm_data[]; -extern test_vector_aead_t __start_test_vector_aead_gcm_simple_data[]; -extern test_vector_aead_t __stop_test_vector_aead_gcm_simple_data[]; - -extern test_vector_aead_t __start_test_vector_aead_chachapoly_data[]; -extern test_vector_aead_t __stop_test_vector_aead_chachapoly_data[]; -extern test_vector_aead_t __start_test_vector_aead_chachapoly_simple_data[]; -extern test_vector_aead_t __stop_test_vector_aead_chachapoly_simple_data[]; - -/* This number of bytes are used as buffer end-markers in some tests - * such that we can check for overflow via known values. - */ -#define NUM_BUFFER_OVERFLOW_TEST_BYTES (2) - -#define AEAD_MAC_SIZE (16) -#define AEAD_MAX_TESTED_NONCE_SIZE (128) -#define AEAD_PLAINTEXT_BUF_SIZE (265) -#define AEAD_PLAINTEXT_BUF_SIZE_PLUS \ - (AEAD_PLAINTEXT_BUF_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES) -#define AEAD_MAX_MAC_SIZE_PLUS (AEAD_MAC_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES) -#define AEAD_CIPHERTEXT_BUF_SIZE_PLUS (AEAD_PLAINTEXT_BUF_SIZE + AEAD_MAC_SIZE \ - + NUM_BUFFER_OVERFLOW_TEST_BYTES) - -#define AEAD_KEY_SIZE_BITS (256) -#define AEAD_KEY_SIZE (AEAD_KEY_SIZE_BITS / 8) - -/* - * For buffers holding crypt results, generally use a size which - * may hold a MAC appended as well - */ -static uint8_t m_aead_input_buf[AEAD_CIPHERTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aead_output_buf[AEAD_CIPHERTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aead_expected_output_buf[AEAD_CIPHERTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aead_output_mac_buf[AEAD_MAX_MAC_SIZE_PLUS]; -static uint8_t m_aead_expected_mac_buf[AEAD_MAX_MAC_SIZE_PLUS]; -static uint8_t m_aead_key_buf[AEAD_KEY_SIZE]; -static uint8_t m_aead_ad_buf[AEAD_PLAINTEXT_BUF_SIZE]; -static uint8_t m_aead_nonce_buf[AEAD_MAX_TESTED_NONCE_SIZE]; - -static test_vector_aead_t *p_test_vector; -/* Some tests require overriding the test vector crypt direction. - * Use this additional flag to force decrypt (if set to false). - */ -static bool g_encrypt = true; -static size_t key_len; -static size_t key_bits; -static size_t ad_len; -static size_t mac_len; -static size_t nonce_len; -static size_t input_len; -static size_t output_len; - -void aead_clear_buffers(void); -void unhexify_aead(void); - -static void aead_ccm_setup(void) -{ - aead_clear_buffers(); - - static int i; - p_test_vector = - ITEM_GET(test_vector_aead_ccm_data, test_vector_aead_t, i++); - - unhexify_aead(); -} - -static void aead_gcm_setup(void) -{ - aead_clear_buffers(); - - static int i; - p_test_vector = - ITEM_GET(test_vector_aead_gcm_data, test_vector_aead_t, i++); - - unhexify_aead(); -} - -static void aead_chachapoly_setup(void) -{ - aead_clear_buffers(); - - static int i; - p_test_vector = ITEM_GET(test_vector_aead_chachapoly_data, - test_vector_aead_t, i++); - - unhexify_aead(); -} - -static void aead_ccm_setup_simple(void) -{ - aead_clear_buffers(); - - static int i; - p_test_vector = ITEM_GET(test_vector_aead_ccm_simple_data, - test_vector_aead_t, i++); - - unhexify_aead(); -} - -static void aead_gcm_setup_simple(void) -{ - aead_clear_buffers(); - - static int i; - p_test_vector = ITEM_GET(test_vector_aead_gcm_simple_data, - test_vector_aead_t, i++); - - unhexify_aead(); -} - -static void aead_chachapoly_setup_simple(void) -{ - aead_clear_buffers(); - - static int i; - p_test_vector = ITEM_GET(test_vector_aead_chachapoly_simple_data, - test_vector_aead_t, i++); - - unhexify_aead(); -} - -void aead_clear_buffers(void) -{ - memset(m_aead_input_buf, 0xFF, sizeof(m_aead_input_buf)); - memset(m_aead_output_buf, 0xFF, sizeof(m_aead_output_buf)); - memset(m_aead_output_mac_buf, 0xFF, sizeof(m_aead_output_mac_buf)); - memset(m_aead_expected_output_buf, 0x00, - sizeof(m_aead_expected_output_buf)); - memset(m_aead_expected_mac_buf, 0x00, sizeof(m_aead_expected_mac_buf)); - memset(m_aead_key_buf, 0x00, sizeof(m_aead_key_buf)); - memset(m_aead_ad_buf, 0x00, sizeof(m_aead_ad_buf)); - memset(m_aead_nonce_buf, 0x00, sizeof(m_aead_nonce_buf)); -} - -__attribute__((noinline)) void unhexify_aead(void) -{ - bool encrypt = - (p_test_vector->direction == MBEDTLS_ENCRYPT) && g_encrypt; - - key_len = hex2bin_safe(p_test_vector->p_key, - m_aead_key_buf, - sizeof(m_aead_key_buf)); - mac_len = hex2bin_safe(p_test_vector->p_mac, - m_aead_expected_mac_buf, - sizeof(m_aead_expected_mac_buf)); - ad_len = hex2bin_safe(p_test_vector->p_ad, - m_aead_ad_buf, - sizeof(m_aead_ad_buf)); - nonce_len = hex2bin_safe(p_test_vector->p_nonce, - m_aead_nonce_buf, - sizeof(m_aead_nonce_buf)); - - /* - * Place mac in expected buf both for use in encrypt (verification) - * and for decrypt (as input) - */ - mac_len = hex2bin_safe(p_test_vector->p_mac, - m_aead_expected_mac_buf, - sizeof(m_aead_expected_mac_buf)); - - /* Fetch and unhexify plaintext and ciphertext for encryption. */ - if (encrypt) { - input_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aead_input_buf, - sizeof(m_aead_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aead_expected_output_buf, - sizeof(m_aead_expected_output_buf)); - } else { - input_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aead_input_buf, - sizeof(m_aead_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aead_expected_output_buf, - sizeof(m_aead_expected_output_buf)); - - /* Some APIs need the mac to reside directly after the ciphertext */ - hex2bin_safe(p_test_vector->p_mac, - m_aead_input_buf + input_len, - sizeof(m_aead_input_buf) - input_len); - } -} - -#if defined(MBEDTLS_CCM_C) -void exec_test_case_aead_ccm_star_simple(void) -{ - int err_code = -1; - - /* Initialize AEAD. */ - key_bits = key_len * 8; - - mbedtls_ccm_context ctx; - mbedtls_ccm_init(&ctx); - - /* Set secret key. */ - err_code = mbedtls_ccm_setkey(&ctx, p_test_vector->id, m_aead_key_buf, - key_bits); - LOG_DBG("Err code setkey: %d", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - size_t operation_len = output_len; - start_time_measurement(); - if (p_test_vector->direction == MBEDTLS_ENCRYPT) { - err_code = mbedtls_ccm_star_encrypt_and_tag( - &ctx, input_len, m_aead_nonce_buf, nonce_len, - m_aead_ad_buf, ad_len, m_aead_input_buf, - m_aead_output_buf, m_aead_output_mac_buf, mac_len); - } else { - err_code = mbedtls_ccm_star_auth_decrypt( - &ctx, input_len, m_aead_nonce_buf, nonce_len, - m_aead_ad_buf, ad_len, m_aead_input_buf, - m_aead_output_buf, m_aead_output_mac_buf, mac_len); - } - - stop_time_measurement(); - - LOG_DBG("Err code %s: -0x%04X, operation len: %d", - p_test_vector->direction ? "encrypt" : "decrypt", -err_code, - operation_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - if (input_len != 0) { - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_output_buf, - m_aead_output_buf, output_len, - p_test_vector->crypt_expected_result, - "Output buf check"); - } - if (p_test_vector->direction == MBEDTLS_ENCRYPT) { - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_mac_buf, - m_aead_output_mac_buf, mac_len, - p_test_vector->mac_expected_result, - "MAC buf check"); - } - - /* Free resources. */ - mbedtls_ccm_free(&ctx); -} - -void exec_test_case_aead_ccm_star(void) -{ - int err_code = -1; - - /* Initialize AEAD. */ - key_bits = key_len * 8; - - mbedtls_ccm_context ctx; - mbedtls_ccm_init(&ctx); - - /* Set secret key. */ - err_code = mbedtls_ccm_setkey(&ctx, p_test_vector->id, m_aead_key_buf, - key_bits); - LOG_DBG("Err code setkey: %d", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - size_t operation_len = output_len; - - start_time_measurement(); - err_code = mbedtls_ccm_star_encrypt_and_tag( - &ctx, input_len, m_aead_nonce_buf, nonce_len, m_aead_ad_buf, - ad_len, m_aead_input_buf, m_aead_output_buf, - m_aead_output_mac_buf, mac_len); - stop_time_measurement(); - - LOG_DBG("Err code %s: -0x%04X, operation len: %d", "encrypt", -err_code, - operation_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_output_buf, m_aead_output_buf, - output_len, - p_test_vector->crypt_expected_result, - "Output buf check"); - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_mac_buf, - m_aead_output_mac_buf, mac_len, - p_test_vector->mac_expected_result, - "MAC buf check"); - - /* Overflow checks */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aead_output_buf, output_len, - "output buffer overflow"); - TEST_VECTOR_OVERFLOW_ASSERT(m_aead_output_mac_buf, mac_len, - "MAC buffer overflow"); - - /* Decrypt part. */ - aead_clear_buffers(); - g_encrypt = false; - unhexify_aead(); - - /* Set secret key. */ - err_code = mbedtls_ccm_setkey(&ctx, p_test_vector->id, m_aead_key_buf, - key_bits); - LOG_DBG("Err code setkey: %d", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - // input_len -= mac_len; - err_code = mbedtls_ccm_star_auth_decrypt( - &ctx, input_len, m_aead_nonce_buf, nonce_len, m_aead_ad_buf, - ad_len, m_aead_input_buf, m_aead_output_buf, - m_aead_expected_mac_buf, mac_len); - - LOG_DBG("Err code %s: -0x%04X, operation len: %d", "decrypt", -err_code, - operation_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_output_buf, m_aead_output_buf, - output_len, - p_test_vector->crypt_expected_result, - "Output buf check"); - - /* Overflow checks */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aead_output_buf, output_len, - "output buffer overflow"); - TEST_VECTOR_OVERFLOW_ASSERT(m_aead_output_mac_buf, mac_len, - "MAC buffer overflow"); - - /* Free resources. */ - mbedtls_ccm_free(&ctx); - g_encrypt = true; -} -#endif /* MBEDTLS_CCM_C */ - -/**@brief Function for the AEAD test execution. - */ -void exec_test_case_aead(void) -{ - int err_code = -1; - -#if defined(MBEDTLS_CCM_C) - if (p_test_vector->mode == MBEDTLS_MODE_CCM && - p_test_vector->ccm_star) { - exec_test_case_aead_ccm_star(); - return; - } -#endif /* MBEDTLS_CCM_C */ - - /* Initialize AEAD. */ - key_bits = key_len * 8; - - mbedtls_cipher_context_t ctx; - mbedtls_cipher_init(&ctx); - - /* Setup cipher. */ - const mbedtls_cipher_info_t *p_info = mbedtls_cipher_info_from_values( - p_test_vector->id, key_bits, p_test_vector->mode); - if (p_info == NULL) { - LOG_DBG("Err code info from values: id: %d, key bits: %d, mode: %d", - p_test_vector->id, key_bits, p_test_vector->mode); - } - - err_code = mbedtls_cipher_setup(&ctx, p_info); - if (err_code != 0) { - LOG_DBG("Err code setup: %d", err_code); - } - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Set secret key. */ - err_code = mbedtls_cipher_setkey(&ctx, m_aead_key_buf, key_bits, - MBEDTLS_ENCRYPT); - LOG_DBG("Err code setkey: %d", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - size_t operation_len = 0; - start_time_measurement(); - err_code = mbedtls_cipher_auth_encrypt_ext( - &ctx, m_aead_nonce_buf, nonce_len, m_aead_ad_buf, ad_len, - m_aead_input_buf, input_len, m_aead_output_buf, AEAD_CIPHERTEXT_BUF_SIZE_PLUS, - &operation_len, mac_len); - stop_time_measurement(); - - LOG_DBG("Err code %s: -0x%04X, operation len: %d", - p_test_vector->direction ? "encrypt" : "decrypt", -err_code, - operation_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* The MAC is appended after the ciphertext. */ - uint8_t *mac = m_aead_output_buf + operation_len - mac_len; - - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_output_buf, m_aead_output_buf, - output_len, - p_test_vector->crypt_expected_result, - "Output buf check"); - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_mac_buf, - mac, mac_len, - p_test_vector->mac_expected_result, - "MAC buf check"); - - /* Overflow checks */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aead_output_buf, operation_len, - "output buffer overflow"); - - /* Decrypt part. */ - aead_clear_buffers(); - g_encrypt = false; - unhexify_aead(); - - /* Set secret key. */ - err_code = mbedtls_cipher_setkey(&ctx, m_aead_key_buf, key_bits, - MBEDTLS_DECRYPT); - LOG_DBG("Err code setkey: %d", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* - * Feed the length of the previous operation into the decrypt. - * This length includes both the ciphertext and the mac. - */ - size_t encrypt_operation_len = operation_len; - - err_code = mbedtls_cipher_auth_decrypt_ext( - &ctx, m_aead_nonce_buf, nonce_len, m_aead_ad_buf, ad_len, - m_aead_input_buf, encrypt_operation_len, m_aead_output_buf, - AEAD_CIPHERTEXT_BUF_SIZE_PLUS, &operation_len, - mac_len); - - LOG_DBG("Err code %s: -0x%04X, operation len: %d", "decrypt", -err_code, - operation_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_output_buf, m_aead_output_buf, - output_len, - p_test_vector->crypt_expected_result, - "Output buf check"); - - /* Overflow checks */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aead_output_buf, output_len, - "output buffer overflow"); - - /* Free resources. */ - mbedtls_cipher_free(&ctx); - g_encrypt = true; -} - -/**@brief Function for the AEAD test execution. - */ -void exec_test_case_aead_simple(void) -{ - int err_code = -1; - -#if defined(MBEDTLS_CCM_C) - if (p_test_vector->mode == MBEDTLS_MODE_CCM && - p_test_vector->ccm_star) { - exec_test_case_aead_ccm_star_simple(); - return; - } -#endif - - /* Initialize AEAD. */ - key_bits = key_len * 8; - - mbedtls_cipher_context_t ctx; - mbedtls_cipher_init(&ctx); - - /* Setup cipher. */ - const mbedtls_cipher_info_t *p_info = mbedtls_cipher_info_from_values( - p_test_vector->id, key_bits, p_test_vector->mode); - - err_code = mbedtls_cipher_setup(&ctx, p_info); - LOG_DBG("Err code setup: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Set secret key. */ - err_code = mbedtls_cipher_setkey(&ctx, m_aead_key_buf, key_bits, - p_test_vector->direction); - LOG_DBG("Err code setkey: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - LOG_DBG("Expected err code: -0x%04X", -p_test_vector->expected_err_code); - - size_t operation_len = 0; - start_time_measurement(); - if (p_test_vector->direction == MBEDTLS_ENCRYPT) { - err_code = mbedtls_cipher_auth_encrypt_ext( - &ctx, m_aead_nonce_buf, nonce_len, m_aead_ad_buf, ad_len, - m_aead_input_buf, input_len, m_aead_output_buf, - AEAD_CIPHERTEXT_BUF_SIZE_PLUS, &operation_len, mac_len); - } else { - /* MAC has been appended to input. */ - input_len += mac_len; - err_code = mbedtls_cipher_auth_decrypt_ext( - &ctx, m_aead_nonce_buf, nonce_len, m_aead_ad_buf, ad_len, - m_aead_input_buf, input_len, m_aead_output_buf, - AEAD_CIPHERTEXT_BUF_SIZE_PLUS, &operation_len, mac_len); - } - - stop_time_measurement(); - - LOG_DBG("Err code %s: -0x%04X, operation len: %d", - p_test_vector->direction ? "encrypt" : "decrypt", -err_code, - operation_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - if (input_len != 0 && output_len != 0) { - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_output_buf, - m_aead_output_buf, output_len, - p_test_vector->crypt_expected_result, - "Output buf check"); - } - if (p_test_vector->direction == MBEDTLS_ENCRYPT) { - /* The MAC is appended after the ciphertext. */ - uint8_t *mac = m_aead_output_buf + operation_len - mac_len; - TEST_VECTOR_MEMCMP_ASSERT(m_aead_expected_mac_buf, - mac, mac_len, - p_test_vector->mac_expected_result, - "MAC buf check"); - } - - /* Free resources. */ - mbedtls_cipher_free(&ctx); -} - -/** @brief Macro for registering the AEAD test case by using section variables. - * - */ -ITEM_REGISTER(test_case_aead_ccm_data, test_case_t test_aead_ccm) = { - .p_test_case_name = "AEAD CCM", - .setup = aead_ccm_setup, - .exec = exec_test_case_aead, - .teardown = teardown_pass, - .vector_type = TV_AEAD, - .vectors_start = __start_test_vector_aead_ccm_data, - .vectors_stop = __stop_test_vector_aead_ccm_data, -}; - -/** @brief Macro for registering the AEAD test case by using section variables. - * - */ -ITEM_REGISTER(test_case_aead_ccm_simple_data, - test_case_t test_aead_ccm_simple) = { - .p_test_case_name = "AEAD CCM simple", - .setup = aead_ccm_setup_simple, - .exec = exec_test_case_aead_simple, - .teardown = teardown_pass, - .vector_type = TV_AEAD, - .vectors_start = __start_test_vector_aead_ccm_simple_data, - .vectors_stop = __stop_test_vector_aead_ccm_simple_data, -}; - -/** @brief Macro for registering the AEAD test case by using section variables. - * - */ -ITEM_REGISTER(test_case_aead_gcm_data, test_case_t test_aead_gcm) = { - .p_test_case_name = "AEAD GCM", - .setup = aead_gcm_setup, - .exec = exec_test_case_aead, - .teardown = teardown_pass, - .vector_type = TV_AEAD, - .vectors_start = __start_test_vector_aead_gcm_data, - .vectors_stop = __stop_test_vector_aead_gcm_data, -}; - -/** @brief Macro for registering the AEAD test case by using section variables. - * - */ -ITEM_REGISTER(test_case_aead_gcm_simple_data, - test_case_t test_aead_gcm_simple) = { - .p_test_case_name = "AEAD GCM simple", - .setup = aead_gcm_setup_simple, - .exec = exec_test_case_aead_simple, - .teardown = teardown_pass, - .vector_type = TV_AEAD, - .vectors_start = __start_test_vector_aead_gcm_simple_data, - .vectors_stop = __stop_test_vector_aead_gcm_simple_data, -}; - -/** @brief Macro for registering the AEAD test case by using section variables. - * - */ -ITEM_REGISTER(test_case_aead_chachapoly_data, - test_case_t test_aead_chachapoly) = { - .p_test_case_name = "AEAD CHACHAPOLY", - .setup = aead_chachapoly_setup, - .exec = exec_test_case_aead, - .teardown = teardown_pass, - .vector_type = TV_AEAD, - .vectors_start = __start_test_vector_aead_chachapoly_data, - .vectors_stop = __stop_test_vector_aead_chachapoly_data, -}; - -/** @brief Macro for registering the AEAD test case by using section variables. - * - */ -ITEM_REGISTER(test_case_aead_chachapoly_simple_data, - test_case_t test_aead_chachapoly_simple) = { - .p_test_case_name = "AEAD CHACHAPOLY simple", - .setup = aead_chachapoly_setup_simple, - .exec = exec_test_case_aead_simple, - .teardown = teardown_pass, - .vector_type = TV_AEAD, - .vectors_start = __start_test_vector_aead_chachapoly_simple_data, - .vectors_stop = __stop_test_vector_aead_chachapoly_simple_data, -}; - -ZTEST_SUITE(test_suite_aead, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_aead, test_case_aead_ccm) -{ - aead_ccm_setup(); - exec_test_case_aead(); -} - -ZTEST(test_suite_aead, test_case_aead_ccm_simple) -{ - aead_ccm_setup_simple(); - exec_test_case_aead_simple(); -} - -#if defined(CONFIG_OBERON_BACKEND) || defined(CONFIG_CC312_BACKEND) -ZTEST(test_suite_aead, test_case_aead_gcm) -{ - aead_gcm_setup(); - exec_test_case_aead(); -} - -ZTEST(test_suite_aead, test_case_aead_gcm_setup_simple) -{ - aead_gcm_setup_simple(); - exec_test_case_aead_simple(); -} -#endif - -ZTEST(test_suite_aead, test_case_chachapoly) -{ - aead_chachapoly_setup(); - exec_test_case_aead(); -} - -ZTEST(test_suite_aead, test_case_chachapoly_simple) -{ - aead_chachapoly_setup_simple(); - exec_test_case_aead_simple(); -} diff --git a/tests/crypto/test_cases/test_aes_cbc.c b/tests/crypto/test_cases/test_aes_cbc.c deleted file mode 100644 index 945a225f0742..000000000000 --- a/tests/crypto/test_cases/test_aes_cbc.c +++ /dev/null @@ -1,475 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_aes_cbc, LOG_LEVEL_INF); -/* If LOG_LEVEL_DBG and this to true, some hexdumps will be displayed. */ -static bool dbg_hexdump_on; - -extern test_vector_aes_t __start_test_vector_aes_cbc_data[]; -extern test_vector_aes_t __stop_test_vector_aes_cbc_data[]; - -extern test_vector_aes_t __start_test_vector_aes_cbc_func_data[]; -extern test_vector_aes_t __stop_test_vector_aes_cbc_func_data[]; - -extern test_vector_aes_t __start_test_vector_aes_cbc_monte_carlo_data[]; -extern test_vector_aes_t __stop_test_vector_aes_cbc_monte_carlo_data[]; - -#define NUM_BUFFER_OVERFLOW_TEST_BYTES (2) -#define AES_IV_MAX_SIZE (16) -#define AES_MAC_INPUT_BLOCK_SIZE (16) -#define AES_PLAINTEXT_BUF_SIZE (256) -#define AES_PLAINTEXT_BUF_SIZE_PLUS \ - (AES_PLAINTEXT_BUF_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES) -#define AES_MAX_KEY_SIZE (256 / (8)) -#define AES_MIN_KEY_SIZE (128 / (8)) - -static uint8_t m_aes_input_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_expected_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_prev_aes_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_key_buf[AES_MAX_KEY_SIZE]; -static uint8_t m_aes_iv_buf[AES_IV_MAX_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES]; -static uint8_t m_aes_temp_buf[AES_MAX_KEY_SIZE]; - -static test_vector_aes_t *p_test_vector; -/* Some tests require overriding the test vector crypt direction. - * Use this additional flag to force decrypt (if set to false). - */ -static bool g_encrypt = true; - -static size_t input_len; -static size_t output_len; -static size_t key_len; -static size_t iv_len; -static size_t ad_len; - -void aes_cbc_clear_buffers(void); -void unhexify_aes_cbc(void); - -static int cipher_init(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_cipher_mode_t mode) -{ - mbedtls_cipher_init(p_ctx); - - const mbedtls_cipher_info_t *p_cipher_info = - mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, - key_len_bytes * 8, mode); - return mbedtls_cipher_setup(p_ctx, p_cipher_info); -} - -static int cipher_set_key(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_operation_t operation) -{ - return mbedtls_cipher_setkey(p_ctx, m_aes_key_buf, key_len_bytes * 8, - operation); -} - -static int cipher_set_padding(mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t padding) -{ - return mbedtls_cipher_set_padding_mode(ctx, padding); -} - -static int cipher_crypt(mbedtls_cipher_context_t *p_ctx, size_t iv_len, - size_t input_len) -{ - size_t crypt_len = 0; /* Unused */ - - return mbedtls_cipher_crypt(p_ctx, m_aes_iv_buf, iv_len, - m_aes_input_buf, input_len, - m_aes_output_buf, &crypt_len); -} - - -static void aes_setup_functional(void) -{ - static int i; - - aes_cbc_clear_buffers(); - - p_test_vector = - ITEM_GET(test_vector_aes_cbc_func_data, test_vector_aes_t, i++); - - unhexify_aes_cbc(); -} - -static void aes_setup(void) -{ - static int i; - - aes_cbc_clear_buffers(); - - p_test_vector = - ITEM_GET(test_vector_aes_cbc_data, test_vector_aes_t, i++); - - unhexify_aes_cbc(); -} - -static void aes_setup_monte_carlo(void) -{ - static int i; - - aes_cbc_clear_buffers(); - - p_test_vector = ITEM_GET(test_vector_aes_cbc_monte_carlo_data, - test_vector_aes_t, i++); - - unhexify_aes_cbc(); -} - -void aes_cbc_clear_buffers(void) -{ - memset(m_aes_input_buf, 0xFF, sizeof(m_aes_input_buf)); - memset(m_aes_output_buf, 0xFF, sizeof(m_aes_output_buf)); - memset(m_aes_expected_output_buf, 0xFF, - sizeof(m_aes_expected_output_buf)); - memset(m_prev_aes_output_buf, 0x00, sizeof(m_prev_aes_output_buf)); - memset(m_aes_key_buf, 0x00, sizeof(m_aes_key_buf)); - memset(m_aes_iv_buf, 0xFF, sizeof(m_aes_iv_buf)); - memset(m_aes_temp_buf, 0x00, sizeof(m_aes_temp_buf)); -} - -__attribute__((noinline)) void unhexify_aes_cbc(void) -{ - bool encrypt = - (p_test_vector->direction == MBEDTLS_ENCRYPT) && g_encrypt; - - key_len = hex2bin_safe(p_test_vector->p_key, - m_aes_key_buf, - sizeof(m_aes_key_buf)); - iv_len = hex2bin_safe(p_test_vector->p_iv, - m_aes_iv_buf, - sizeof(m_aes_iv_buf)); - ad_len = hex2bin_safe(p_test_vector->p_ad, - m_aes_temp_buf, - sizeof(m_aes_temp_buf)); - - if (encrypt) { - input_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } else { - input_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } -} - -/**@brief Function for the AES functional test execution. - */ -void exec_test_case_aes_cbc_functional(void) -{ - int err_code = -1; - - mbedtls_cipher_context_t ctx; - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_ENCRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - start_time_measurement(); - err_code = cipher_crypt(&ctx, iv_len, input_len); - stop_time_measurement(); - - /* Verify the nrf_crypto_aes_finalize err_code. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - /* Verify that the next two bytes in buffers are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_output_buf, output_len, - "output buffer overflow"); - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_input_buf, input_len, - "input buffer overflow"); - - /* Reset buffers and fetch test vectors. */ - aes_cbc_clear_buffers(); - g_encrypt = false; - unhexify_aes_cbc(); - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_DECRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_crypt(&ctx, iv_len, input_len); - /* Verify the nrf_crypto_aes_finalize err_code. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES plaintext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES plaintext"); - - /* Verify that the next two bytes in buffers are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_output_buf, output_len, - "output buffer overflow"); - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_input_buf, input_len, - "input buffer overflow"); - - /* Free resources */ - mbedtls_cipher_free(&ctx); - g_encrypt = true; -} - -/**@brief Function for the AES test execution. - */ -void exec_test_case_aes_cbc(void) -{ - int err_code = -1; - - mbedtls_cipher_context_t ctx; - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Encrypt or decrypt input. */ - start_time_measurement(); - err_code = cipher_crypt(&ctx, iv_len, input_len); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - input_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - /* Free resources */ - mbedtls_cipher_free(&ctx); -} - -void monte_carlo_cbc_update_key(size_t key_len, size_t ciphertext_len) -{ - if (dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf before update"); - } - uint8_t divider; - - divider = key_len - ciphertext_len; - - /* Xor previous cipher with key if key_len > cipher_len. */ - for (uint8_t xor_start = 0; xor_start < divider; xor_start++) { - m_aes_key_buf[xor_start] ^= - m_prev_aes_output_buf[ciphertext_len - divider + - xor_start]; - } - - /* Xor cipher with last 16 bytes of key. */ - for (uint8_t xor_start = 0; xor_start < ciphertext_len; xor_start++) { - m_aes_key_buf[divider + xor_start] ^= - m_aes_output_buf[xor_start]; - } - - if (dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf after update"); - } -} - -int monte_carlo_cbc(test_vector_aes_t *p_test_vector, - mbedtls_cipher_context_t *p_ctx, size_t key_len, - size_t iv_len, size_t input_len, size_t output_len) -{ - uint16_t j; - int err_code; - - /* Execution of encryption or decryption 1000 times with same AES key. */ - for (j = 0; j < 1000; j++) { - if (j < 5 && dbg_hexdump_on) { - LOG_DBG("MC inner #%d", j); - LOG_HEXDUMP_DBG(m_aes_input_buf, input_len, - "m_aes_input_buf"); - LOG_HEXDUMP_DBG(m_aes_iv_buf, iv_len, "m_aes_iv_buf"); - } - memcpy(m_prev_aes_output_buf, m_aes_output_buf, - sizeof(m_prev_aes_output_buf)); - err_code = - mbedtls_cipher_update(p_ctx, m_aes_input_buf, input_len, - m_aes_output_buf, &output_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, - err_code); - - if (j == 0) { - memcpy(m_aes_input_buf, m_aes_iv_buf, input_len); - } else { - memcpy(m_aes_input_buf, m_prev_aes_output_buf, - input_len); - } - - if (j < 5 && dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_output_buf, input_len, - "m_aes_output_buf"); - } - } - - /* Update the AES key. */ - monte_carlo_cbc_update_key(key_len, output_len); - - err_code = cipher_set_key(p_ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - memcpy(m_aes_iv_buf, m_aes_output_buf, iv_len); - err_code = mbedtls_cipher_set_iv(p_ctx, m_aes_iv_buf, input_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - return err_code; -} - -/**@brief Function for the AES Monte Carlo test execution. - */ -void exec_test_case_aes_cbc_monte_carlo(void) -{ - int err_code; - - TEST_VECTOR_ASSERT_EQUAL(input_len, output_len); - - mbedtls_cipher_context_t ctx; - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_cipher_set_iv(&ctx, m_aes_iv_buf, input_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Start the Monte Carlo test. */ - uint32_t k = 0; - start_time_measurement(); - do { - if (k < 3 && dbg_hexdump_on) { - LOG_DBG("MC outer #%d", k); - LOG_HEXDUMP_DBG(m_aes_iv_buf, iv_len, - "m_aes_iv_buf outer"); - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf outer"); - } else { - /* Turn off hexdump after a few iterations. */ - dbg_hexdump_on = false; - } - err_code = monte_carlo_cbc(p_test_vector, &ctx, key_len, iv_len, - input_len, output_len); - } while ((err_code == p_test_vector->expected_err_code) && (++k < 100)); - stop_time_measurement(); - - LOG_HEXDUMP_DBG(m_aes_output_buf, output_len, "m_aes_output_buf final"); - LOG_HEXDUMP_DBG(m_aes_expected_output_buf, output_len, - "m_aes_expected_output_buf"); - - /* Verify generated AES plaintext or ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - /* Un-initialize resources. */ - mbedtls_cipher_free(&ctx); -} - -/** @brief Macro for registering the AES funtional test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_cbc_data, - test_case_t test_aes_cbc_encrypt_functional) = { - .p_test_case_name = "AES CBC Functional", - .setup = aes_setup_functional, - .exec = exec_test_case_aes_cbc_functional, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_cbc_func_data, - .vectors_stop = __stop_test_vector_aes_cbc_func_data, -}; - -/** @brief Macro for registering the AES test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_cbc_data, test_case_t test_aes_cbc_encrypt) = { - .p_test_case_name = "AES CBC Encrypt", - .setup = aes_setup, - .exec = exec_test_case_aes_cbc, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_cbc_data, - .vectors_stop = __stop_test_vector_aes_cbc_data, -}; - -/** @brief Macro for registering the AES Monte Carlo test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_cbc_data, - test_case_t test_aes_cbc_encrypt_monte_carlo) = { - .p_test_case_name = "AES CBC Monte Carlo", - .setup = aes_setup_monte_carlo, - .exec = exec_test_case_aes_cbc_monte_carlo, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_cbc_monte_carlo_data, - .vectors_stop = __stop_test_vector_aes_cbc_monte_carlo_data, -}; - -ZTEST_SUITE(test_suite_aes_cbc, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_aes_cbc, test_case_aes_cbc_functional) -{ - aes_setup_functional(); - exec_test_case_aes_cbc_functional(); -} - -ZTEST(test_suite_aes_cbc, test_case_aes_cbc) -{ - aes_setup(); - exec_test_case_aes_cbc(); -} - -ZTEST(test_suite_aes_cbc, test_case_aes_cbc_monte_carlo) -{ - aes_setup_monte_carlo(); - exec_test_case_aes_cbc_monte_carlo(); -} diff --git a/tests/crypto/test_cases/test_aes_cbc_mac.c b/tests/crypto/test_cases/test_aes_cbc_mac.c deleted file mode 100644 index 23fbaee067e8..000000000000 --- a/tests/crypto/test_cases/test_aes_cbc_mac.c +++ /dev/null @@ -1,241 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_aes_cbc_mac, LOG_LEVEL_INF); -/* If LOG_LEVEL_DBG and this to true, some hexdumps will be displayed. */ -static bool dbg_hexdump_on; - -extern test_vector_aes_t __start_test_vector_aes_cbc_mac_data[]; -extern test_vector_aes_t __stop_test_vector_aes_cbc_mac_data[]; - -/* This number of bytes are used as buffer end-markers in some tests - * such that we can check for overflow via known values. - */ -#define NUM_BUFFER_OVERFLOW_TEST_BYTES (2) -#define AES_IV_MAX_SIZE (16) -#define AES_MAC_INPUT_BLOCK_SIZE (16) -#define AES_PLAINTEXT_BUF_SIZE (256) -#define AES_PLAINTEXT_BUF_SIZE_PLUS \ - (AES_PLAINTEXT_BUF_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES) -#define AES_MAX_KEY_SIZE (256 / (8)) -#define AES_MIN_KEY_SIZE (128 / (8)) - -static uint8_t m_aes_input_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_expected_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_key_buf[AES_MAX_KEY_SIZE]; -static uint8_t m_aes_iv_buf[AES_IV_MAX_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES]; -static uint8_t m_aes_temp_buf[AES_MAX_KEY_SIZE]; - -static test_vector_aes_t *p_test_vector; - -static size_t input_len; -static size_t output_len; -static size_t key_len; -static size_t iv_len; -static size_t ad_len; - -void aes_cbc_mac_clear_buffers(void); -void unhexify_aes_cbc_mac(void); - -static int cipher_init(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_cipher_mode_t mode) -{ - mbedtls_cipher_init(p_ctx); - - const mbedtls_cipher_info_t *p_cipher_info = - mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, - key_len_bytes * 8, mode); - return mbedtls_cipher_setup(p_ctx, p_cipher_info); -} - -static int cipher_set_key(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_operation_t operation) -{ - return mbedtls_cipher_setkey(p_ctx, m_aes_key_buf, key_len_bytes * 8, - operation); -} - -static int cipher_set_padding(mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t padding) -{ - return mbedtls_cipher_set_padding_mode(ctx, padding); -} - -static int cipher_crypt(mbedtls_cipher_context_t *p_ctx, size_t iv_len, - size_t input_len) -{ - size_t crypt_len = 0; /* Unused */ - - return mbedtls_cipher_crypt(p_ctx, m_aes_iv_buf, iv_len, - m_aes_input_buf, input_len, - m_aes_output_buf, &crypt_len); -} - -static int _cipher_update_iterative_full_blocks(mbedtls_cipher_context_t *p_ctx, - size_t input_len) -{ - int err_code; - size_t round = 0; - size_t output_len; - - do { - err_code = mbedtls_cipher_update( - p_ctx, &m_aes_input_buf[16 * round], 16, - &m_aes_output_buf[16 * round], &output_len); - round++; - if (dbg_hexdump_on) { - LOG_DBG("Output len %d", output_len); - } - } while ((err_code == 0) && ((round * 16) < input_len)); - - return err_code; -} - -static int cipher_update_iterative(mbedtls_cipher_context_t *p_ctx, - size_t input_len) -{ - return _cipher_update_iterative_full_blocks(p_ctx, input_len); -} - -static void aes_setup_cbc_mac(void) -{ - static int i; - - aes_cbc_mac_clear_buffers(); - - p_test_vector = - ITEM_GET(test_vector_aes_cbc_mac_data, test_vector_aes_t, i++); - - unhexify_aes_cbc_mac(); -} - -void aes_cbc_mac_clear_buffers(void) -{ - memset(m_aes_input_buf, 0xFF, sizeof(m_aes_input_buf)); - memset(m_aes_output_buf, 0xFF, sizeof(m_aes_output_buf)); - memset(m_aes_expected_output_buf, 0xFF, - sizeof(m_aes_expected_output_buf)); - memset(m_aes_key_buf, 0x00, sizeof(m_aes_key_buf)); - memset(m_aes_iv_buf, 0xFF, sizeof(m_aes_iv_buf)); - memset(m_aes_temp_buf, 0x00, sizeof(m_aes_temp_buf)); -} - -__attribute__((noinline)) void unhexify_aes_cbc_mac(void) -{ - bool encrypt = (p_test_vector->direction == MBEDTLS_ENCRYPT); - - key_len = hex2bin_safe(p_test_vector->p_key, - m_aes_key_buf, - sizeof(m_aes_key_buf)); - iv_len = hex2bin_safe(p_test_vector->p_iv, - m_aes_iv_buf, - sizeof(m_aes_iv_buf)); - ad_len = hex2bin_safe(p_test_vector->p_ad, - m_aes_temp_buf, - sizeof(m_aes_temp_buf)); - - if (encrypt) { - input_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } else { - input_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } -} - -/**@brief Function for the AES MAC test execution. - */ -void exec_test_case_aes_cbc_mac(void) -{ - int err_code = -1; - - mbedtls_cipher_context_t ctx; - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_ENCRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - LOG_DBG("Using CBC for MAC (CBC MAC)."); - start_time_measurement(); - err_code = cipher_crypt(&ctx, iv_len, input_len); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* AES-CBC produces a tag in the last block. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, - &m_aes_output_buf[input_len - 16], 16, - p_test_vector->expected_result, - "Incorrect generated AES MAC"); - - /* Redo all but now in iterations. */ - aes_cbc_mac_clear_buffers(); - unhexify_aes_cbc_mac(); - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_ENCRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_update_iterative(&ctx, input_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - /* AES CBC MAC produces the MAC at the end of the output. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, - &m_aes_output_buf[input_len - 16], 16, - p_test_vector->expected_result, - "Incorrect generated AES MAC"); - - mbedtls_cipher_free(&ctx); -} - -/** @brief Macro for registering the AES test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_cbc_mac_data, test_case_t test_aes_cbc_mac) = { - .p_test_case_name = "AES CBC MAC", - .setup = aes_setup_cbc_mac, - .exec = exec_test_case_aes_cbc_mac, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_cbc_mac_data, - .vectors_stop = __stop_test_vector_aes_cbc_mac_data, -}; - -ZTEST_SUITE(test_suite_aes_cbc_mac, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_aes_cbc_mac, test_case_aes_cbc_mac) -{ - aes_setup_cbc_mac(); - exec_test_case_aes_cbc_mac(); -} diff --git a/tests/crypto/test_cases/test_aes_ctr.c b/tests/crypto/test_cases/test_aes_ctr.c deleted file mode 100644 index bba36315cf5b..000000000000 --- a/tests/crypto/test_cases/test_aes_ctr.c +++ /dev/null @@ -1,429 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_aes_ctr, LOG_LEVEL_INF); -/* If LOG_LEVEL_DBG and this to true, some hexdumps will be displayed. */ -static bool dbg_hexdump_on; - -extern test_vector_aes_t __start_test_vector_aes_ctr_data[]; -extern test_vector_aes_t __stop_test_vector_aes_ctr_data[]; - -extern test_vector_aes_t __start_test_vector_aes_ctr_func_data[]; -extern test_vector_aes_t __stop_test_vector_aes_ctr_func_data[]; - -#define NUM_BUFFER_OVERFLOW_TEST_BYTES (2) -#define AES_IV_MAX_SIZE (16) -#define AES_MAC_INPUT_BLOCK_SIZE (16) -#define AES_PLAINTEXT_BUF_SIZE (256) -#define AES_PLAINTEXT_BUF_SIZE_PLUS \ - (AES_PLAINTEXT_BUF_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES) -#define AES_MAX_KEY_SIZE (256 / (8)) -#define AES_MIN_KEY_SIZE (128 / (8)) - -static uint8_t m_aes_input_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_expected_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -/* Monte carlo tests use previous output iterations. */ -static uint8_t m_prev_aes_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_key_buf[AES_MAX_KEY_SIZE]; -static uint8_t m_aes_iv_buf[AES_IV_MAX_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES]; -static uint8_t m_aes_temp_buf[AES_MAX_KEY_SIZE]; - -static test_vector_aes_t *p_test_vector; - -static size_t input_len; -static size_t output_len; -static size_t key_len; -static size_t iv_len; -static size_t ad_len; - -void aes_ctr_clear_buffers(void); -void unhexify_aes_ctr(void); - -static int cipher_init(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_cipher_mode_t mode) -{ - mbedtls_cipher_init(p_ctx); - - const mbedtls_cipher_info_t *p_cipher_info = - mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, - key_len_bytes * 8, mode); - return mbedtls_cipher_setup(p_ctx, p_cipher_info); -} - -static int cipher_set_key(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_operation_t operation) -{ - return mbedtls_cipher_setkey(p_ctx, m_aes_key_buf, key_len_bytes * 8, - operation); -} - -static int cipher_set_padding(mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t padding) -{ - /* Only CBC mode supports padding at the moment. */ - return 0; -} - -static void cipher_extra_checks_ctr(mbedtls_cipher_context_t *ctx, - test_vector_aes_t *p_test_vector, - size_t iv_len, size_t ad_len) -{ - /* Verify that the counter value has incremented as expected. */ - TEST_VECTOR_MEMCMP_ASSERT(ctx->iv, m_aes_temp_buf, ad_len, 0, - "Incorrect incremented counter value."); - - /* Verify that the next two bytes in buffers are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_iv_buf, iv_len, "IV buffer overflow"); -} - -static int cipher_crypt(mbedtls_cipher_context_t *p_ctx, size_t iv_len, - size_t input_len) -{ - size_t crypt_len = 0; /* Unused */ - - return mbedtls_cipher_crypt(p_ctx, m_aes_iv_buf, iv_len, - m_aes_input_buf, input_len, - m_aes_output_buf, &crypt_len); -} - -static void aes_ctr_setup_functional(void) -{ - static int i; - - aes_ctr_clear_buffers(); - p_test_vector = - ITEM_GET(test_vector_aes_ctr_func_data, test_vector_aes_t, i++); - - unhexify_aes_ctr(); -} - -static void aes_ctr_setup(void) -{ - static int i; - - aes_ctr_clear_buffers(); - - p_test_vector = - ITEM_GET(test_vector_aes_ctr_data, test_vector_aes_t, i++); - - unhexify_aes_ctr(); -} - -void aes_ctr_clear_buffers(void) -{ - memset(m_aes_input_buf, 0xFF, sizeof(m_aes_input_buf)); - memset(m_aes_output_buf, 0xFF, sizeof(m_aes_output_buf)); - memset(m_aes_expected_output_buf, 0xFF, - sizeof(m_aes_expected_output_buf)); - memset(m_prev_aes_output_buf, 0x00, sizeof(m_prev_aes_output_buf)); - memset(m_aes_key_buf, 0x00, sizeof(m_aes_key_buf)); - memset(m_aes_iv_buf, 0xFF, sizeof(m_aes_iv_buf)); - memset(m_aes_temp_buf, 0x00, sizeof(m_aes_temp_buf)); -} - -__attribute__((noinline)) void unhexify_aes_ctr(void) -{ - bool encrypt = p_test_vector->direction == MBEDTLS_ENCRYPT; - - key_len = hex2bin_safe(p_test_vector->p_key, - m_aes_key_buf, - sizeof(m_aes_key_buf)); - iv_len = hex2bin_safe(p_test_vector->p_iv, - m_aes_iv_buf, - sizeof(m_aes_iv_buf)); - ad_len = hex2bin_safe(p_test_vector->p_ad, - m_aes_temp_buf, - sizeof(m_aes_temp_buf)); - - if (encrypt) { - input_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } else { - input_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } -} - -/**@brief Function for the AES functional test execution. - */ -void exec_test_case_aes_ctr_functional(void) -{ - int err_code = -1; - - mbedtls_cipher_context_t ctx; - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_ENCRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - start_time_measurement(); - err_code = cipher_crypt(&ctx, iv_len, input_len); - stop_time_measurement(); - - /* Verify the nrf_crypto_aes_finalize err_code. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - /* Verify that the next two bytes in buffers are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_output_buf, output_len, - "output buffer overflow"); - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_input_buf, input_len, - "input buffer overflow"); - - /* Reset buffers and fetch test vectors. */ - aes_ctr_clear_buffers(); - unhexify_aes_ctr(); - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_DECRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_crypt(&ctx, iv_len, input_len); - /* Verify the nrf_crypto_aes_finalize err_code. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES plaintext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES plaintext"); - - /* Verify that the next two bytes in buffers are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_output_buf, output_len, - "output buffer overflow"); - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_input_buf, input_len, - "input buffer overflow"); - - /* Free resources */ - mbedtls_cipher_free(&ctx); -} - -/**@brief Function for the AES test execution. - */ -void exec_test_case_aes_ctr(void) -{ - int err_code = -1; - - mbedtls_cipher_context_t ctx; - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Encrypt or decrypt input. */ - start_time_measurement(); - err_code = cipher_crypt(&ctx, iv_len, input_len); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - input_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - /* Extra mode-dependent checks */ - cipher_extra_checks_ctr(&ctx, p_test_vector, iv_len, ad_len); - - /* Free resources */ - mbedtls_cipher_free(&ctx); -} - -void monte_carlo_update_key(size_t key_len, size_t ciphertext_len) -{ - if (dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf before update"); - } - uint8_t divider; - - divider = key_len - ciphertext_len; - - /* Xor previous cipher with key if key_len > cipher_len. */ - for (uint8_t xor_start = 0; xor_start < divider; xor_start++) { - m_aes_key_buf[xor_start] ^= - m_prev_aes_output_buf[ciphertext_len - divider + - xor_start]; - } - - /* Xor cipher with last 16 bytes of key. */ - for (uint8_t xor_start = 0; xor_start < ciphertext_len; xor_start++) { - m_aes_key_buf[divider + xor_start] ^= - m_aes_output_buf[xor_start]; - } - - if (dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf after update"); - } -} - -int monte_carlo(test_vector_aes_t *p_test_vector, - mbedtls_cipher_context_t *p_ctx, size_t key_len, size_t iv_len, - size_t input_len, size_t output_len) -{ - uint16_t j; - int err_code; - - /* Execution of encryption or decryption 1000 times with same AES key. */ - for (j = 0; j < 1000; j++) { - if (j < 5 && dbg_hexdump_on) { - LOG_DBG("MC inner #%d", j); - LOG_HEXDUMP_DBG(m_aes_input_buf, input_len, - "m_aes_input_buf"); - } - memcpy(m_prev_aes_output_buf, m_aes_output_buf, - sizeof(m_prev_aes_output_buf)); - err_code = - mbedtls_cipher_update(p_ctx, m_aes_input_buf, input_len, - m_aes_output_buf, &output_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, - err_code); - - if (j < 5 && dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_output_buf, input_len, - "m_aes_output_buf"); - } - } - - /* Update the AES key. */ - monte_carlo_update_key(key_len, output_len); - - err_code = cipher_set_key(p_ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - return err_code; -} - -/**@brief Function for the AES Monte Carlo test execution. - */ -void exec_test_case_aes_monte_carlo(void) -{ - int err_code; - - TEST_VECTOR_ASSERT_EQUAL(input_len, output_len); - - mbedtls_cipher_context_t ctx; - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Start the Monte Carlo test. */ - uint32_t k = 0; - start_time_measurement(); - do { - if (k < 3 && dbg_hexdump_on) { - LOG_DBG("MC outer #%d", k); - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf outer"); - } else { - /* Turn off hexdump after a few iterations. */ - dbg_hexdump_on = false; - } - err_code = monte_carlo(p_test_vector, &ctx, key_len, iv_len, - input_len, output_len); - } while ((err_code == p_test_vector->expected_err_code) && (++k < 100)); - stop_time_measurement(); - - LOG_HEXDUMP_DBG(m_aes_output_buf, output_len, "m_aes_output_buf final"); - LOG_HEXDUMP_DBG(m_aes_expected_output_buf, output_len, - "m_aes_expected_output_buf"); - - /* Verify generated AES plaintext or ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - /* Un-initialize resources. */ - mbedtls_cipher_free(&ctx); -} - -/** @brief Macro for registering the AES funtional test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_ctr_data, - test_case_t test_aes_encrypt_functional) = { - .p_test_case_name = "AES CTR Functional", - .setup = aes_ctr_setup_functional, - .exec = exec_test_case_aes_ctr_functional, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_ctr_func_data, - .vectors_stop = __stop_test_vector_aes_ctr_func_data, -}; - -/** @brief Macro for registering the AES test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_ctr_data, test_case_t test_aes_encrypt) = { - .p_test_case_name = "AES CTR Encrypt", - .setup = aes_ctr_setup, - .exec = exec_test_case_aes_ctr, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_ctr_data, - .vectors_stop = __stop_test_vector_aes_ctr_data, -}; - -ZTEST_SUITE(test_suite_aes_ctr, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_aes_ctr, test_case_aes_ctr_functional) -{ - aes_ctr_setup_functional(); - exec_test_case_aes_ctr_functional(); -} - -ZTEST(test_suite_aes_ctr, test_case_aes_ctr) -{ - aes_ctr_setup(); - exec_test_case_aes_ctr(); -} diff --git a/tests/crypto/test_cases/test_aes_ecb.c b/tests/crypto/test_cases/test_aes_ecb.c deleted file mode 100644 index 3e098cc2821d..000000000000 --- a/tests/crypto/test_cases/test_aes_ecb.c +++ /dev/null @@ -1,470 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_aes_ecb, LOG_LEVEL_INF); -/* If LOG_LEVEL_DBG and this to true, some hexdumps will be displayed. */ -static bool dbg_hexdump_on; - -extern test_vector_aes_t __start_test_vector_aes_ecb_data[]; -extern test_vector_aes_t __stop_test_vector_aes_ecb_data[]; - -extern test_vector_aes_t __start_test_vector_aes_ecb_func_data[]; -extern test_vector_aes_t __stop_test_vector_aes_ecb_func_data[]; - -extern test_vector_aes_t __start_test_vector_aes_ecb_monte_carlo_data[]; -extern test_vector_aes_t __stop_test_vector_aes_ecb_monte_carlo_data[]; - -#define NUM_BUFFER_OVERFLOW_TEST_BYTES (2) -#define AES_IV_MAX_SIZE (16) -#define AES_MAC_INPUT_BLOCK_SIZE (16) -#define AES_PLAINTEXT_BUF_SIZE (256) -#define AES_PLAINTEXT_BUF_SIZE_PLUS \ - (AES_PLAINTEXT_BUF_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES) -#define AES_MAX_KEY_SIZE (256 / (8)) -#define AES_MIN_KEY_SIZE (128 / (8)) - -static uint8_t m_aes_input_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_expected_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_prev_aes_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_key_buf[AES_MAX_KEY_SIZE]; -static uint8_t m_aes_iv_buf[AES_IV_MAX_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES]; -static uint8_t m_aes_temp_buf[AES_MAX_KEY_SIZE]; - -static test_vector_aes_t *p_test_vector; -/* Some tests require overriding the test vector crypt direction. - * Use this additional flag to force decrypt (if set to false). - */ -static bool g_encrypt = true; - -static size_t input_len; -static size_t output_len; -static size_t key_len; -static size_t iv_len; -static size_t ad_len; - -void aes_ecb_clear_buffers(void); -void unhexify_aes_ecb(void); - -static int cipher_init(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_cipher_mode_t mode) -{ - mbedtls_cipher_init(p_ctx); - - const mbedtls_cipher_info_t *p_cipher_info = - mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, - key_len_bytes * 8, mode); - return mbedtls_cipher_setup(p_ctx, p_cipher_info); -} - -static int cipher_set_key(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_operation_t operation) -{ - return mbedtls_cipher_setkey(p_ctx, m_aes_key_buf, key_len_bytes * 8, - operation); -} - -static int cipher_set_padding(mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t padding) -{ - /* Only CBC mode supports padding at the moment. */ - return 0; -} - -static int cipher_crypt_ecb(mbedtls_cipher_context_t *p_ctx, size_t input_len) -{ - int err_code; - size_t crypt_len = 0; /* Unused */ - size_t round = 0; - - do { - err_code = mbedtls_cipher_crypt( - p_ctx, - m_aes_iv_buf, /* iv dummy buf: unused but checked internally */ - 16, /* iv dummy len: unused but checked internally */ - &m_aes_input_buf[16 * round], 16, - &m_aes_output_buf[16 * round], &crypt_len); - round++; - } while ((err_code == 0) && ((16 * round) < input_len)); - - return err_code; -} - -static void aes_setup_functional(void) -{ - aes_ecb_clear_buffers(); - - static int i; - p_test_vector = - ITEM_GET(test_vector_aes_ecb_func_data, test_vector_aes_t, i++); - - unhexify_aes_ecb(); -} - -static void aes_setup(void) -{ - aes_ecb_clear_buffers(); - - static int i; - p_test_vector = - ITEM_GET(test_vector_aes_ecb_data, test_vector_aes_t, i++); - - unhexify_aes_ecb(); -} - -static void aes_setup_monte_carlo(void) -{ - aes_ecb_clear_buffers(); - - static int i; - p_test_vector = ITEM_GET(test_vector_aes_ecb_monte_carlo_data, - test_vector_aes_t, i++); - - unhexify_aes_ecb(); - - LOG_DBG("key len: %d", key_len); - LOG_DBG("input len: %d", input_len); -} - -void aes_ecb_clear_buffers(void) -{ - memset(m_aes_input_buf, 0xFF, sizeof(m_aes_input_buf)); - memset(m_aes_output_buf, 0xFF, sizeof(m_aes_output_buf)); - memset(m_aes_expected_output_buf, 0xFF, - sizeof(m_aes_expected_output_buf)); - memset(m_prev_aes_output_buf, 0x00, sizeof(m_prev_aes_output_buf)); - memset(m_aes_key_buf, 0x00, sizeof(m_aes_key_buf)); - memset(m_aes_iv_buf, 0xFF, sizeof(m_aes_iv_buf)); - memset(m_aes_temp_buf, 0x00, sizeof(m_aes_temp_buf)); -} - -__attribute__((noinline)) void unhexify_aes_ecb(void) -{ - bool encrypt = - (p_test_vector->direction == MBEDTLS_ENCRYPT) && g_encrypt; - - key_len = hex2bin_safe(p_test_vector->p_key, - m_aes_key_buf, - sizeof(m_aes_key_buf)); - iv_len = hex2bin_safe(p_test_vector->p_iv, - m_aes_iv_buf, - sizeof(m_aes_iv_buf)); - ad_len = hex2bin_safe(p_test_vector->p_ad, - m_aes_temp_buf, - sizeof(m_aes_temp_buf)); - - if (encrypt) { - input_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } else { - input_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } -} - -/**@brief Function for the AES functional test execution. - */ -void exec_test_case_aes_ecb_functional(void) -{ - int err_code = -1; - - mbedtls_cipher_context_t ctx; - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_ENCRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - start_time_measurement(); - err_code = cipher_crypt_ecb(&ctx, input_len); - stop_time_measurement(); - - /* Verify the nrf_crypto_aes_finalize err_code. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - /* Verify that the next two bytes in buffers are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_output_buf, output_len, - "output buffer overflow"); - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_input_buf, input_len, - "input buffer overflow"); - - /* Reset buffers and fetch test vector, but now decrypt. */ - aes_ecb_clear_buffers(); - g_encrypt = false; - unhexify_aes_ecb(); - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_DECRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_crypt_ecb(&ctx, input_len); - /* Verify the nrf_crypto_aes_finalize err_code. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES plaintext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES plaintext"); - - /* Verify that the next two bytes in buffers are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_output_buf, output_len, - "output buffer overflow"); - TEST_VECTOR_OVERFLOW_ASSERT(m_aes_input_buf, input_len, - "input buffer overflow"); - - /* Free resources */ - mbedtls_cipher_free(&ctx); - /* Redo change */ - g_encrypt = true; -} - -/**@brief Function for the AES test execution. - */ -void exec_test_case_aes_ecb(void) -{ - int err_code = -1; - - mbedtls_cipher_context_t ctx; - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Encrypt or decrypt input. */ - start_time_measurement(); - err_code = cipher_crypt_ecb(&ctx, input_len); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated AES ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - input_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - /* Free resources */ - mbedtls_cipher_free(&ctx); -} - -void monte_carlo_ecb_update_key(size_t key_len, size_t ciphertext_len) -{ - if (dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf before update"); - } - uint8_t divider; - - divider = key_len - ciphertext_len; - - /* Xor previous cipher with key if key_len > cipher_len. */ - for (uint8_t xor_start = 0; xor_start < divider; xor_start++) { - m_aes_key_buf[xor_start] ^= - m_prev_aes_output_buf[ciphertext_len - divider + - xor_start]; - } - - /* Xor cipher with last 16 bytes of key. */ - for (uint8_t xor_start = 0; xor_start < ciphertext_len; xor_start++) { - m_aes_key_buf[divider + xor_start] ^= - m_aes_output_buf[xor_start]; - } - - if (dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf after update"); - } -} - -int monte_carlo_ecb(test_vector_aes_t *p_test_vector, - mbedtls_cipher_context_t *p_ctx, size_t key_len, - size_t iv_len, size_t input_len, size_t output_len) -{ - uint16_t j; - int err_code; - - /* Execution of encryption or decryption 1000 times with same AES key. */ - for (j = 0; j < 1000; j++) { - if (j < 5 && dbg_hexdump_on) { - LOG_DBG("MC inner #%d", j); - LOG_HEXDUMP_DBG(m_aes_input_buf, input_len, - "m_aes_input_buf"); - } - memcpy(m_prev_aes_output_buf, m_aes_output_buf, - sizeof(m_prev_aes_output_buf)); - err_code = - mbedtls_cipher_update(p_ctx, m_aes_input_buf, input_len, - m_aes_output_buf, &output_len); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, - err_code); - memcpy(m_aes_input_buf, m_aes_output_buf, input_len); - - if (j < 5 && dbg_hexdump_on) { - LOG_HEXDUMP_DBG(m_aes_output_buf, input_len, - "m_aes_output_buf"); - } - } - - /* Update the AES key. */ - monte_carlo_ecb_update_key(key_len, output_len); - - err_code = cipher_set_key(p_ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - return err_code; -} - -/**@brief Function for the AES Monte Carlo test execution. - */ -void exec_test_case_aes_ecb_monte_carlo(void) -{ - int err_code; - - TEST_VECTOR_ASSERT_EQUAL(input_len, output_len); - - mbedtls_cipher_context_t ctx; - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, p_test_vector->direction); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Start the Monte Carlo test. */ - uint32_t k = 0; - start_time_measurement(); - do { - if (k < 3 && dbg_hexdump_on) { - LOG_DBG("MC outer #%d", k); - LOG_HEXDUMP_DBG(m_aes_key_buf, key_len, - "m_aes_key_buf outer"); - } else { - /* Turn off hexdump after a few iterations. */ - dbg_hexdump_on = false; - } - err_code = monte_carlo_ecb(p_test_vector, &ctx, key_len, iv_len, - input_len, output_len); - } while ((err_code == p_test_vector->expected_err_code) && (++k < 100)); - stop_time_measurement(); - - LOG_HEXDUMP_DBG(m_aes_output_buf, output_len, "m_aes_output_buf final"); - LOG_HEXDUMP_DBG(m_aes_expected_output_buf, output_len, - "m_aes_expected_output_buf"); - - /* Verify generated AES plaintext or ciphertext. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - output_len, p_test_vector->expected_result, - "Incorrect generated AES ciphertext"); - - - /* Un-initialize resources. */ - mbedtls_cipher_free(&ctx); -} - -/** @brief Macro for registering the AES funtional test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_ecb_data, - test_case_t test_aes_ecb_encrypt_functional) = { - .p_test_case_name = "AES ECB Functional", - .setup = aes_setup_functional, - .exec = exec_test_case_aes_ecb_functional, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_ecb_func_data, - .vectors_stop = __stop_test_vector_aes_ecb_func_data, -}; - -/** @brief Macro for registering the AES test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_ecb_data, test_case_t test_aes_ecb_encrypt) = { - .p_test_case_name = "AES ECB Encrypt", - .setup = aes_setup, - .exec = exec_test_case_aes_ecb, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_ecb_data, - .vectors_stop = __stop_test_vector_aes_ecb_data, -}; - -/** @brief Macro for registering the AES Monte Carlo test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_ecb_data, - test_case_t test_aes_ecb_encrypt_monte_carlo) = { - .p_test_case_name = "AES ECB Monte Carlo", - .setup = aes_setup_monte_carlo, - .exec = exec_test_case_aes_ecb_monte_carlo, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_ecb_monte_carlo_data, - .vectors_stop = __stop_test_vector_aes_ecb_monte_carlo_data, -}; - -ZTEST_SUITE(test_suite_aes_ecb, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_aes_ecb, test_case_aes_ecb_encrypt_functional) -{ - aes_setup_functional(); - exec_test_case_aes_ecb_functional(); -} - -ZTEST(test_suite_aes_ecb, test_case_aes_ecb) -{ - aes_setup(); - exec_test_case_aes_ecb(); -} - -ZTEST(test_suite_aes_ecb, test_case_aes_ecb_monte_carlo) -{ - aes_setup_monte_carlo(); - exec_test_case_aes_ecb_monte_carlo(); -} diff --git a/tests/crypto/test_cases/test_aes_ecb_mac.c b/tests/crypto/test_cases/test_aes_ecb_mac.c deleted file mode 100644 index 8a6046eb7c02..000000000000 --- a/tests/crypto/test_cases/test_aes_ecb_mac.c +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_aes_ecb_mac, LOG_LEVEL_INF); - -extern test_vector_aes_t __start_test_vector_aes_ecb_mac_data[]; -extern test_vector_aes_t __stop_test_vector_aes_ecb_mac_data[]; - -#define NUM_BUFFER_OVERFLOW_TEST_BYTES (2) -#define AES_IV_MAX_SIZE (16) -#define AES_MAC_INPUT_BLOCK_SIZE (16) -#define AES_PLAINTEXT_BUF_SIZE (256) -#define AES_PLAINTEXT_BUF_SIZE_PLUS \ - (AES_PLAINTEXT_BUF_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES) -#define AES_MAX_KEY_SIZE (256 / (8)) -#define AES_MIN_KEY_SIZE (128 / (8)) - -static uint8_t m_aes_input_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_expected_output_buf[AES_PLAINTEXT_BUF_SIZE_PLUS]; -static uint8_t m_aes_key_buf[AES_MAX_KEY_SIZE]; -static uint8_t m_aes_iv_buf[AES_IV_MAX_SIZE + NUM_BUFFER_OVERFLOW_TEST_BYTES]; -static uint8_t m_aes_temp_buf[AES_MAX_KEY_SIZE]; - -static test_vector_aes_t *p_test_vector; - -static size_t input_len; -static size_t output_len; -static size_t key_len; -static size_t iv_len; -static size_t ad_len; - -void aes_ecb_mac_clear_buffers(void); -void unhexify_aes_ecb_mac(void); - -static int cipher_init(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_cipher_mode_t mode) -{ - mbedtls_cipher_init(p_ctx); - - const mbedtls_cipher_info_t *p_cipher_info = - mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, - key_len_bytes * 8, mode); - return mbedtls_cipher_setup(p_ctx, p_cipher_info); -} - -static int cipher_set_key(mbedtls_cipher_context_t *p_ctx, size_t key_len_bytes, - mbedtls_operation_t operation) -{ - return mbedtls_cipher_setkey(p_ctx, m_aes_key_buf, key_len_bytes * 8, - operation); -} - -static int cipher_set_padding(mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t padding) -{ - /* Only CBC mode supports padding at the moment. */ - return 0; -} - -static int cipher_update_iterative(mbedtls_cipher_context_t *p_ctx, - size_t input_len) -{ - int err_code; - size_t round = 0; - - do { - size_t process_len = MIN(16, input_len); - err_code = mbedtls_cipher_cmac_update( - p_ctx, &m_aes_input_buf[16 * round], process_len); - input_len -= process_len; - round++; - } while ((err_code == 0) && (input_len > 0)); - - return err_code; -} - -static void aes_setup_ecb_mac(void) -{ - static int i; - - aes_ecb_mac_clear_buffers(); - - p_test_vector = - ITEM_GET(test_vector_aes_ecb_mac_data, test_vector_aes_t, i++); - - unhexify_aes_ecb_mac(); -} - -void aes_ecb_mac_clear_buffers(void) -{ - memset(m_aes_input_buf, 0xFF, sizeof(m_aes_input_buf)); - memset(m_aes_output_buf, 0xFF, sizeof(m_aes_output_buf)); - memset(m_aes_expected_output_buf, 0xFF, - sizeof(m_aes_expected_output_buf)); - memset(m_aes_key_buf, 0x00, sizeof(m_aes_key_buf)); - memset(m_aes_iv_buf, 0xFF, sizeof(m_aes_iv_buf)); - memset(m_aes_temp_buf, 0x00, sizeof(m_aes_temp_buf)); -} - -__attribute__((noinline)) void unhexify_aes_ecb_mac(void) -{ - bool encrypt = p_test_vector->direction == MBEDTLS_ENCRYPT; - - key_len = hex2bin_safe(p_test_vector->p_key, - m_aes_key_buf, - sizeof(m_aes_key_buf)); - iv_len = hex2bin_safe(p_test_vector->p_iv, - m_aes_iv_buf, - sizeof(m_aes_iv_buf)); - ad_len = hex2bin_safe(p_test_vector->p_ad, - m_aes_temp_buf, - sizeof(m_aes_temp_buf)); - - if (encrypt) { - input_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } else { - input_len = hex2bin_safe(p_test_vector->p_ciphertext, - m_aes_input_buf, - sizeof(m_aes_input_buf)); - output_len = hex2bin_safe(p_test_vector->p_plaintext, - m_aes_expected_output_buf, - sizeof(m_aes_expected_output_buf)); - } -} - -/**@brief Function for the AES MAC test execution. - */ -void exec_test_case_aes_ecb_mac(void) -{ - int err_code = -1; - - mbedtls_cipher_context_t ctx; - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_ENCRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_padding(&ctx, p_test_vector->padding); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - LOG_DBG("Using ECB for MAC (CMAC)."); - start_time_measurement(); - err_code = mbedtls_cipher_cmac(ctx.cipher_info, m_aes_key_buf, - key_len * 8, m_aes_input_buf, input_len, - m_aes_output_buf); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify MAC based on underlying mode. */ - /* CMAC generates a tag only. */ - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - 16, p_test_vector->expected_result, - "Incorrect generated AES MAC"); - /* Redo all but now in iterations. */ - aes_ecb_mac_clear_buffers(); - unhexify_aes_ecb_mac(); - - err_code = cipher_init(&ctx, key_len, p_test_vector->mode); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_set_key(&ctx, key_len, MBEDTLS_ENCRYPT); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_cipher_cmac_starts(&ctx, m_aes_key_buf, key_len * 8); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = cipher_update_iterative(&ctx, input_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_cipher_cmac_finish(&ctx, m_aes_output_buf); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - TEST_VECTOR_MEMCMP_ASSERT(m_aes_expected_output_buf, m_aes_output_buf, - 16, p_test_vector->expected_result, - "Incorrect generated AES MAC"); - mbedtls_cipher_free(&ctx); -} - -/** @brief Macro for registering the AES test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_aes_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_aes_ecb_mac_data, test_case_t test_aes_ecb_mac) = { - .p_test_case_name = "AES ECB MAC", - .setup = aes_setup_ecb_mac, - .exec = exec_test_case_aes_ecb_mac, - .teardown = teardown_pass, - .vector_type = TV_AES, - .vectors_start = __start_test_vector_aes_ecb_mac_data, - .vectors_stop = __stop_test_vector_aes_ecb_mac_data, -}; - -ZTEST_SUITE(test_suite_aes_ecb_mac, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_aes_ecb_mac, test_case_aes_ecb_mac) -{ - aes_setup_ecb_mac(); - exec_test_case_aes_ecb_mac(); -} diff --git a/tests/crypto/test_cases/test_ecdh.c b/tests/crypto/test_cases/test_ecdh.c deleted file mode 100644 index 2783a5df3828..000000000000 --- a/tests/crypto/test_cases/test_ecdh.c +++ /dev/null @@ -1,470 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" - -#include -#include - -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_ecdh, LOG_LEVEL_INF); - -extern test_vector_ecdh_t __start_test_vector_ecdh_data_random[]; -extern test_vector_ecdh_t __stop_test_vector_ecdh_data_random[]; - -extern test_vector_ecdh_t __start_test_vector_ecdh_data_deterministic_simple[]; -extern test_vector_ecdh_t __stop_test_vector_ecdh_data_deterministic_simple[]; - -extern test_vector_ecdh_t __start_test_vector_ecdh_data_deterministic_full[]; -extern test_vector_ecdh_t __stop_test_vector_ecdh_data_deterministic_full[]; - -/* TODO: Possibly tune buffers which have lower size requirements. */ -#define ECDH_BUF_SIZE (512) - -static uint8_t m_ecdh_initiater_priv_key_buf[ECDH_BUF_SIZE]; -static uint8_t m_ecdh_responder_priv_key_buf[ECDH_BUF_SIZE]; -static uint8_t m_ecdh_initiater_publ_key_buf[ECDH_BUF_SIZE]; -static uint8_t m_ecdh_responder_publ_key_buf[ECDH_BUF_SIZE]; -static uint8_t m_ecdh_initiator_ss_buf[ECDH_BUF_SIZE]; -static uint8_t m_ecdh_responder_ss_buf[ECDH_BUF_SIZE]; -static uint8_t m_ecdh_expected_ss_buf[ECDH_BUF_SIZE]; - -static test_vector_ecdh_t *p_test_vector; -static size_t expected_ss_len; - -void ecdh_clear_buffers(void); -void unhexify_ecdh(void); - -static int curve25519_ctx_fixup(mbedtls_ecdh_context_mbed *ctx) -{ - /* Set certain bits to predefined values */ - int err_code = mbedtls_mpi_set_bit(&ctx->d, 0, 0); - - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - err_code |= mbedtls_mpi_set_bit(&ctx->d, 1, 0); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - err_code |= mbedtls_mpi_set_bit(&ctx->d, 2, 0); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - err_code |= mbedtls_mpi_set_bit(&ctx->d, 254, 1); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - err_code |= mbedtls_mpi_set_bit(&ctx->d, 255, 0); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - mbedtls_mpi_lset(&ctx->Q.Z, 1); - - return err_code; -} - -static void ecdh_setup_random(void) -{ - ecdh_clear_buffers(); - static int i; - p_test_vector = - ITEM_GET(test_vector_ecdh_data_random, test_vector_ecdh_t, i++); - unhexify_ecdh(); -} - -static void ecdh_setup_deterministic_simple(void) -{ - ecdh_clear_buffers(); - static int i; - p_test_vector = ITEM_GET(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t, i++); - unhexify_ecdh(); -} - -static void ecdh_setup_deterministic_full(void) -{ - ecdh_clear_buffers(); - static int i; - p_test_vector = ITEM_GET(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t, i++); - unhexify_ecdh(); -} - -void ecdh_clear_buffers(void) -{ - memset(m_ecdh_initiater_priv_key_buf, 0x00, - sizeof(m_ecdh_initiater_priv_key_buf)); - memset(m_ecdh_responder_priv_key_buf, 0x00, - sizeof(m_ecdh_responder_priv_key_buf)); - memset(m_ecdh_initiater_publ_key_buf, 0x00, - sizeof(m_ecdh_initiater_publ_key_buf)); - memset(m_ecdh_responder_publ_key_buf, 0x00, - sizeof(m_ecdh_responder_publ_key_buf)); - memset(m_ecdh_initiator_ss_buf, 0x00, sizeof(m_ecdh_initiator_ss_buf)); - memset(m_ecdh_responder_ss_buf, 0x00, sizeof(m_ecdh_responder_ss_buf)); - memset(m_ecdh_expected_ss_buf, 0x00, sizeof(m_ecdh_expected_ss_buf)); -} - -__attribute__((noinline)) void unhexify_ecdh(void) -{ - - expected_ss_len = hex2bin_safe(p_test_vector->p_expected_shared_secret, - m_ecdh_expected_ss_buf, - sizeof(m_ecdh_expected_ss_buf)); - -} - -/**@brief Function for executing ECDH for initiator and repsonder by - * using random generated keys. - */ -void exec_test_case_ecdh_random(void) -{ - int err_code_initiator = -1; - int err_code_responder = -1; - - mbedtls_ecdh_context initiator_ctx; - mbedtls_ecdh_context responder_ctx; - - mbedtls_ecdh_init(&initiator_ctx); - mbedtls_ecdh_init(&responder_ctx); - - mbedtls_ecdh_context_mbed *initiator_mbed_ctx = &initiator_ctx.ctx.mbed_ecdh; - mbedtls_ecdh_context_mbed *responder_mbed_ctx = &responder_ctx.ctx.mbed_ecdh; - - err_code_initiator = mbedtls_ecp_group_load(&initiator_mbed_ctx->grp, - p_test_vector->curve_type); - TEST_VECTOR_ASSERT_EQUAL(err_code_initiator, 0); - - err_code_responder = mbedtls_ecp_group_load(&responder_mbed_ctx->grp, - p_test_vector->curve_type); - TEST_VECTOR_ASSERT_EQUAL(err_code_responder, 0); - - err_code_initiator = - mbedtls_ecdh_gen_public(&initiator_mbed_ctx->grp, &initiator_mbed_ctx->d, - &initiator_mbed_ctx->Q, - drbg_random, &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code_initiator); - - err_code_responder = - mbedtls_ecdh_gen_public(&responder_mbed_ctx->grp, &responder_mbed_ctx->d, - &responder_mbed_ctx->Q, - drbg_random, &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code_responder); - - start_time_measurement(); - - err_code_initiator = mbedtls_ecdh_compute_shared( - &initiator_mbed_ctx->grp, &initiator_mbed_ctx->z, &responder_mbed_ctx->Q, - &initiator_mbed_ctx->d, drbg_random, &drbg_ctx); - err_code_responder = mbedtls_ecdh_compute_shared( - &responder_mbed_ctx->grp, &responder_mbed_ctx->z, &initiator_mbed_ctx->Q, - &responder_mbed_ctx->d, drbg_random, &drbg_ctx); - - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(0, err_code_initiator); - - TEST_VECTOR_ASSERT_EQUAL(0, err_code_responder); - - size_t len_ss_initiator = mbedtls_mpi_size(&initiator_mbed_ctx->z); - size_t len_ss_responder = mbedtls_mpi_size(&responder_mbed_ctx->z); - TEST_VECTOR_ASSERT_EQUAL(len_ss_initiator, len_ss_responder); - - TEST_VECTOR_MEMCMP_ASSERT(initiator_mbed_ctx->z.p, responder_mbed_ctx->z.p, - len_ss_initiator, - p_test_vector->expected_result, - "Shared secret comparison unexpected result"); - - mbedtls_ecdh_free(&initiator_ctx); - mbedtls_ecdh_free(&responder_ctx); -} - -/**@brief Function for executing deterministic ECDH for initiator and responder. - */ -void exec_test_case_ecdh_deterministic_full(void) -{ - int err_code = -1; - - size_t initiator_ss_len; - size_t responder_ss_len; - - LOG_DBG("Test vector pointer: %p", (void *)p_test_vector); - - mbedtls_ecdh_context initiator_ctx; - mbedtls_ecdh_context responder_ctx; - - mbedtls_ecdh_init(&initiator_ctx); - mbedtls_ecdh_init(&responder_ctx); - - mbedtls_ecdh_context_mbed *initiator_mbed_ctx = &initiator_ctx.ctx.mbed_ecdh; - mbedtls_ecdh_context_mbed *responder_mbed_ctx = &responder_ctx.ctx.mbed_ecdh; - - err_code = mbedtls_ecp_group_load(&initiator_mbed_ctx->grp, - p_test_vector->curve_type); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecp_group_load(&responder_mbed_ctx->grp, - p_test_vector->curve_type); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - const char *initiator_publ_y; - const char *responder_publ_y; - if (p_test_vector->curve_type == MBEDTLS_ECP_DP_CURVE25519) { - /* This curve wants Q.X and Q.Y concatenated into Q.X. */ - /* This is done in the test vector source. */ - /* As the Y component is now within Q.X, Q.Y should be empty. */ - initiator_publ_y = ""; - responder_publ_y = ""; - } else { - initiator_publ_y = p_test_vector->p_initiator_publ_y; - responder_publ_y = p_test_vector->p_responder_publ_y; - } - - /* Prepare initator public and private datatypes. */ - err_code = - mbedtls_ecp_point_read_string(&initiator_mbed_ctx->Q, 16, - p_test_vector->p_initiator_publ_x, - initiator_publ_y); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_mpi_read_string(&initiator_mbed_ctx->d, 16, - p_test_vector->p_initiator_priv); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Prepare responder public and private datatypes. */ - err_code = - mbedtls_ecp_point_read_string(&responder_mbed_ctx->Q, 16, - p_test_vector->p_responder_publ_x, - responder_publ_y); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_mpi_read_string(&responder_mbed_ctx->d, 16, - p_test_vector->p_responder_priv); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - if (p_test_vector->curve_type == MBEDTLS_ECP_DP_CURVE25519) { - err_code = curve25519_ctx_fixup(&initiator_ctx.ctx.mbed_ecdh); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - err_code = curve25519_ctx_fixup(&responder_ctx.ctx.mbed_ecdh); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - } - - /* Validate keys if applicable. */ - if (p_test_vector->expected_result == EXPECTED_TO_PASS) { - err_code = mbedtls_ecp_check_pubkey(&initiator_mbed_ctx->grp, - &initiator_mbed_ctx->Q); - LOG_DBG("Error code pubkey check: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecp_check_privkey(&initiator_mbed_ctx->grp, - &initiator_mbed_ctx->d); - LOG_DBG("Error code privkey check: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecp_check_pubkey(&responder_mbed_ctx->grp, - &responder_mbed_ctx->Q); - LOG_DBG("Error code pubkey check: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecp_check_privkey(&responder_mbed_ctx->grp, - &responder_mbed_ctx->d); - LOG_DBG("Error code privkey check: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - } - - expected_ss_len = - hex2bin_safe(p_test_vector->p_expected_shared_secret, - m_ecdh_expected_ss_buf, - sizeof(m_ecdh_expected_ss_buf)); - - /* Execute ECDH on initiator side. */ - start_time_measurement(); - err_code = mbedtls_ecdh_compute_shared( - &initiator_mbed_ctx->grp, - &initiator_mbed_ctx->z, - &responder_mbed_ctx->Q, - &initiator_mbed_ctx->d, - drbg_random, - NULL); - stop_time_measurement(); - - LOG_DBG("Error code compute shared: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - initiator_ss_len = mbedtls_mpi_size(&initiator_mbed_ctx->z); - - err_code = mbedtls_mpi_write_binary( - &initiator_mbed_ctx->z, m_ecdh_initiator_ss_buf, expected_ss_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Execute ECDH on responder side. */ - err_code = mbedtls_ecdh_compute_shared( - &responder_mbed_ctx->grp, - &responder_mbed_ctx->z, - &initiator_mbed_ctx->Q, - &responder_mbed_ctx->d, - drbg_random, - NULL); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - responder_ss_len = mbedtls_mpi_size(&responder_mbed_ctx->z); - err_code = mbedtls_mpi_write_binary( - &responder_mbed_ctx->z, m_ecdh_responder_ss_buf, expected_ss_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Verify length of generated shared secrets. */ - TEST_VECTOR_ASSERT_EQUAL(expected_ss_len, initiator_ss_len); - TEST_VECTOR_ASSERT_EQUAL(expected_ss_len, responder_ss_len); - - /* Compare generated initiator shared secret to responder shared secret. */ - TEST_VECTOR_MEMCMP_ASSERT( - m_ecdh_initiator_ss_buf, m_ecdh_responder_ss_buf, - initiator_ss_len, p_test_vector->expected_result, - "Shared secret mismatch between responder and initiator"); - - /* Compare generated shared secret to expected shared secret. */ - TEST_VECTOR_MEMCMP_ASSERT( - m_ecdh_responder_ss_buf, m_ecdh_expected_ss_buf, - expected_ss_len, p_test_vector->expected_result, - "Shared secret mismatch between responder and expected"); - - /* Free the generated resources. */ - mbedtls_ecdh_free(&initiator_ctx); - mbedtls_ecdh_free(&responder_ctx); -} - -/**@brief Function for executing deterministic ECDH for responder. - */ -void exec_test_case_ecdh_deterministic(void) -{ - int err_code = -1; - - mbedtls_ecdh_context initiator_ctx; - mbedtls_ecdh_context responder_ctx; - - mbedtls_ecdh_init(&initiator_ctx); - mbedtls_ecdh_init(&responder_ctx); - - mbedtls_ecdh_context_mbed *initiator_mbed_ctx = &initiator_ctx.ctx.mbed_ecdh; - mbedtls_ecdh_context_mbed *responder_mbed_ctx = &responder_ctx.ctx.mbed_ecdh; - - err_code = mbedtls_ecp_group_load(&initiator_mbed_ctx->grp, - p_test_vector->curve_type); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecp_group_load(&responder_mbed_ctx->grp, - p_test_vector->curve_type); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Prepare initiator public key. */ - err_code = mbedtls_ecp_point_read_string( - &initiator_mbed_ctx->Q, 16, p_test_vector->p_initiator_publ_x, - p_test_vector->p_initiator_publ_y); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Prepare responder private key. */ - err_code = mbedtls_mpi_read_string(&responder_mbed_ctx->d, 16, - p_test_vector->p_responder_priv); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Validate keys if applicable. */ - if (p_test_vector->expected_result == EXPECTED_TO_PASS) { - err_code = mbedtls_ecp_check_pubkey(&initiator_mbed_ctx->grp, - &initiator_mbed_ctx->Q); - LOG_DBG("Error code pubkey check: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecp_check_privkey(&responder_mbed_ctx->grp, - &responder_mbed_ctx->d); - LOG_DBG("Error code privkey check: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - } - - start_time_measurement(); - err_code = mbedtls_ecdh_compute_shared( - &responder_mbed_ctx->grp, - &responder_mbed_ctx->z, - &initiator_mbed_ctx->Q, - &responder_mbed_ctx->d, - drbg_random, - NULL); - stop_time_measurement(); - - LOG_DBG("Error code ss computation: -0x%04X", -err_code); - LOG_DBG("Ss size expected: %d, actual: %d", expected_ss_len, - mbedtls_mpi_size(&responder_mbed_ctx->z)); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - err_code = mbedtls_mpi_write_binary( - &responder_mbed_ctx->z, m_ecdh_responder_ss_buf, expected_ss_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - TEST_VECTOR_MEMCMP_ASSERT(m_ecdh_responder_ss_buf, - m_ecdh_expected_ss_buf, expected_ss_len, - p_test_vector->expected_result, - "Shared secret not as expected"); - - /* Free the generated resources. */ - mbedtls_ecdh_free(&initiator_ctx); - mbedtls_ecdh_free(&responder_ctx); -} - -/** @brief Macro for registering the ECDH test case by using section variables. - */ -ITEM_REGISTER(test_case_ecdh_data, test_case_t test_ecdh) = { - .p_test_case_name = "ECDH random", - .setup = ecdh_setup_random, - .exec = exec_test_case_ecdh_random, - .teardown = teardown_pass, - .vector_type = TV_ECDH, - .vectors_start = __start_test_vector_ecdh_data_random, - .vectors_stop = __stop_test_vector_ecdh_data_random, -}; - -/** @brief Macro for registering the ECDH test case by using section variables. - */ -ITEM_REGISTER(test_case_ecdh_data, test_case_t test_ecdh_det) = { - .p_test_case_name = "ECDH deterministic", - .setup = ecdh_setup_deterministic_simple, - .exec = exec_test_case_ecdh_deterministic, - .teardown = teardown_pass, - .vector_type = TV_ECDH, - .vectors_start = __start_test_vector_ecdh_data_deterministic_simple, - .vectors_stop = __stop_test_vector_ecdh_data_deterministic_simple, -}; - -/** @brief Macro for registering the ECDH test case by using section variables. - */ -ITEM_REGISTER(test_case_ecdh_data, test_case_t test_ecdh_det_full) = { - .p_test_case_name = "ECDH deterministic full", - .setup = ecdh_setup_deterministic_full, - .exec = exec_test_case_ecdh_deterministic_full, - .teardown = teardown_pass, - .vector_type = TV_ECDH, - .vectors_start = __start_test_vector_ecdh_data_deterministic_full, - .vectors_stop = __stop_test_vector_ecdh_data_deterministic_full, -}; - -ZTEST_SUITE(test_suite_ecdh, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_ecdh, test_case_ecdh_random) -{ - ecdh_setup_random(); - exec_test_case_ecdh_random(); -} - -ZTEST(test_suite_ecdh, test_case_ecdh_deterministic) -{ - ecdh_setup_deterministic_simple(); - exec_test_case_ecdh_deterministic(); -} - -ZTEST(test_suite_ecdh, test_case_ecdh_deterministic_full) -{ - ecdh_setup_deterministic_full(); - exec_test_case_ecdh_deterministic_full(); -} diff --git a/tests/crypto/test_cases/test_ecdsa.c b/tests/crypto/test_cases/test_ecdsa.c deleted file mode 100644 index 993312dba634..000000000000 --- a/tests/crypto/test_cases/test_ecdsa.c +++ /dev/null @@ -1,379 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" - -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_ecdsa, LOG_LEVEL_INF); - -extern test_vector_ecdsa_verify_t __start_test_vector_ecdsa_verify_data[]; -extern test_vector_ecdsa_verify_t __stop_test_vector_ecdsa_verify_data[]; -extern test_vector_ecdsa_sign_t __start_test_vector_ecdsa_sign_data[]; -extern test_vector_ecdsa_sign_t __stop_test_vector_ecdsa_sign_data[]; -extern test_vector_ecdsa_random_t __start_test_vector_ecdsa_random_data[]; -extern test_vector_ecdsa_random_t __stop_test_vector_ecdsa_random_data[]; - -/* Should be equal to SHA512 digest size */ -#define ECDSA_MAX_INPUT_SIZE (64) - -static uint8_t m_ecdsa_input_buf[ECDSA_MAX_INPUT_SIZE]; - -static test_vector_ecdsa_verify_t *p_test_vector_verify; -static test_vector_ecdsa_sign_t *p_test_vector_sign; -static test_vector_ecdsa_random_t *p_test_vector_random; - -static size_t hash_len; - -void ecdsa_clear_buffers(void); -void unhexify_ecdsa_verify(void); -void unhexify_ecdsa_sign(void); -void unhexify_ecdsa_random(void); - -/**@brief Function for running the test setup. - */ -static void ecdsa_setup_verify(void) -{ - static int i; - - ecdsa_clear_buffers(); - p_test_vector_verify = ITEM_GET(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t, i++); - unhexify_ecdsa_verify(); -} - -static void ecdsa_setup_sign(void) -{ - static int i; - - ecdsa_clear_buffers(); - p_test_vector_sign = ITEM_GET(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t, i++); - unhexify_ecdsa_sign(); -} - -static void ecdsa_setup_random(void) -{ - static int i; - - ecdsa_clear_buffers(); - p_test_vector_random = ITEM_GET(test_vector_ecdsa_random_data, - test_vector_ecdsa_random_t, i++); - unhexify_ecdsa_random(); -} - -__attribute__((noinline)) void unhexify_ecdsa_verify(void) -{ - hash_len = hex2bin_safe(p_test_vector_verify->p_input, - m_ecdsa_input_buf, - sizeof(m_ecdsa_input_buf)); -} - -__attribute__((noinline)) void unhexify_ecdsa_sign(void) -{ - hash_len = hex2bin_safe(p_test_vector_sign->p_input, - m_ecdsa_input_buf, - sizeof(m_ecdsa_input_buf)); -} - -__attribute__((noinline)) void unhexify_ecdsa_random(void) -{ - hash_len = hex2bin_safe(p_test_vector_random->p_input, - m_ecdsa_input_buf, - sizeof(m_ecdsa_input_buf)); -} - -void ecdsa_clear_buffers(void) -{ - memset(m_ecdsa_input_buf, 0x00, sizeof(m_ecdsa_input_buf)); -} - -/**@brief Function for the ECDSA sign test execution. - */ -void exec_test_case_ecdsa_sign(void) -{ - int err_code = -1; - - /* Prepare signer context. */ - mbedtls_ecdsa_context ctx_sign; - mbedtls_ecdsa_init(&ctx_sign); - - err_code = mbedtls_ecp_group_load(&ctx_sign.grp, - p_test_vector_sign->curve_type); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Get public key. */ - err_code = mbedtls_ecp_point_read_string(&ctx_sign.Q, 16, - p_test_vector_sign->p_qx, - p_test_vector_sign->p_qy); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Get private key. */ - err_code = mbedtls_mpi_read_string(&ctx_sign.d, 16, - p_test_vector_sign->p_x); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Verify keys. */ - err_code = mbedtls_ecp_check_pubkey(&ctx_sign.grp, &ctx_sign.Q); - LOG_DBG("Error code pubkey check: 0x%04X", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecp_check_privkey(&ctx_sign.grp, &ctx_sign.d); - LOG_DBG("Error code privkey check: 0x%04X", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Prepare and generate the ECDSA signature. */ - /* Note: The contexts do not contain these (as is the case for e.g. Q), so simply share them here. */ - mbedtls_mpi r; - mbedtls_mpi s; - mbedtls_mpi_init(&r); - mbedtls_mpi_init(&s); - - start_time_measurement(); - - err_code = mbedtls_ecdsa_sign(&ctx_sign.grp, &r, &s, &ctx_sign.d, - m_ecdsa_input_buf, hash_len, - drbg_random, &drbg_ctx); - - stop_time_measurement(); - - /* Verify sign. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector_sign->expected_sign_err_code, - err_code); - - /* Prepare verification context. */ - mbedtls_ecdsa_context ctx_verify; - mbedtls_ecdsa_init(&ctx_verify); - - /* Transfer public EC information. */ - err_code = mbedtls_ecp_group_copy(&ctx_verify.grp, &ctx_sign.grp); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Transfer public key. */ - err_code = mbedtls_ecp_copy(&ctx_verify.Q, &ctx_sign.Q); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Verify the generated ECDSA signature by running the ECDSA verify. */ - err_code = mbedtls_ecdsa_verify(&ctx_verify.grp, m_ecdsa_input_buf, - hash_len, &ctx_verify.Q, &r, &s); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector_sign->expected_verify_err_code, - err_code); - - /* Free resources. */ - mbedtls_mpi_free(&r); - mbedtls_mpi_free(&s); - mbedtls_ecdsa_free(&ctx_sign); - mbedtls_ecdsa_free(&ctx_verify); -} - -/**@brief Function for the ECDSA verify test execution. - */ -void exec_test_case_ecdsa_verify(void) -{ - int err_code = -1; - - mbedtls_ecdsa_context ctx_verify; - mbedtls_ecdsa_init(&ctx_verify); - - err_code = mbedtls_ecp_group_load(&ctx_verify.grp, - p_test_vector_verify->curve_type); - if (err_code != 0) { - LOG_WRN("ecp group load error code: -0x%02X, curve type: %d", - -err_code, p_test_vector_verify->curve_type); - } - - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Get public key. */ - err_code = mbedtls_ecp_point_read_string(&ctx_verify.Q, 16, - p_test_vector_verify->p_qx, - p_test_vector_verify->p_qy); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* If not expected to succeed, keys might be bad on purpose. */ - if (p_test_vector_verify->expected_err_code == 0) { - /* Verify key. */ - err_code = mbedtls_ecp_check_pubkey(&ctx_verify.grp, - &ctx_verify.Q); - LOG_DBG("Error code pubkey check: 0x%04X", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - } - - /* Prepare and generate the ECDSA signature. */ - mbedtls_mpi r; - mbedtls_mpi s; - mbedtls_mpi_init(&r); - mbedtls_mpi_init(&s); - - err_code = mbedtls_mpi_read_string(&r, 16, p_test_vector_verify->p_r); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_mpi_read_string(&s, 16, p_test_vector_verify->p_s); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Verify the ECDSA signature by running the ECDSA verify. */ - start_time_measurement(); - err_code = mbedtls_ecdsa_verify(&ctx_verify.grp, m_ecdsa_input_buf, - hash_len, &ctx_verify.Q, &r, &s); - stop_time_measurement(); - - /* Verify the verification. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector_verify->expected_err_code, - err_code); - - /* Free the generated key. */ - mbedtls_mpi_free(&r); - mbedtls_mpi_free(&s); - mbedtls_ecdsa_free(&ctx_verify); -} - -/**@brief Function for the ECDSA random test execution. - */ -void exec_test_case_ecdsa_random(void) -{ - int err_code = -1; - - - /* Prepare signer context. */ - mbedtls_ecdsa_context ctx_sign; - mbedtls_ecdsa_init(&ctx_sign); - - /* Create a ECDSA key pair */ - err_code = mbedtls_ecdsa_genkey(&ctx_sign, - p_test_vector_random->curve_type, - drbg_random, &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Verify keys. */ - err_code = mbedtls_ecp_check_pubkey(&ctx_sign.grp, &ctx_sign.Q); - LOG_DBG("Error code pubkey check: 0x%04X", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecp_check_privkey(&ctx_sign.grp, &ctx_sign.d); - LOG_DBG("Error code privkey check: 0x%04X", err_code); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Prepare and generate the ECDSA signature. */ - /* Note: The contexts do not contain these (as is the case for e.g. Q), so simply share them here. */ - mbedtls_mpi r; - mbedtls_mpi s; - mbedtls_mpi_init(&r); - mbedtls_mpi_init(&s); - - start_time_measurement(); - err_code = mbedtls_ecdsa_sign(&ctx_sign.grp, &r, &s, &ctx_sign.d, - m_ecdsa_input_buf, hash_len, - drbg_random, &drbg_ctx); - stop_time_measurement(); - - /* Prepare verification context. */ - mbedtls_ecdsa_context ctx_verify; - mbedtls_ecdsa_init(&ctx_verify); - - /* Transfer public EC information. */ - err_code = mbedtls_ecp_group_copy(&ctx_verify.grp, &ctx_sign.grp); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Transfer public key. */ - err_code = mbedtls_ecp_copy(&ctx_verify.Q, &ctx_sign.Q); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Verify the generated ECDSA signature by running the ECDSA verify. */ - err_code = mbedtls_ecdsa_verify(&ctx_verify.grp, m_ecdsa_input_buf, - hash_len, &ctx_verify.Q, &r, &s); - - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Modify the signature value to induce a verification failure. */ - err_code = mbedtls_mpi_set_bit(&r, 0, !mbedtls_mpi_get_bit(&r, 0)); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecdsa_verify(&ctx_verify.grp, m_ecdsa_input_buf, - hash_len, &ctx_verify.Q, &r, &s); - - /* Verify failure. */ - TEST_VECTOR_ASSERT_NOT_EQUAL(0, err_code); - - - /* Free resources. */ - mbedtls_mpi_free(&r); - mbedtls_mpi_free(&s); - mbedtls_ecdsa_free(&ctx_sign); - mbedtls_ecdsa_free(&ctx_verify); -} - -/** @brief Macro for registering the ECDSA sign test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_ecdsa_data, test_case_t test_ecdsa_sign) = { - .p_test_case_name = "ECDSA Sign", - .setup = ecdsa_setup_sign, - .exec = exec_test_case_ecdsa_sign, - .teardown = teardown_pass, - .vector_type = TV_ECDSA_SIGN, - .vectors_start = __start_test_vector_ecdsa_sign_data, - .vectors_stop = __stop_test_vector_ecdsa_sign_data, -}; - -/** @brief Macro for registering the ECDSA verify test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_ecdsa_data, test_case_t test_ecdsa_verify) = { - .p_test_case_name = "ECDSA Verify", - .setup = ecdsa_setup_verify, - .exec = exec_test_case_ecdsa_verify, - .teardown = teardown_pass, - .vector_type = TV_ECDSA_VERIFY, - .vectors_start = __start_test_vector_ecdsa_verify_data, - .vectors_stop = __stop_test_vector_ecdsa_verify_data, -}; - -/** @brief Macro for registering the ECDSA random test case by using section variables. - * - * @details This macro places a variable in a section named "test_case_data", - * which is initialized by main. - */ -ITEM_REGISTER(test_case_ecdsa_data, test_case_t test_ecdsa_random) = { - .p_test_case_name = "ECDSA Random", - .setup = ecdsa_setup_random, - .exec = exec_test_case_ecdsa_random, - .teardown = teardown_pass, - .vector_type = TV_ECDSA_RANDOM, - .vectors_start = __start_test_vector_ecdsa_random_data, - .vectors_stop = __stop_test_vector_ecdsa_random_data, -}; - -ZTEST_SUITE(test_suite_ecdsa, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_ecdsa, test_case_ecdsa_sign) -{ - ecdsa_setup_sign(); - exec_test_case_ecdsa_sign(); -} - -ZTEST(test_suite_ecdsa, test_case_ecdsa_verify) -{ - ecdsa_setup_verify(); - exec_test_case_ecdsa_verify(); -} - -ZTEST(test_suite_ecdsa, test_case_ecdsa_random) -{ - ecdsa_setup_random(); - exec_test_case_ecdsa_random(); -} diff --git a/tests/crypto/test_cases/test_ecjpake.c b/tests/crypto/test_cases/test_ecjpake.c deleted file mode 100644 index 15852a27ee50..000000000000 --- a/tests/crypto/test_cases/test_ecjpake.c +++ /dev/null @@ -1,374 +0,0 @@ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * Methodology and test vectors for ECJPAKE taken from mbed TLS. - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_ecjpake, LOG_LEVEL_INF); - -#define ECJPAKE_SECRET_BUF_SIZE (32) -#define ECJPAKE_PASSWORD_BUF_SIZE (32) -#define ECJPAKE_PRIVKEY_BUF_SIZE (32) -#define ECJPAKE_MSG_BUF_SIZE (332) - -extern test_vector_ecjpake_t __start_test_vector_ecjpake_given_data[]; -extern test_vector_ecjpake_t __stop_test_vector_ecjpake_given_data[]; -extern test_vector_ecjpake_t __start_test_vector_ecjpake_random_data[]; -extern test_vector_ecjpake_t __stop_test_vector_ecjpake_random_data[]; - -static uint8_t m_secret_cli[ECJPAKE_SECRET_BUF_SIZE]; -static uint8_t m_secret_srv[ECJPAKE_SECRET_BUF_SIZE]; -static uint8_t m_expected_secret[ECJPAKE_SECRET_BUF_SIZE]; -static uint8_t m_password[ECJPAKE_PASSWORD_BUF_SIZE]; - -/* These correspond to ecp point components, see: - * https://tls.mbed.org/api/structmbedtls__ecjpake__context.html - */ -static uint8_t m_priv_key_cli_1[ECJPAKE_PRIVKEY_BUF_SIZE]; -static uint8_t m_priv_key_cli_2[ECJPAKE_PRIVKEY_BUF_SIZE]; -static uint8_t m_priv_key_srv_1[ECJPAKE_PRIVKEY_BUF_SIZE]; -static uint8_t m_priv_key_srv_2[ECJPAKE_PRIVKEY_BUF_SIZE]; - -/* These correspond to the different write/read rounds of ecjpake, see: - * https://tls.mbed.org/api/ecjpake_8h_source.html - */ -static uint8_t m_msg_cli_1[ECJPAKE_MSG_BUF_SIZE]; -static uint8_t m_msg_cli_2[ECJPAKE_MSG_BUF_SIZE]; -static uint8_t m_msg_srv_1[ECJPAKE_MSG_BUF_SIZE]; -static uint8_t m_msg_srv_2[ECJPAKE_MSG_BUF_SIZE]; - -static size_t secret_len; -static size_t password_len; -static size_t priv_key_cli_1_len; -static size_t priv_key_cli_2_len; -static size_t priv_key_srv_1_len; -static size_t priv_key_srv_2_len; -static size_t msg_cli_1_len; -static size_t msg_cli_2_len; -static size_t msg_srv_1_len; -static size_t msg_srv_2_len; - -static test_vector_ecjpake_t *p_test_vector; - -void ecjpake_clear_buffers(void); -void unhexify_ecjpake(void); - -void ecjpake_clear_buffers(void) -{ - memset(m_secret_cli, 0x00, sizeof(m_secret_cli)); - memset(m_secret_srv, 0x00, sizeof(m_secret_srv)); - memset(m_expected_secret, 0x00, sizeof(m_expected_secret)); - memset(m_password, 0x00, sizeof(m_password)); - - memset(m_priv_key_cli_1, 0x00, sizeof(m_priv_key_cli_1)); - memset(m_priv_key_cli_2, 0x00, sizeof(m_priv_key_cli_2)); - memset(m_priv_key_srv_1, 0x00, sizeof(m_priv_key_srv_1)); - memset(m_priv_key_srv_2, 0x00, sizeof(m_priv_key_srv_2)); - - memset(m_msg_cli_1, 0x00, sizeof(m_priv_key_cli_1)); - memset(m_msg_cli_2, 0x00, sizeof(m_priv_key_cli_2)); - memset(m_msg_srv_1, 0x00, sizeof(m_priv_key_srv_1)); - memset(m_msg_srv_2, 0x00, sizeof(m_priv_key_srv_2)); -} - -__attribute__((noinline)) void unhexify_ecjpake(void) -{ - secret_len = hex2bin_safe(p_test_vector->p_expected_shared_secret, - m_expected_secret, - sizeof(m_expected_secret)); - password_len = hex2bin_safe(p_test_vector->p_password, - m_password, - sizeof(m_password)); - - priv_key_cli_1_len = hex2bin_safe(p_test_vector->p_priv_key_client_1, - m_priv_key_cli_1, - sizeof(m_priv_key_cli_1)); - priv_key_cli_2_len = hex2bin_safe(p_test_vector->p_priv_key_client_2, - m_priv_key_cli_2, - sizeof(m_priv_key_cli_2)); - priv_key_srv_1_len = hex2bin_safe(p_test_vector->p_priv_key_server_1, - m_priv_key_srv_1, - sizeof(m_priv_key_srv_1)); - priv_key_srv_2_len = hex2bin_safe(p_test_vector->p_priv_key_server_2, - m_priv_key_srv_2, - sizeof(m_priv_key_srv_2)); - - msg_cli_1_len = hex2bin_safe(p_test_vector->p_round_message_client_1, - m_msg_cli_1, - sizeof(m_msg_cli_1)); - msg_cli_2_len = hex2bin_safe(p_test_vector->p_round_message_client_2, - m_msg_cli_2, - sizeof(m_msg_cli_2)); - msg_srv_1_len = hex2bin_safe(p_test_vector->p_round_message_server_1, - m_msg_srv_1, - sizeof(m_msg_srv_1)); - msg_srv_2_len = hex2bin_safe(p_test_vector->p_round_message_server_2, - m_msg_srv_2, - sizeof(m_msg_srv_2)); -} - -/* - * Key loading the same way mbedtls ECJPAKE test code does it. - * Private keys are loaded raw, public keys are then generated via - * EC multiplication. - */ -#if !defined(MBEDTLS_ECJPAKE_ALT) -static int ecjpake_test_load(mbedtls_ecjpake_context *ctx, - const unsigned char *xm1, size_t len1, - const unsigned char *xm2, size_t len2) -{ - int err_code; - - err_code = mbedtls_mpi_read_binary(&ctx->xm1, xm1, len1); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_mpi_read_binary(&ctx->xm2, xm2, len2); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - mbedtls_ecp_mul(&ctx->grp, &ctx->Xm1, &ctx->xm1, &ctx->grp.G, NULL, - NULL); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - mbedtls_ecp_mul(&ctx->grp, &ctx->Xm2, &ctx->xm2, &ctx->grp.G, NULL, - NULL); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - return err_code; -} -#else -extern int ecjpake_test_load(mbedtls_ecjpake_context *ctx, - const unsigned char *xm1, size_t len1, - const unsigned char *xm2, size_t len2); -#endif - -static void ecjpake_given_setup(void) -{ - static int i; - - ecjpake_clear_buffers(); - p_test_vector = ITEM_GET(test_vector_ecjpake_given_data, - test_vector_ecjpake_t, i++); - unhexify_ecjpake(); -} - -static void ecjpake_random_setup(void) -{ - static int i; - - ecjpake_clear_buffers(); - p_test_vector = ITEM_GET(test_vector_ecjpake_random_data, - test_vector_ecjpake_t, i++); - unhexify_ecjpake(); -} - -static void ecjpake_ctx_init(mbedtls_ecjpake_context *ctx, - mbedtls_ecjpake_role role) -{ - int err_code; - - mbedtls_ecjpake_init(ctx); - err_code = mbedtls_ecjpake_setup(ctx, role, MBEDTLS_MD_SHA256, - MBEDTLS_ECP_DP_SECP256R1, m_password, - password_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecjpake_check(ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); -} - -void exec_test_case_ecjpake_given(void) -{ - int err_code; - size_t len_ss_cli; - size_t len_ss_srv; - - mbedtls_ecjpake_context ctx_client; - mbedtls_ecjpake_context ctx_server; - - ecjpake_ctx_init(&ctx_client, MBEDTLS_ECJPAKE_CLIENT); - ecjpake_ctx_init(&ctx_server, MBEDTLS_ECJPAKE_SERVER); - - err_code = ecjpake_test_load(&ctx_client, m_priv_key_cli_1, - priv_key_cli_1_len, m_priv_key_cli_2, - priv_key_cli_2_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = ecjpake_test_load(&ctx_server, m_priv_key_srv_1, - priv_key_srv_1_len, m_priv_key_srv_2, - priv_key_srv_2_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - start_time_measurement(); - /* Round one. */ - err_code = mbedtls_ecjpake_read_round_one(&ctx_server, m_msg_cli_1, - msg_cli_1_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecjpake_read_round_one(&ctx_client, m_msg_srv_1, - msg_srv_1_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* - The keys are already given; go straight to reading next round. - */ - - /* Round two. */ - err_code = mbedtls_ecjpake_read_round_two(&ctx_client, m_msg_srv_2, - msg_srv_2_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecjpake_read_round_two(&ctx_server, m_msg_cli_2, - msg_cli_2_len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Derive secrets. */ - err_code = mbedtls_ecjpake_derive_secret( - &ctx_client, m_secret_cli, sizeof(m_secret_cli), &len_ss_cli, - drbg_random, &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecjpake_derive_secret( - &ctx_server, m_secret_srv, sizeof(m_secret_srv), &len_ss_srv, - drbg_random, &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(secret_len, len_ss_cli); - TEST_VECTOR_ASSERT_EQUAL(secret_len, len_ss_srv); - - TEST_VECTOR_MEMCMP_ASSERT( - m_secret_cli, m_expected_secret, secret_len, EXPECTED_TO_PASS, - "client secret should be equal to expected secret"); - - TEST_VECTOR_MEMCMP_ASSERT( - m_secret_srv, m_expected_secret, secret_len, EXPECTED_TO_PASS, - "server secret should be equal to expected secret"); - - mbedtls_ecjpake_free(&ctx_client); - mbedtls_ecjpake_free(&ctx_server); -} - -void exec_test_case_ecjpake_random(void) -{ - int err_code; - size_t len; - size_t len_ss_cli; - size_t len_ss_srv; - - mbedtls_ecjpake_context ctx_client; - mbedtls_ecjpake_context ctx_server; - - ecjpake_ctx_init(&ctx_client, MBEDTLS_ECJPAKE_CLIENT); - ecjpake_ctx_init(&ctx_server, MBEDTLS_ECJPAKE_SERVER); - - start_time_measurement(); - /* Round one. */ - err_code = mbedtls_ecjpake_write_round_one(&ctx_client, m_msg_cli_1, - sizeof(m_msg_cli_1), &len, - drbg_random, - &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = - mbedtls_ecjpake_read_round_one(&ctx_server, m_msg_cli_1, len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecjpake_write_round_one(&ctx_server, m_msg_srv_1, - sizeof(m_msg_srv_1), &len, - drbg_random, - &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = - mbedtls_ecjpake_read_round_one(&ctx_client, m_msg_srv_1, len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Round two. */ - err_code = mbedtls_ecjpake_write_round_two(&ctx_server, m_msg_srv_2, - sizeof(m_msg_srv_2), &len, - drbg_random, - &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = - mbedtls_ecjpake_read_round_two(&ctx_client, m_msg_srv_2, len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecjpake_write_round_two(&ctx_client, m_msg_cli_2, - sizeof(m_msg_cli_2), &len, - drbg_random, - &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = - mbedtls_ecjpake_read_round_two(&ctx_server, m_msg_cli_2, len); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Derive secrets. */ - err_code = mbedtls_ecjpake_derive_secret( - &ctx_client, m_secret_cli, sizeof(m_secret_cli), &len_ss_cli, - drbg_random, &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - err_code = mbedtls_ecjpake_derive_secret( - &ctx_server, m_secret_srv, sizeof(m_secret_srv), &len_ss_srv, - drbg_random, &drbg_ctx); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(len_ss_cli, len_ss_srv); - - TEST_VECTOR_MEMCMP_ASSERT(m_secret_cli, m_secret_srv, secret_len, - EXPECTED_TO_PASS, "secrets should be equal"); - - mbedtls_ecjpake_free(&ctx_client); - mbedtls_ecjpake_free(&ctx_server); -} - -ITEM_REGISTER(test_case_ecjpake_data, test_case_t test_ecjpake_given) = { - .p_test_case_name = "ECJPAKE given", - .setup = ecjpake_given_setup, - .exec = exec_test_case_ecjpake_given, - .teardown = teardown_pass, - .vector_type = TV_ECJPAKE, - .vectors_start = __start_test_vector_ecjpake_given_data, - .vectors_stop = __stop_test_vector_ecjpake_given_data, -}; - -ITEM_REGISTER(test_case_ecjpake_data, test_case_t test_ecjpake_random) = { - .p_test_case_name = "ECJPAKE random", - .setup = ecjpake_random_setup, - .exec = exec_test_case_ecjpake_random, - .teardown = teardown_pass, - .vector_type = TV_ECJPAKE, - .vectors_start = __start_test_vector_ecjpake_random_data, - .vectors_stop = __stop_test_vector_ecjpake_random_data, -}; - -ZTEST_SUITE(test_suite_ecjpake, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_ecjpake, test_case_ecjpake_given) -{ - ecjpake_given_setup(); - exec_test_case_ecjpake_given(); -} - -ZTEST(test_suite_ecjpake, test_case_ecjpake_random) -{ - ecjpake_random_setup(); - exec_test_case_ecjpake_random(); -} diff --git a/tests/crypto/test_cases/test_hkdf.c b/tests/crypto/test_cases/test_hkdf.c deleted file mode 100644 index bc80e8e2a354..000000000000 --- a/tests/crypto/test_cases/test_hkdf.c +++ /dev/null @@ -1,163 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_hkdf, LOG_LEVEL_INF); - -extern test_vector_hkdf_t __start_test_vector_hkdf_data[]; -extern test_vector_hkdf_t __stop_test_vector_hkdf_data[]; - -/* TODO: Possibly tune buffers which have lower size requirements */ -#define HKDF_BUF_SIZE (258) - -/* Input key material */ -static uint8_t m_hkdf_ikm_buf[HKDF_BUF_SIZE]; -/* Output key material */ -static uint8_t m_hkdf_okm_buf[HKDF_BUF_SIZE]; -/* Pseudo-random key (material) */ -static uint8_t m_hkdf_prk_buf[HKDF_BUF_SIZE]; -static uint8_t m_hkdf_salt_buf[HKDF_BUF_SIZE]; -static uint8_t m_hkdf_info_buf[HKDF_BUF_SIZE]; -static uint8_t m_hkdf_expected_okm_buf[HKDF_BUF_SIZE]; - -static uint8_t *p_hkdp_salt; -static uint8_t *p_hkdp_info; - -static test_vector_hkdf_t *p_test_vector; - -static size_t ikm_len; -static size_t okm_len; -static size_t prk_len; -static size_t salt_len; -static size_t info_len; -static size_t expected_okm_len; - -void hkdf_clear_buffers(void) -{ - memset(m_hkdf_ikm_buf, 0x00, sizeof(m_hkdf_ikm_buf)); - memset(m_hkdf_okm_buf, 0xFF, sizeof(m_hkdf_okm_buf)); - memset(m_hkdf_prk_buf, 0x00, sizeof(m_hkdf_prk_buf)); - memset(m_hkdf_salt_buf, 0x00, sizeof(m_hkdf_salt_buf)); - memset(m_hkdf_info_buf, 0x00, sizeof(m_hkdf_info_buf)); - memset(m_hkdf_expected_okm_buf, 0x00, sizeof(m_hkdf_expected_okm_buf)); -} - -__attribute__((noinline)) void unhexify_hkdf(void) -{ - /* Fetch and unhexify test vectors. */ - ikm_len = hex2bin_safe(p_test_vector->p_ikm, - m_hkdf_ikm_buf, - sizeof(m_hkdf_ikm_buf)); - prk_len = hex2bin_safe(p_test_vector->p_prk, - m_hkdf_prk_buf, - sizeof(m_hkdf_prk_buf)); - salt_len = hex2bin_safe(p_test_vector->p_salt, - m_hkdf_salt_buf, - sizeof(m_hkdf_salt_buf)); - info_len = hex2bin_safe(p_test_vector->p_info, - m_hkdf_info_buf, - sizeof(m_hkdf_info_buf)); - expected_okm_len = hex2bin_safe(p_test_vector->p_okm, - m_hkdf_expected_okm_buf, - sizeof(m_hkdf_expected_okm_buf)); - okm_len = expected_okm_len; - - p_hkdp_salt = (salt_len == 0) ? NULL : m_hkdf_salt_buf; - p_hkdp_info = (info_len == 0) ? NULL : m_hkdf_info_buf; -} - -void hkdf_setup(void) -{ - static uint32_t i; - - hkdf_clear_buffers(); - p_test_vector = - ITEM_GET(test_vector_hkdf_data, test_vector_hkdf_t, i++); - unhexify_hkdf(); -} - -/**@brief Function for the test execution. - */ -void exec_test_case_hkdf(void) -{ - int err_code = -1; - - /* Calculation of the HKDF extract and expand. */ - start_time_measurement(); - - const mbedtls_md_info_t *p_md_info = - mbedtls_md_info_from_type(p_test_vector->digest_type); - err_code = mbedtls_hkdf(p_md_info, p_hkdp_salt, salt_len, - m_hkdf_ikm_buf, ikm_len, m_hkdf_info_buf, - info_len, m_hkdf_okm_buf, okm_len); - stop_time_measurement(); - - LOG_DBG("Error code extract and expand: %d, expected: %d", err_code, - p_test_vector->expected_err_code); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated HKDF output key material. */ - TEST_VECTOR_ASSERT_EQUAL(expected_okm_len, okm_len); - TEST_VECTOR_MEMCMP_ASSERT(m_hkdf_okm_buf, m_hkdf_expected_okm_buf, - expected_okm_len, - p_test_vector->expected_result, - "Incorrect hkdf on extract and expand"); - - /* Verify that the next two bytes in buffer are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_hkdf_okm_buf, okm_len, - "OKM buffer overflow"); - - memset(m_hkdf_okm_buf, 0xFF, sizeof(m_hkdf_okm_buf)); - - /* Calculation of the HKDF expand only. */ - err_code = mbedtls_hkdf_expand(p_md_info, m_hkdf_prk_buf, prk_len, - m_hkdf_info_buf, info_len, - m_hkdf_okm_buf, okm_len); - - LOG_DBG("Error code expand: -0x%04X", -err_code); - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code_expand, - err_code); - - /* Verify the generated HKDF output key material. */ - TEST_VECTOR_ASSERT_EQUAL(expected_okm_len, okm_len); - TEST_VECTOR_MEMCMP_ASSERT(m_hkdf_okm_buf, m_hkdf_expected_okm_buf, - expected_okm_len, - p_test_vector->expected_result_expand, - "Incorrect hkdf on expand"); - - /* Verify that the next two bytes in buffer are not overwritten. */ - TEST_VECTOR_OVERFLOW_ASSERT(m_hkdf_okm_buf, okm_len, - "OKM buffer overflow on expand"); -} - -ITEM_REGISTER(test_case_hkdf_data, test_case_t test_hkdf) = { - .p_test_case_name = "HKDF", - .setup = hkdf_setup, - .exec = exec_test_case_hkdf, - .teardown = teardown_pass, - .vector_type = TV_HKDF, - .vectors_start = __start_test_vector_hkdf_data, - .vectors_stop = __stop_test_vector_hkdf_data, -}; - -#if defined(CONFIG_CRYPTO_TEST_HASH) -ZTEST_SUITE(test_suite_hkdf, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_hkdf, test_case_hkdf) -{ - hkdf_setup(); - exec_test_case_hkdf(); -} -#endif diff --git a/tests/crypto/test_cases/test_hmac.c b/tests/crypto/test_cases/test_hmac.c deleted file mode 100644 index 0cdcae060023..000000000000 --- a/tests/crypto/test_cases/test_hmac.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_hmac, LOG_LEVEL_INF); - -extern test_vector_hmac_t __start_test_vector_hmac_data[]; -extern test_vector_hmac_t __stop_test_vector_hmac_data[]; - -#define INPUT_BUF_SIZE (256) -#define OUTPUT_BUF_SIZE (64) -#define HMAC_SHA512_RESULT_SIZE (64) - -static mbedtls_md_context_t md_context; - -static uint8_t m_hmac_key_buf[INPUT_BUF_SIZE]; -static uint8_t m_hmac_input_buf[INPUT_BUF_SIZE]; -static uint8_t m_hmac_output_buf[OUTPUT_BUF_SIZE]; -static uint8_t m_hmac_expected_output_buf[OUTPUT_BUF_SIZE]; - -static test_vector_hmac_t *p_test_vector; -static uint32_t hmac_vector_n; -static uint32_t hmac_combined_vector_n; - -static size_t key_len; -static size_t in_len; -static size_t expected_hmac_len; -static size_t hmac_len; - -void hmac_clear_buffers(void); -void unhexify_hmac(void); - -static void hmac_setup(void) -{ - hmac_clear_buffers(); - p_test_vector = ITEM_GET(test_vector_hmac_data, test_vector_hmac_t, - hmac_vector_n); - unhexify_hmac(); -} - -static void hmac_teardown(void) -{ - hmac_vector_n++; -} - -static void hmac_combined_teardown(void) -{ - hmac_combined_vector_n++; -} - -void hmac_clear_buffers(void) -{ - memset(m_hmac_key_buf, 0x00, sizeof(m_hmac_key_buf)); - memset(m_hmac_input_buf, 0x00, sizeof(m_hmac_input_buf)); - memset(m_hmac_output_buf, 0x00, sizeof(m_hmac_output_buf)); - memset(m_hmac_expected_output_buf, 0x00, - sizeof(m_hmac_expected_output_buf)); -} - -__attribute__((noinline)) void unhexify_hmac(void) -{ - /* Fetch and unhexify test vectors. */ - key_len = hex2bin_safe(p_test_vector->p_key, - m_hmac_key_buf, - sizeof(m_hmac_key_buf)); - in_len = hex2bin_safe(p_test_vector->p_input, - m_hmac_input_buf, - sizeof(m_hmac_input_buf)); - expected_hmac_len = hex2bin_safe(p_test_vector->p_expected_output, - m_hmac_expected_output_buf, - sizeof(m_hmac_expected_output_buf)); - hmac_len = expected_hmac_len; -} - -/**@brief Function for the test execution. - */ -void exec_test_case_hmac(void) -{ - int err_code = -1; - - /* Initialize the HMAC module. */ - mbedtls_md_init(&md_context); - - const mbedtls_md_info_t *p_md_info = - mbedtls_md_info_from_type(p_test_vector->digest_type); - err_code = mbedtls_md_setup(&md_context, p_md_info, 1); - if (err_code != 0) { - LOG_WRN("mb setup ec: -0x%02X", -err_code); - } - TEST_VECTOR_ASSERT_EQUAL(err_code, 0); - - start_time_measurement(); - err_code = mbedtls_md_hmac_starts(&md_context, m_hmac_key_buf, key_len); - TEST_VECTOR_ASSERT_EQUAL(err_code, 0); - - err_code = - mbedtls_md_hmac_update(&md_context, m_hmac_input_buf, in_len); - TEST_VECTOR_ASSERT_EQUAL(err_code, 0); - - /* Finalize the HMAC computation. */ - err_code = mbedtls_md_hmac_finish(&md_context, m_hmac_output_buf); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated HMAC. */ - TEST_VECTOR_ASSERT_EQUAL(expected_hmac_len, hmac_len); - TEST_VECTOR_MEMCMP_ASSERT(m_hmac_output_buf, m_hmac_expected_output_buf, - expected_hmac_len, - p_test_vector->expected_result, - "Incorrect hmac"); - - mbedtls_md_free(&md_context); -} - -/**@brief Function for the test execution. - */ -void exec_test_case_hmac_combined(void) -{ - int err_code = -1; - - /* Generate the HMAC using the combined method. */ - const mbedtls_md_info_t *p_md_info = - mbedtls_md_info_from_type(p_test_vector->digest_type); - start_time_measurement(); - err_code = mbedtls_md_hmac(p_md_info, m_hmac_key_buf, key_len, - m_hmac_input_buf, in_len, m_hmac_output_buf); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - TEST_VECTOR_ASSERT_EQUAL(expected_hmac_len, hmac_len); - TEST_VECTOR_MEMCMP_ASSERT(m_hmac_output_buf, m_hmac_expected_output_buf, - expected_hmac_len, - p_test_vector->expected_result, - "Incorrect hmac"); -} - -ITEM_REGISTER(test_case_hmac_data, test_case_t test_hmac) = { - .p_test_case_name = "HMAC", - .setup = hmac_setup, - .exec = exec_test_case_hmac, - .teardown = hmac_teardown, - .vector_type = TV_HMAC, - .vectors_start = __start_test_vector_hmac_data, - .vectors_stop = __stop_test_vector_hmac_data, -}; - -ITEM_REGISTER(test_case_hmac_data, test_case_t test_hmac_combined) = { - .p_test_case_name = "HMAC combined", - .setup = hmac_setup, - .exec = exec_test_case_hmac_combined, - .teardown = hmac_combined_teardown, - .vector_type = TV_HMAC, - .vectors_start = __start_test_vector_hmac_data, - .vectors_stop = __stop_test_vector_hmac_data, -}; - -#if defined(CONFIG_CRYPTO_TEST_HASH) -ZTEST_SUITE(test_suite_hmac, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_hmac, test_case_hmac) -{ - hmac_setup(); - exec_test_case_hmac(); - hmac_teardown(); -} - -ZTEST(test_suite_hmac, test_case_hmac_combined) -{ - hmac_setup(); - exec_test_case_hmac_combined(); - hmac_combined_teardown(); -} -#endif diff --git a/tests/crypto/test_cases/test_sha_256.c b/tests/crypto/test_cases/test_sha_256.c deleted file mode 100644 index 64d04a1bcbcf..000000000000 --- a/tests/crypto/test_cases/test_sha_256.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_sha_256, LOG_LEVEL_INF); - -extern test_vector_hash_t __start_test_vector_hash_256_data[]; -extern test_vector_hash_t __stop_test_vector_hash_256_data[]; - -extern test_vector_hash_t __start_test_vector_hash_256_long_data[]; -extern test_vector_hash_t __stop_test_vector_hash_256_long_data[]; - -#if defined(CONFIG_CRYPTO_TEST_LARGE_VECTORS) -#define INPUT_BUF_SIZE (4125) -#else -#define INPUT_BUF_SIZE (512) -#endif /* CRYPTO_TEST_LARGE_VECTORS */ - -#define OUTPUT_BUF_SIZE (64) - -static mbedtls_sha256_context sha256_context; - -static uint8_t m_sha_input_buf[INPUT_BUF_SIZE]; -static uint8_t m_sha_output_buf[OUTPUT_BUF_SIZE]; -static uint8_t m_sha_expected_output_buf[OUTPUT_BUF_SIZE]; - -static test_vector_hash_t *p_test_vector; -static uint32_t sha_vector_n; -static uint32_t sha_long_vector_n; - -static size_t in_len; -static size_t out_len; -static size_t expected_out_len; - -void sha_256_clear_buffers(void); -void unhexify_sha_256(void); -void unhexify_sha_256_long(void); - -void sha_256_clear_buffers(void) -{ - memset(m_sha_input_buf, 0x00, sizeof(m_sha_input_buf)); - memset(m_sha_output_buf, 0x00, sizeof(m_sha_output_buf)); - memset(m_sha_expected_output_buf, 0x00, - sizeof(m_sha_expected_output_buf)); -} - -static void sha_256_setup(void) -{ - sha_256_clear_buffers(); - p_test_vector = ITEM_GET(test_vector_hash_256_data, test_vector_hash_t, - sha_vector_n); - unhexify_sha_256(); -} - -static void sha_256_teardown(void) -{ - sha_vector_n++; -} - -static void sha_256_long_setup(void) -{ - sha_256_clear_buffers(); - p_test_vector = ITEM_GET(test_vector_hash_256_long_data, - test_vector_hash_t, sha_long_vector_n); - unhexify_sha_256_long(); -} - -static void sha_256_long_teardown(void) -{ - sha_long_vector_n++; -} - -__attribute__((noinline)) void unhexify_sha_256(void) -{ - /* Fetch and unhexify test vectors. */ - in_len = hex2bin_safe(p_test_vector->p_input, - m_sha_input_buf, - sizeof(m_sha_input_buf)); - expected_out_len = hex2bin_safe(p_test_vector->p_expected_output, - m_sha_expected_output_buf, - sizeof(m_sha_expected_output_buf)); - out_len = expected_out_len; -} - -__attribute__((noinline)) void unhexify_sha_256_long(void) -{ - /* Fetch and unhexify test vectors. */ - in_len = p_test_vector->chunk_length; - expected_out_len = hex2bin_safe(p_test_vector->p_expected_output, - m_sha_expected_output_buf, - sizeof(m_sha_expected_output_buf)); - out_len = expected_out_len; - memcpy(m_sha_input_buf, p_test_vector->p_input, in_len); -} - -/**@brief Function encapsulating sha256 execution steps. - * - */ -static int exec_sha256(test_vector_hash_t *p_test_vector, int in_len, - bool is_long) -{ - mbedtls_sha256_init(&sha256_context); - int err_code = mbedtls_sha256_starts(&sha256_context, false); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Update the hash. */ - if (!is_long) { - err_code = mbedtls_sha256_update(&sha256_context, - m_sha_input_buf, in_len); - } else { - /* Update the hash until all input data is processed. */ - for (int j = 0; j < p_test_vector->update_iterations; j++) { - /* Test mode for measuring the memcpy from the flash in SHA. */ - if (p_test_vector->mode == DO_MEMCPY) { - memcpy(m_sha_input_buf, p_test_vector->p_input, - 4096); - } - - err_code = mbedtls_sha256_update( - &sha256_context, m_sha_input_buf, in_len); - TEST_VECTOR_ASSERT_EQUAL( - p_test_vector->expected_err_code, err_code); - } - } - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Finalize the hash. */ - return mbedtls_sha256_finish(&sha256_context, m_sha_output_buf); -} - -/**@brief Function for verifying the SHA digest of messages. - */ -void exec_test_case_sha_256(void) -{ - int err_code = -1; - - start_time_measurement(); - err_code = exec_sha256(p_test_vector, in_len, false); - stop_time_measurement(); - - /* Verify the mbedtls_sha256_finish_ret err_code. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated digest. */ - TEST_VECTOR_ASSERT_EQUAL(expected_out_len, out_len); - TEST_VECTOR_MEMCMP_ASSERT(m_sha_output_buf, m_sha_expected_output_buf, - expected_out_len, - p_test_vector->expected_result, - "Incorrect hash"); - - /* Do the same in a single step */ - err_code = mbedtls_sha256(m_sha_input_buf, in_len, m_sha_output_buf, - false); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated digest. */ - TEST_VECTOR_ASSERT_EQUAL(expected_out_len, out_len); - TEST_VECTOR_MEMCMP_ASSERT(m_sha_output_buf, m_sha_expected_output_buf, - expected_out_len, - p_test_vector->expected_result, - "Incorrect hash"); - - mbedtls_sha256_free(&sha256_context); -} - -/**@brief Function for verifying the SHA digest of long messages. - */ -void exec_test_case_sha_256_long(void) -{ - int err_code = -1; - - start_time_measurement(); - err_code = exec_sha256(p_test_vector, in_len, true); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated digest. */ - TEST_VECTOR_ASSERT_EQUAL(expected_out_len, out_len); - TEST_VECTOR_MEMCMP_ASSERT(m_sha_output_buf, m_sha_expected_output_buf, - expected_out_len, - p_test_vector->expected_result, - "Incorrect hash"); - - mbedtls_sha256_free(&sha256_context); -} - -ITEM_REGISTER(test_case_sha_256_data, test_case_t test_sha_256) = { - .p_test_case_name = "SHA 256", - .setup = sha_256_setup, - .exec = exec_test_case_sha_256, - .teardown = sha_256_teardown, - .vector_type = TV_HASH, - .vectors_start = __start_test_vector_hash_256_data, - .vectors_stop = __stop_test_vector_hash_256_data, -}; - -ITEM_REGISTER(test_case_sha_256_data, test_case_t test_sha_256_long) = { - .p_test_case_name = "SHA 256 long", - .setup = sha_256_long_setup, - .exec = exec_test_case_sha_256_long, - .teardown = sha_256_long_teardown, - .vector_type = TV_HASH, - .vectors_start = __start_test_vector_hash_256_long_data, - .vectors_stop = __stop_test_vector_hash_256_long_data, -}; - -#if defined(CONFIG_CRYPTO_TEST_HASH) -ZTEST_SUITE(test_suite_sha_256, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_sha_256, test_case_sha_256) -{ - sha_256_setup(); - exec_test_case_sha_256(); - sha_256_teardown(); -} - -ZTEST(test_suite_sha_256, test_case_sha_256_long) -{ - sha_256_long_setup(); - exec_test_case_sha_256_long(); - sha_256_long_teardown(); -} -#endif diff --git a/tests/crypto/test_cases/test_sha_512.c b/tests/crypto/test_cases/test_sha_512.c deleted file mode 100644 index 09ed3b5bdca5..000000000000 --- a/tests/crypto/test_cases/test_sha_512.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include - -#include "common_test.h" -#include -#include - -/* Setting LOG_LEVEL_DBG might affect time measurements! */ -LOG_MODULE_REGISTER(test_sha_512, LOG_LEVEL_INF); - -extern test_vector_hash_t __start_test_vector_hash_512_data[]; -extern test_vector_hash_t __stop_test_vector_hash_512_data[]; - -extern test_vector_hash_t __start_test_vector_hash_512_long_data[]; -extern test_vector_hash_t __stop_test_vector_hash_512_long_data[]; - -#if defined(CONFIG_CRYPTO_TEST_LARGE_VECTORS) -#define INPUT_BUF_SIZE (4125) -#else -#define INPUT_BUF_SIZE (512) -#endif // CRYPTO_TEST_LARGE_VECTORS - -#define OUTPUT_BUF_SIZE (64) - -static mbedtls_sha512_context sha512_context; - -static uint8_t m_sha_input_buf[INPUT_BUF_SIZE]; -static uint8_t m_sha_output_buf[OUTPUT_BUF_SIZE]; -static uint8_t m_sha_expected_output_buf[OUTPUT_BUF_SIZE]; - -static test_vector_hash_t *p_test_vector; -static uint32_t sha_vector_n; -static uint32_t sha_long_vector_n; - -static size_t in_len; -static size_t out_len; -static size_t expected_out_len; - -void sha_512_clear_buffers(void); -void unhexify_sha_512(void); -void unhexify_sha_512_long(void); - -static void sha_512_setup(void) -{ - sha_512_clear_buffers(); - p_test_vector = ITEM_GET(test_vector_hash_512_data, test_vector_hash_t, - sha_vector_n); - unhexify_sha_512(); -} - -static void sha_512_teardown(void) -{ - sha_vector_n++; -} - -static void sha_512_long_setup(void) -{ - sha_512_clear_buffers(); - p_test_vector = ITEM_GET(test_vector_hash_512_long_data, - test_vector_hash_t, sha_long_vector_n); - unhexify_sha_512_long(); -} - -static void sha_512_long_teardown(void) -{ - sha_long_vector_n++; -} - -void sha_512_clear_buffers(void) -{ - memset(m_sha_input_buf, 0x00, sizeof(m_sha_input_buf)); - memset(m_sha_output_buf, 0x00, sizeof(m_sha_output_buf)); - memset(m_sha_expected_output_buf, 0x00, - sizeof(m_sha_expected_output_buf)); -} - -__attribute__((noinline)) void unhexify_sha_512(void) -{ - /* Fetch and unhexify test vectors. */ - in_len = hex2bin_safe(p_test_vector->p_input, - m_sha_input_buf, - sizeof(m_sha_input_buf)); - expected_out_len = hex2bin_safe(p_test_vector->p_expected_output, - m_sha_expected_output_buf, - sizeof(m_sha_expected_output_buf)); - out_len = expected_out_len; -} - -__attribute__((noinline)) void unhexify_sha_512_long(void) -{ - /* Fetch and unhexify test vectors. */ - in_len = p_test_vector->chunk_length; - expected_out_len = hex2bin_safe(p_test_vector->p_expected_output, - m_sha_expected_output_buf, - sizeof(m_sha_expected_output_buf)); - out_len = expected_out_len; - memcpy(m_sha_input_buf, p_test_vector->p_input, in_len); -} - -/**@brief Function encapsulating sha512 execution steps. - * - */ -static int exec_sha_512(test_vector_hash_t *p_test_vector, int in_len, - bool is_long) -{ - mbedtls_sha512_init(&sha512_context); - int err_code = mbedtls_sha512_starts(&sha512_context, false); - TEST_VECTOR_ASSERT_EQUAL(0, err_code); - - /* Update the hash. */ - if (!is_long) { - err_code = mbedtls_sha512_update(&sha512_context, - m_sha_input_buf, in_len); - } else { - /* Update the hash until all input data is processed. */ - for (int j = 0; j < p_test_vector->update_iterations; j++) { - /* Test mode for measuring the memcpy from the flash in SHA. */ - if (p_test_vector->mode == DO_MEMCPY) { - memcpy(m_sha_input_buf, p_test_vector->p_input, - 4096); - } - - err_code = mbedtls_sha512_update( - &sha512_context, m_sha_input_buf, in_len); - TEST_VECTOR_ASSERT_EQUAL( - p_test_vector->expected_err_code, err_code); - } - } - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Finalize the hash. */ - return mbedtls_sha512_finish(&sha512_context, m_sha_output_buf); -} - -/**@brief Function for verifying the SHA digest of messages. - */ -void exec_test_case_sha_512(void) -{ - int err_code = -1; - - start_time_measurement(); - err_code = exec_sha_512(p_test_vector, in_len, false); - stop_time_measurement(); - - /* Verify the mbedtls_sha512_finish_ret err_code. */ - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated digest. */ - TEST_VECTOR_ASSERT_EQUAL(expected_out_len, out_len); - TEST_VECTOR_MEMCMP_ASSERT(m_sha_output_buf, m_sha_expected_output_buf, - expected_out_len, - p_test_vector->expected_result, - "Incorrect hash"); - - /* Do the same in a single step */ - err_code = mbedtls_sha512(m_sha_input_buf, in_len, m_sha_output_buf, - false); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated digest. */ - TEST_VECTOR_ASSERT_EQUAL(expected_out_len, out_len); - TEST_VECTOR_MEMCMP_ASSERT(m_sha_output_buf, m_sha_expected_output_buf, - expected_out_len, - p_test_vector->expected_result, - "Incorrect hash"); - - mbedtls_sha512_free(&sha512_context); -} - -/**@brief Function for verifying the SHA digest of long messages. - */ -void exec_test_case_sha_512_long(void) -{ - int err_code = -1; - - start_time_measurement(); - err_code = exec_sha_512(p_test_vector, in_len, true); - stop_time_measurement(); - - TEST_VECTOR_ASSERT_EQUAL(p_test_vector->expected_err_code, err_code); - - /* Verify the generated digest. */ - TEST_VECTOR_ASSERT_EQUAL(expected_out_len, out_len); - TEST_VECTOR_MEMCMP_ASSERT(m_sha_output_buf, m_sha_expected_output_buf, - expected_out_len, - p_test_vector->expected_result, - "Incorrect hash"); - - mbedtls_sha512_free(&sha512_context); -} - -ITEM_REGISTER(test_case_sha_512_data, test_case_t test_sha_512) = { - .p_test_case_name = "SHA 512", - .setup = sha_512_setup, - .exec = exec_test_case_sha_512, - .teardown = sha_512_teardown, - .vector_type = TV_HASH, - .vectors_start = __start_test_vector_hash_512_data, - .vectors_stop = __stop_test_vector_hash_512_data, -}; - -ITEM_REGISTER(test_case_sha_512_data, test_case_t test_sha_512_long) = { - .p_test_case_name = "SHA 512 long", - .setup = sha_512_long_setup, - .exec = exec_test_case_sha_512_long, - .teardown = sha_512_long_teardown, - .vector_type = TV_HASH, - .vectors_start = __start_test_vector_hash_512_long_data, - .vectors_stop = __stop_test_vector_hash_512_long_data, -}; - -#if defined(CONFIG_CRYPTO_TEST_HASH) -ZTEST_SUITE(test_suite_sha_512, NULL, NULL, NULL, NULL, NULL); - -ZTEST(test_suite_sha_512, test_case_sha_256) -{ - sha_512_setup(); - exec_test_case_sha_512(); - sha_512_teardown(); -} - -ZTEST(test_suite_sha_512, test_case_sha_256_long) -{ - sha_512_long_setup(); - exec_test_case_sha_512_long(); - sha_512_long_teardown(); -} -#endif diff --git a/tests/crypto/test_cases/test_vectors.c b/tests/crypto/test_cases/test_vectors.c deleted file mode 100644 index eb7596e00db9..000000000000 --- a/tests/crypto/test_cases/test_vectors.c +++ /dev/null @@ -1,1002 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include -#include -#include -#include -#include -#include - -/* - * Use this file to only run a small set of test vectors. - * This file will only be relevant if the correct option is set with cmake: - * cmake -GNinja -DBOARD=nrf52840dk/nrf52840 -DREDUCED_TEST_SUITE=1 .. - */ - -#if defined(MBEDTLS_CCM_C) - -/* AES CCM - Custom test vector 1 - Invalid behavior test for AES plaintext and AD. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c18) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 message_len=0 ad_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "", - .p_nonce = "00000003020100a0a1a2a3a4a5", - .p_mac = "f48122034d40c898" -}; - -/* AES CCM - Custom test vector 2 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c19) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt Invalid ciphertext"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "688c979a61c663d2f066d0c2c0f989806d5f6b61dac384", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "00000003020100a0a1a2a3a4a5", - .p_mac = "17e8d12cfdf926e0" -}; - -/* AES CCM - Custom test vector 3 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c20) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = - EXPECTED_TO_FAIL, /* Generated plaintext will be incorrect. */ - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt Invalid MAC"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "588c979a61c663d2f066d0c2c0f989806d5f6b61dac384", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "00000003020100a0a1a2a3a4a5", - .p_mac = "27e8d12cfdf926e0" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_star_128_inv_c7) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = MBEDTLS_ERR_CCM_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Decrypt Invalid ciphertext"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "a6b87289284ed8779e98a5bf55d16f00", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "a3fd8b8dae862dc5" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_star_128_inv_c5) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = MBEDTLS_ERR_CCM_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CCM STAR 128 Decrypt with invalid AES key"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "96b87289284ed8779e98a5bf55d16f00", - .p_key = "e1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "a3fd8b8dae862dc5" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_star_128_inv_c6) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = MBEDTLS_ERR_CCM_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Decrypt Invalid MAC"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "96b87289284ed8779e98a5bf55d16f00", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "b3fd8b8dae862dc5" -}; - -#endif - -#if defined(MBEDTLS_CHACHAPOLY_C) -/* Multiple used ChaCha Poly test vectors. */ -const char chachapoly_plain_114[] = { - "4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f6620" - "2739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e65207469" - "7020666f7220746865206675747572652c2073756e73637265656e20776f756c6420626520" - "69742e" -}; -const char chachapoly_cipher_114[] = { - "d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8c" - "a9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803" - "aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec6" - "4b6116" -}; -const char chachapoly_key[] = { - "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f" -}; -const char chachapoly_ad[] = { "50515253c0c1c2c3c4c5c6c7" }; -const char chachapoly_nonce[] = { "070000004041424344454647" }; -const char chachapoly_mac[] = { "1ae10b594f09e26a7e902ecbd0600691" }; -const char chachapoly_invalid_key[] = { - "908182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f" -}; -const char chachapoly_invalid_mac[] = { "2ae10b594f09e26a7e902ecbd0600691" }; - -/* ChaCha Poly - RFC 7539 - section A.5 */ -ITEM_REGISTER(test_vector_aead_chachapoly_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_full_1) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly message_len=265 ad_len=12"), - .p_plaintext = - "496e7465726e65742d4472616674732061726520647261667420646f63756d656e7473" - "2076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320" - "616e64206d617920626520757064617465642c207265706c616365642c206f72206f62" - "736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074" - "696d652e20497420697320696e617070726f70726961746520746f2075736520496e74" - "65726e65742d447261667473206173207265666572656e6365206d6174657269616c20" - "6f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c77" - "6f726b20696e2070726f67726573732e2fe2809d", - .p_ciphertext = - "64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc" - "18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b" - "97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c1" - "86324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216" - "cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc54" - "6a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb" - "4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2e" - "da04df997b714d6c6f2c29a6ad5cb4022b02709b", - .p_key = - "1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0", - .p_ad = "f33388860000000000004e91", - .p_nonce = "000000000102030405060708", - .p_mac = "eead9d67890cbb22392336fea1851f38" -}; - -/* ChaCha Poly - RFC 7539 - section 2.8.2 */ -ITEM_REGISTER(test_vector_aead_chachapoly_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_full_2) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly message_len=114 ad_len=12"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_key, - .p_ad = chachapoly_ad, - .p_nonce = chachapoly_nonce, - .p_mac = chachapoly_mac -}; - -/* ChaCha Poly - Based on RFC 7539 - section 2.8.2 */ -/* Update: See RFC 7539 2.8. Quote concerning lengths: "Arbitrary length additional authenticated data (AAD)" */ -/* Therefore this should be expected to be valid, not invalid. */ -ITEM_REGISTER(test_vector_aead_chachapoly_simple_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_ad0_valid) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly Valid ad_len=0"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_key, - .p_ad = "", - .p_nonce = chachapoly_nonce, - .p_mac = chachapoly_mac -}; -#endif - -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt15) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 1"), - .p_plaintext = "3fe7811a8224a1881da34a27e03da86a", - .p_ciphertext = "2975341596f99a22f85a48272d089357", - .p_key = - "f65818c25506e571ea4778e71b838ab24d3d6a318670885ded4761c2214ae08c", - .p_ad = "f16c6a6a94a09f7936c718ca182f0e2d8b90de8edecec7257354a02539bee9d232" - "c04b25d6fcc081e8852d834b7044cfec8b0073c62fc676b6d062693b99e791ddc6" - "292bee1f5dc39acc18b06bf5c73a64772195b89659b87275", - .p_nonce = - "f3d6c665c371db5c8d69ab46ac53eabfd4481a337d005bd0204f5838d770a1bb986808" - "2542b43732d371c7786ab5e3fa217176f959ede631e373488c996c03c00496ff468cc9" - "a2a15700e3aef82ae01f598f703e55da6d6cc9cace3c1f2adf6973af9f7f19dd903d7d" - "0670bc082ec0e97c244426910b6c8e85358eaea8a9807b", - .p_mac = "f260536b28c1220940044c3593" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt16) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 1"), - .p_plaintext = "32f7cc94968659f34f23bda8117f065e", - .p_ciphertext = "8700601301096fbfe50b413a8059202d", - .p_key = - "fb9cf2d324f5ca351b37d960f314d602d33c01b21be3fcbe0e5a3c55eb9f7d74", - .p_ad = "b0b6f49d881e0af5d879219d7acdd8efd7c2561ee5516de0cc32b61d1c8abd9629" - "bfed1bfdd3cb73e3b39d480af6ea7f9c823f55512a8013ac92b6f3b13efe707dd0" - "8c4349e6e15bb2fd6ea4cd6de69b8f1b1c290353ea6ec548", - .p_nonce = - "53571073c7deffe06b42e3a5cd0d0574ff9ba8afb2fa504420d5fbb1fc6c6aec70b412" - "d40e4e0e0c0abccda8830d3aa6dcb14514f1648b13920a1cf0bc0dfc7ef26d9304f8c1" - "a2858c5ae18993120508ead1f6aa1f7f5ed3f470b203045e9d3d97b493c7d6991061d6" - "2555c90bdbd46fa5fe40a4e762361c951f05ee3ce4dd1a", - .p_mac = "247b1c2705c6300785ff514d58" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt17) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 2"), - .p_plaintext = "32f7cc94968659f34f23bda8117f065e", - .p_ciphertext = "5bfb289d9832cc5dffce4d1d33357951", - .p_key = - "b21ef6860b889efdc04ee1cbae0e84a4f31ac9369b01caa901e873ee6f970839", - .p_ad = "d721291424b17f9ca4f059f208dd7908cdcfd50681641c8dfca185c89e7f1ecf17" - "61bc32b492d8e5ce9cd873cd18a778595fd9b53878634b285f5383a79e01abf654" - "2abffbf4f67347193740f73c3dbac654398027315280e2d5", - .p_nonce = - "7657f649159a91a7f953e323c236a62f678dab54dd5ae8381419fbcb0ce3d3ec358d46" - "fba5e4dc67cf4157bc6a8f42bc4b1d8624c0b9501f00146e628cecc6580aff6d1bf59f" - "5667f3005b2636f4333930b07f8e814966fce1740919d1f3befa418a81693c0be066b1" - "d17ede09ef36b35b1d908608aeb7ea77d03eec9936736b", - .p_mac = "8eac04b744d91e7b2c5a6ed792" -}; -#endif -#endif - -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_MODE_CTR) -const char ctr_long_plain[] = { - "d8571a7c14be149a0e94fc6c0d8ec2fa0d55510787762e41726d33f96d45f909194fe52571" - "b7dd556a6016f8063cf1bd1601b4cac12814adf097d20c01ebc74e6ff786895ac85aca48cf" - "982eb089eed94d0c3f1f33156a01fa7675154971756fa63493cc0d587ff3d2895c782618a6" - "7f8f7003b7c7fee18e609cc159ad99bc70bc16fda7e01f8352d9a628c861cd97b82b7ebd83" - "7506a5a14a94e8e7db0589cb5ef10c3808977accc1f261d2e87a5e4556a626a388b83349f3" - "75b79a35297c294a0deb0dff4c414235a4c3d799a602eb3633d655725e084421c20e5415a1" - "f11765514d1d8d8800617e3c26cbbe71cc423305f62c4c770bffec44" -}; -const char ctr_128_long_cipher[] = { - "34dbc50f8cde682afc46ea19e710631e3b7e2d3be0057f226acd442e91158aa77363265d09" - "3eea1ad4d4dee311869df9fe9d8d5531d98c6b249de3d714876cb0dffac1714e42cbc4b8a7" - "a8b920c24bdb15957b457ef46bf4e9bca48d34f89c749ded3fb54486540ab7e0f04065e0d4" - "3df2eacd37803db28775c679f15d1c2bc10b8a4481a0f1cbc54c091edd4b7e6183513cd2f5" - "f8bf4049562120a9ac4844e6f35141df20baf912999cb557e2e9d1501b8497425a091bdd09" - "d4483ce1a51c1a4fd775f236ae3fa543535e012fa89a1aa81218cf1d3b23572309afa230d8" - "e6e1814719fb76c82ed66c4dec3c5568d2911e9b8862c8a679b884bc" -}; -const char ctr_128_key[] = { "2b7e151628aed2a6abf7158809cf4f3c" }; -const char ctr_counter_1[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff" }; -const char ctr_counter_2[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdff00" }; -const char ctr_counter_3[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdff01" }; -const char ctr_counter_4[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdff02" }; -const char ctr_counter_5[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdff03" }; -const char ctr_plain_1[] = { "6bc1bee22e409f96e93d7e117393172a" }; -const char ctr_plain_2[] = { "ae2d8a571e03ac9c9eb76fac45af8e51" }; -const char ctr_plain_3[] = { "30c81c46a35ce411e5fbc1191a0a52ef" }; -const char ctr_plain_4[] = { "f69f2445df4f9b17ad2b417be66c3710" }; -const char ctr_128_cipher_1[] = { "874d6191b620e3261bef6864990db6ce" }; -const char ctr_128_cipher_2[] = { "9806f66b7970fdff8617187bb9fffdff" }; -const char ctr_128_cipher_3[] = { "5ae4df3edbd5d35e5b4f09020db03eab" }; -const char ctr_128_cipher_4[] = { "1e031dda2fbe03d1792170a0f3009cee" }; - -/* AES CTR - Functional test using test vector NIST SP 800-38A CTR-AES128.Encrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_func_data, - test_vector_aes_t test_vector_aes_ctr_128_functional) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("CTR 128 Functional"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_128_cipher_1, - .p_key = ctr_128_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - long */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_long) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt message_len=250"), - .p_plaintext = ctr_long_plain, - .p_ciphertext = ctr_128_long_cipher, - .p_key = ctr_128_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - short */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_short) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = ctr_128_key, - .p_iv = ctr_counter_1 -}; -#endif -#endif - -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -/* AES CBC - Functional test using test vector NIST CAVS 11.1 CBC KeySbox 128 - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_func_data, - test_vector_aes_t test_vector_aes_cbc_128_functional) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Functional"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "6d251e6944b051e04eaa6fb4dbf78465", - .p_key = "10a58869d74be5a374cf867cfb473859", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - Custom test vector - Encrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_c0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_c0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; -#endif -#endif - -#if defined(MBEDTLS_AES_C) -/* AES ECB - Functional test using test vector NIST CAVS 11.1 ECB KeySbox 128 - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_func_data, - test_vector_aes_t test_vector_aes_ecb_128_functional) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Functional"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "6d251e6944b051e04eaa6fb4dbf78465", - .p_key = "10a58869d74be5a374cf867cfb473859" -}; - -/* AES ECB - Custom test vector - Encrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_c0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; - -/* AES ECB - Custom test vector - Decrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_c0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; -#endif - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -/* ECDH - SECP256R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp256r1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1 valid") -}; - -/* ECDH - RFC 5903 256-Bit Random ECP Group */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_secp256r1_full) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1"), - .p_initiator_priv = - "C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433", - .p_responder_priv = - "C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53", - .p_initiator_publ_x = - "DAD0B65394221CF9B051E1FECA5787D098DFE637FC90B9EF945D0C3772581180", - .p_initiator_publ_y = - "5271A0461CDB8252D61F1C456FA3E59AB1F45B33ACCF5F58389E0577B8990BB3", - .p_responder_publ_x = - "D12DFB5289C8D4F81208B70270398C342296970A0BCCB74C736FC7554494BF63", - .p_responder_publ_y = - "56FBF3CA366CC23E8157854C13C58D6AAC23F046ADA30F8353E74F33039872AB", - .p_expected_shared_secret = - "D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Count 0 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1 valid 1"), - .p_responder_priv = - "7d7dc5f71eb29ddaf80d6214632eeae03d9058af1fb6d22ed80badb62bc1a534", - .p_initiator_publ_x = - "700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287", - .p_initiator_publ_y = - "db71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac", - .p_expected_shared_secret = - "46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b" -}; -#endif - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -/* ECDSA random - NIST P-256, SHA-256 - first test case */ -ITEM_REGISTER(test_vector_ecdsa_random_data, - test_vector_ecdsa_random_t - test_vector_ecdsa_random_secp256r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .p_test_vector_name = TV_NAME("secp256r1 random SHA256 1"), - .p_input = - "44acf6b7e36c1342c2c5897204fe09504e1e2efb1a900377dbc4e7a6a133ec56", -}; -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-256 - first test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 1"), - .p_input = - "44acf6b7e36c1342c2c5897204fe09504e1e2efb1a900377dbc4e7a6a133ec56", - .p_qx = "1ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83", - .p_qy = "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9", - .p_x = "519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-256 - second test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 2"), - .p_input = - "9b2db89cb0e8fa3cc7608b4d6cc1dec0114e0b9ff4080bea12b134f489ab2bbc", - .p_qx = "e266ddfdc12668db30d4ca3e8f7749432c416044f2d2b8c10bf3d4012aeffa8a", - .p_qy = "bfa86404a2e9ffe67d47c587ef7a97a7f456b863b4d02cfc6928973ab5b1cb39", - .p_x = "0f56db78ca460b055c500064824bed999a25aaf48ebb519ac201537b85479813" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-256 - third test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 3"), - .p_input = - "b804cf88af0c2eff8bbbfb3660ebb3294138e9d3ebd458884e19818061dacff0", - .p_qx = "74ccd8a62fba0e667c50929a53f78c21b8ff0c3c737b0b40b1750b2302b0bde8", - .p_qy = "29074e21f3a0ef88b9efdf10d06aa4c295cc1671f758ca0e4cd108803d0f2614", - .p_x = "e283871239837e13b95f789e6e1af63bf61c918c992e62bca040d64cad1fc2ef" -}; -#endif - -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) -#if defined(MBEDTLS_SHA256_C) -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA256 1"), - .p_input = - "f1d42d1c663fa4d88325458d31fb08b35e8fac7cebc04b224db57439680c9be4", - .p_qx = "b870597b4b8dc8fc07ed59b6f079e87936d56d0326c17249", - .p_qy = "e54c404920cd530f0680d8aa2a4fb70b5f8605e6ebbf2751", - .p_r = "b53dc1abd4f65d5e0506fa146bee65ecb6cd5353830b67ea", - .p_s = "aa44232f2fa6613f85fda824ded69e4137cdf5688c6b3ba9" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA256 2"), - .p_input = - "cab19f4afca519c6c8a2a09ba7e631ff56cc898694b64123b62e3c94b9fb4696", - .p_qx = "795bbf28b86af380c2b080e622f92f81de6d2af41a39bc39", - .p_qy = "3d3bcfcbe704426e95d0edbf40eae25a259af239b00158c9", - .p_r = "5a3fd911aac408cce41e0eaf42761cce155c5a6efe03df11", - .p_s = "605ffbb146bf787888d9c3e45f79d0bc6959dcfacfaea437" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA256 3"), - .p_input = - "786f3a4c00a899bfcd2a79e59ad387562c49e01370ee2fc9feab605a3552e37d", - .p_qx = "8109731205bd9e363c0521cddf94af58129af3f38d276f2a", - .p_qy = "9fcf7695165bafb39c2d53b61c4ccfed3891abc6db1fc22c", - .p_r = "cac3fe60f567724f7afb825aeda68c3b345b44ef3879dc70", - .p_s = "4544b7d4457b61b66cabfd6174f2c5a594b2c0f300b0e8ea" -}; -#endif -#endif - -#if defined(MBEDTLS_ECJPAKE_C) -/* - * Test data as used by ARMmbed: https://github.com/ARMmbed/mbed-crypto/blob/master/library/ecjpake.c - */ - -static const unsigned char ecjpake_password[] = - "7468726561646a70616b6574657374"; -static const unsigned char ecjpake_x1[] = - "0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f21"; -static const unsigned char ecjpake_x2[] = - "6162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f81"; -static const unsigned char ecjpake_x3[] = - "6162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f81"; -static const unsigned char ecjpake_x4[] = - "c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe1"; -static const unsigned char ecjpake_round_msg_cli_1[] = - "4104accf0106ef858fa2d919331346805a78b58bbad0b844e5c7892879146187dd2666ada7" - "81bb7f111372251a8910621f634df128ac48e381fd6ef9060731f694a441041dd0bd5d4566" - "c9bed9ce7de701b5e82e08e84b730466018ab903c79eb982172236c0c1728ae4bf73610d34" - "de44246ef3d9c05a2236fb66a6583d7449308babce2072fe16662992e9235c25002f11b150" - "87b82738e03c945bf7a2995dda1e98345841047ea6e3a4487037a9e0dbd79262b2cc273e77" - "9930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37" - "ec91b7e32bb013bb2b4104a49558d32ed1ebfc1816af4ff09b55fcb4ca47b2a02d1e7caf11" - "79ea3fe1395b22b861964016fabaf72c975695d93d4df0e5197fe9f040634ed59764937787" - "be20bc4deebbf9b8d60a335f046ca3aa941e45864c7cadef9cf75b3d8b010e443ef0"; -static const unsigned char ecjpake_round_msg_cli_2[] = - "410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b" - "45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e" - "6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292" - "d36f0d23e055913f45a52b85dd8a2052e9e129bb4d200f011f19483535a6e89a580c9b0003" - "baf21462ece91a82cc38dbdcae60d9c54c"; -static const unsigned char ecjpake_round_msg_srv_1[] = - "41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e14779" - "0aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20eb" - "d7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f" - "65d78742746c12a5ec0a4ffe2f270a750a1d8fb51620934d74eb43e54df424fd96306c0117" - "bf131afabf90a9d33d1198d905193735144104190a07700ffa4be6ae1d79ee0f06aeb544cd" - "5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c11" - "2b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f375" - "2f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd" - "4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb12"; -static const unsigned char ecjpake_round_msg_srv_2[] = - "03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda" - "4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea" - "3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5" - "d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c820ff724a9a70b88cb86f20b434" - "c6865aa1cd7906dd7c9bce3525f508276f26836c"; -static const unsigned char ecjpake_ss[] = - "f3d47f599844db92a569bbe7981e39d931fd743bf22e98f9b438f719d3c4f351"; - -/* - * Uses empty initial data on both sides and deterministic rng. - * Derive a secret for both client and server. - * Should verify: - * Derived secrets same length. - * Derived secrets equal data. - */ -ITEM_REGISTER( - test_vector_ecjpake_random_data, - test_vector_ecjpake_t test_vector_ecjpake_trivial_random_handshake) = { - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_password = ecjpake_password, - .p_test_vector_name = TV_NAME("Trivial random handshake") -}; - -/* - * Uses pre-made private keys to generate public keys. - * Thus only ECJPAKE reads are done, not writes. - * Messages are also pre-defined. - * Should verify: - * Derived secret client same length as pre-made secret. - * Derived secret server same length as pre-made secret. - * Derived secret client equal data in pre-made secret. - * Derived secret server equal data in pre-made secret. - */ -ITEM_REGISTER(test_vector_ecjpake_given_data, - test_vector_ecjpake_t test_vector_ecjpake_given_data_001) = { - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("Predefined private keys"), - .p_password = ecjpake_password, - .p_priv_key_client_1 = ecjpake_x1, - .p_priv_key_client_2 = ecjpake_x2, - .p_priv_key_server_1 = ecjpake_x3, - .p_priv_key_server_2 = ecjpake_x4, - .p_round_message_client_1 = ecjpake_round_msg_cli_1, - .p_round_message_client_2 = ecjpake_round_msg_cli_2, - .p_round_message_server_1 = ecjpake_round_msg_srv_1, - .p_round_message_server_2 = ecjpake_round_msg_srv_2, - .p_expected_shared_secret = ecjpake_ss, -}; -#endif /* MBEDTLS_ECJPAKE_C */ - -#if defined(MBEDTLS_SHA256_C) -const char hkdf_ikm_len_22[] = { - "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" -}; -const char hkdf_ikm_len_80[] = { - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021222324" - "25262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f40414243444546474849" - "4a4b4c4d4e4f" -}; -const char hkdf_ikm_len_250[] = { - "d9ffac12ae7a19e13c9e92b21e341bff5e2a949f240a55595d9cbcd77512480b435237341e" - "dbc831dfc524f35ad8b95d238629d66849d5b66edda67907cbe5556f175a3dedd8f5e5d5ef" - "12102fa1dde3e279b559130d0b441f1a20c04f5dbeb2bf0912272f29b96c390fba1b36a951" - "fea808275c8713b9685398bbbb1ba64f069b231f49c3095d2c95471b27df56acd671d7cbe7" - "817826d107815af721f3f7d262c651f1ebae961979778eb37dac8ce75f1efdb703789764a0" - "d34600ffc056e331dab60b1d207a5935649fb75e5a8d3ea6b09a20954736fad51a4b031a2e" - "961efa85b65a7c7b02345c199e90d8be40bb28496ad1ea93c9daeb55" -}; -const char hkdf_dummy_okm[] = { "3a8d5dc16eba7ac69b38" }; -const char hkdf_salt_len_13[] = { "000102030405060708090a0b0c" }; -const char hkdf_salt_len_20[] = { "1911bff47c578781d0609cb563bb7da69c27fd18" }; -const char hkdf_salt_len_80[] = { - "606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384" - "85868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9" - "aaabacadaeaf" -}; -const char hkdf_salt_len_250[] = { - "7d1ca5017a99229aae0e03c5bfb98b1425e8649956123341543edd6e75600a73fad29a00e7" - "06d68643133758b3602e4522071704eb212dfd613ab48f8826a90c944f626c13f6762d4361" - "a322d4f322c52d659ec0dbabf70d9e2daca42bb2333f5d9bbea1376a2fd895c5dda48270c1" - "757100e9083973e2fb0cdbbeadd44e40309887f300ca59a71167347f5d2e5583b4d5525ded" - "f7f57692397828c7009a834df2f2a711e9c892f6c706d3bf10a8c07db4c42ab74d75f8e249" - "e879a5e96329f04600e1bf81ee567ce0c06bd2a1f969feca465a75f996e7a79523b89ef8e2" - "2b85ecf436d7cfe7b4e6f535e0a661398ca5711f3f4513d864381702" -}; -const char hkdf_info_len_10[] = { "f0f1f2f3f4f5f6f7f8f9" }; -const char hkdf_info_len_20[] = { "3a594a18b699ef8819008ed38c3aa4320581db9d" }; -const char hkdf_info_len_80[] = { - "b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4" - "d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9" - "fafbfcfdfeff" -}; -const char hkdf_info_len_250[] = { - "ccfafb6a30475d53b3a2d420825c54d7e026874e913173108ac83c99aae278b1850538123e" - "c8f9dd00cc18cf0a66d271bf69c8035f1301c11a241eaaf9be56b99b65ef1a596fdb49e46a" - "acbfb39cd0afcd45516ab3b2f7e9fbf16246642f24ffc1d04d5d5e5694569d207feef75ba9" - "55cb119fa4f691a9bce51d32281795ffbd41fb157387b911e252a676b9dbf8e94e0e371495" - "b15602b527ebcfe1ae1773196fad39de7c5351869724f7ef17586ae9d85af304ba132db50f" - "a1449e297f650325558824291b88cbac38f7d27a24d8c18f0ba6bd0e749079184693e21ffe" - "9ee3dae068485e8b22663696f2d70a04e61ceceeb2da839bfbb30838" -}; - -/* HKDF - SHA-256 Custom test case 1 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_c1) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = MBEDTLS_ERR_HKDF_BAD_INPUT_DATA, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 Expand and Extract ikm_len=0 " - "okm_len=10 salt_len=13 info_len=10"), - .p_ikm = "", - .p_okm = hkdf_dummy_okm, - .p_prk = "", - .p_salt = hkdf_salt_len_20, - .p_info = hkdf_info_len_20 -}; - -/* HKDF - SHA-256 Custom test case 2 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_c2) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME( - "SHA256 Expand and Extract ikm_len=1 okm_len=1 salt_len=1 info_len=1"), - .p_ikm = "ab", - .p_okm = "53", - .p_prk = - "1f3624af63d5221a80b6d6cbb7d372e595cb512f4ad248643d8d0a74f0be8335", - .p_salt = "1b", - .p_info = "6f" -}; - -/* HKDF - SHA-256 Custom test case 3 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_c3) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME( - "SHA256 Expand and Extract Invalid ikm_len=20 okm_len=0 " - "salt_len=13 info_len=10"), - .p_ikm = hkdf_ikm_len_22, - .p_okm = "", - .p_prk = - "077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5", - .p_salt = hkdf_salt_len_13, - .p_info = hkdf_info_len_10 -}; -#endif - -#if defined(MBEDTLS_SHA256_C) -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_inv_message) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 invalid - message changed"), - .p_input = - "c1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" - "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" - "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" - "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e", - .p_key = "9779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8" - "c6a8f58ffefa176", - .p_expected_output = - "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_inv_key) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 invalid - key changed"), - .p_input = - "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" - "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" - "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" - "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e", - .p_key = "a779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8" - "c6a8f58ffefa176", - .p_expected_output = - "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_inv_sign) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 invalid - signature changed"), - .p_input = - "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" - "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" - "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" - "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e", - .p_key = "9779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8" - "c6a8f58ffefa176", - .p_expected_output = - "869f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b" -}; -#endif - -#if defined(MBEDTLS_SHA256_C) -const char flash_data_sha_256[4096] = { "1234567890" }; - -/* SHA256 - Based on NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_invalid) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 invalid hash"), - .p_input = - "6a86b737eaea8ee976a0a24da63e7ed7eefad18a101c1211e2b3650c5187c2a8a65054" - "7208251f6d4237e661c7bf4c77f335390394c37fa1a9f9be836ac28509", - .p_expected_output = - "42e61e174fbb3897d6dd6cef3dd2802fe67b331953b06114a65c772859dfc1aa" -}; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_0) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=0"), - .p_input = "", - .p_expected_output = - "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" -}; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_4) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=4"), - .p_input = "c98c8e55", - .p_expected_output = - "7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" -}; -#endif - -#if defined(MBEDTLS_SHA512_C) -const char flash_data_sha_512[4096] = { "1234567890" }; - -/* SHA512 - Based on NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_invalid) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA512 invalid hash"), - .p_input = - "d1ca70ae1279ba0b918157558b4920d6b7fba8a06be515170f202fafd36fb7f79d69fa" - "d745dba6150568db1e2b728504113eeac34f527fc82f2200b462ecbf5d", - .p_expected_output = - "046e46623912b3932b8d662ab42583423843206301b58bf20ab6d76fd47f1cbbcf421d" - "f536ecd7e56db5354e7e0f98822d2129c197f6f0f222b8ec5231f3967d" -}; - -/* SHA512 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_0) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 message_len=0"), - .p_input = "", - .p_expected_output = - "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d1" - "3c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" -}; - -/* SHA512 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_4) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 message_len=4"), - .p_input = "a801e94b", - .p_expected_output = - "dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf7" - "38bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" -}; -#endif diff --git a/tests/crypto/test_cases/test_vectors_aead_ccm.c b/tests/crypto/test_cases/test_vectors_aead_ccm.c deleted file mode 100644 index 34b08fab41b1..000000000000 --- a/tests/crypto/test_cases/test_vectors_aead_ccm.c +++ /dev/null @@ -1,5099 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief AES CCM test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov - * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip - */ - -/* AES CCM - Custom test vector 1 - Invalid behavior test for AES plaintext and AD. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c18) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 message_len=0 ad_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "", - .p_nonce = "00000003020100a0a1a2a3a4a5", - .p_mac = "f48122034d40c898" -}; - -/* AES CCM - Custom test vector 2 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c19) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt Invalid ciphertext"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "688c979a61c663d2f066d0c2c0f989806d5f6b61dac384", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "00000003020100a0a1a2a3a4a5", - .p_mac = "17e8d12cfdf926e0" -}; - -/* AES CCM - Custom test vector 3 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c20) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = - EXPECTED_TO_FAIL, /* Generated plaintext will be incorrect. */ - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt Invalid MAC"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "588c979a61c663d2f066d0c2c0f989806d5f6b61dac384", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "00000003020100a0a1a2a3a4a5", - .p_mac = "27e8d12cfdf926e0" -}; - -/* AES CCM - Custom test vector 4 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c21) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "588c979a61c663d2f066d0c2c0f989806d5f6b61dac384", - .p_key = "d0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "00000003020100a0a1a2a3a4a5", - .p_mac = "17e8d12cfdf926e0" -}; - -/* AES CCM - Custom test vector 5 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c22) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "588c979a61c663d2f066d0c2c0f989806d5f6b61dac384", - .p_key = "d0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "00000003020100a0a1a2a3a4a5", - .p_mac = "17e8d12cfdf926e0" -}; - -/* AES CCM - Custom test vector 6 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c23) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "588c979a61c663d2f066d0c2c0f989806d5f6b61dac384", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "10000003020100a0a1a2a3a4a5", - .p_mac = "17e8d12cfdf926e0" -}; - -/* AES CCM - Custom test vector 7 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_128_inv_c24) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "588c979a61c663d2f066d0c2c0f989806d5f6b61dac384", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "10000003020100a0a1a2a3a4a5", - .p_mac = "17e8d12cfdf926e0" -}; - -/* AES CCM - Custom test vector 8 */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_128_c8) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM 128 message_len=250 ad_len=8 mac_len=8 nonce_len=13"), - .p_plaintext = - "e96325847ce207c2bf6638a52634075139998888fa0ca1501a4b57ee0767210f1fee06" - "5b7ed1e4005fe1c3ec482b2d3cad3d8461d4ab2ba1c73cbe2c65ac8b1e61be3f052eca" - "df671a3f58601ec0f1ac95367dae85601449f434b9d10757a613784a229aa14bebe6ed" - "07579ec0a513ce7ce799d1e6cd468613f0d3f42e6162680b28f13aeb82657293442445" - "9137bd3aabec437bf4fdff007d2675d7fd2195280da092eb1b3549e5457e065cc47349" - "f2c3013b8a4a1938b05c033b2a5b6b477be39b415f4f50beac41f817783bda28f24bab" - "3c8095e1b01e48ce4271cd2a323d1d8c100bb9856f75f63bdee34510de01e32efc0b12" - "e980e9161a", - .p_ciphertext = - "5f58855b5dce6c704a380d36e1ae8e5fbdd1103edb5afebf74c434fcdcab346f3b2219" - "c0afe77e355464c32626336dc1a7909942548cf23f89e5eba4dba14af9c6c0eca4099a" - "1a962d0fe3d8aaf64f050fc5fdd04228bde4d35a8601a975c0dbdb1d30fea3b7d9648a" - "2666e521195e1e2a2ac811855dca78cc1941709d54cf2a1d8327de81ed4dfe024db1ef" - "b8975ba7e61855e3729b11bdba502bc59039b6446957473b362015e88c7403ddd3dfd3" - "e2eb88a4232a32bf5f23d5e91d2abbaae4d549b23e2bacb75cc332edecce7492fc5e00" - "9986f925ceef99ea6d72fc97cfb5720302be8d6deaf9a1038c90d1ba3973b7e045cf33" - "30579c7a21", - .p_key = "7e376f9b5227648a72f52df8437c0d36", - .p_ad = "4bf9a35147f3b430", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "fa070211947a3af3" -}; - -/* AES CCM - Custom test vector 9 */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_128_c9) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM 128 message_len=16 ad_len=250 mac_len=8 nonce_len=13"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "be32aad42d2165bde54f2780d38f9f199c5182ad3d4b41", - .p_key = "7e376f9b5227648a72f52df8437c0d36", - .p_ad = "0ee0089ec32c7cfa036bd1ab9c23b98cd5d166214d61c719688c6a0ecff705da47" - "ac179cae7eaa3b638ab022a6669729fe47f24679e78488125d989cc7d1bbd8b472" - "b04678b45adde4cca92cd91c4e214257243b163eca04bf643e9df6f7c5bf55aa91" - "bc348154b5c3e9529a56fed8b04e0726b6de3ecc43f499108933e07297bdfcd4d8" - "df2aa9af908083aeccc5c23fe9efbbf5fa9a27ea2923d36188197c87c955fcc5f7" - "e0ebff4b01ebf008a5c93dab12ddfbf65f4225e5a3dfd44e36dbc3ba7891fce514" - "d127e5eb8adb939670b4c5643c46425c614546b90cf0d720203bef4a12ff2d7666" - "23c92e134420e3b423b526598f32e8884843bc", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "64f4f8957d6b69e3" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt_0) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM 128 Encrypt message_len=0 ad_len=0 mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4ae701103c63deca5b5a3939d7d05992", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "02209f55" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt_1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4ae701103c63deca5b5a3939d7d05992", - .p_ad = "", - .p_nonce = "3796cf51b87266", - .p_mac = "9a04c241" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt_2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4ae701103c63deca5b5a3939d7d05992", - .p_ad = "", - .p_nonce = "89ca5a64050f9f", - .p_mac = "f5f915df" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 15 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt15) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "75d582db43ce9b13ab4b6f7f14341330" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 16 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt16) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "3796cf51b87266", - .p_mac = "3a65e03af37b81d05acc7ec1bc39deb0" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 17 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt17) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "89ca5a64050f9f", - .p_mac = "efc5721e0b9e4c3c90deab0e1d5c11bd" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 30 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt30) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "90156f3f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 31 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt31) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "a16a2e741f1cd9717285b6d882", - .p_mac = "88909016" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 32 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt32) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "368f3b8180fd4b851b7b272cb1", - .p_mac = "de547d03" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 45 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt45) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM 128 Encrypt message_len=0 ad_len=0 mac_len=16 nonce_len=13 valid"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "fb04dc5a44c6bb000f2440f5154364b4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 46 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt46) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "a16a2e741f1cd9717285b6d882", - .p_mac = "5447075bf42a59b91f08064738b015ab" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 47 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt47) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "368f3b8180fd4b851b7b272cb1", - .p_mac = "fdc992847f0815fac67aa935b35208ed" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 60 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt60) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "03e1fa6b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 61 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt61) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "31f8fa25827d48", - .p_mac = "23e5d81c" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 62 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt62) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "512ed208bf10d57406537e94d20a5b6e2e9ab0683dfdc685", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "5340ed7752c9ff", - .p_mac = "869a97f0" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 75 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt75) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "24ab9eeb0e5508cae80074f1070ee188a637171860881f1f", - .p_key = "197afb02ffbd8f699dacae87094d5243", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "2d9a3fbc210595b7b8b1b41523111a8e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 76 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt76) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24", - .p_key = "197afb02ffbd8f699dacae87094d5243", - .p_ad = "", - .p_nonce = "31f8fa25827d48", - .p_mac = "63af747cc88a001fa94e060290f209c4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 77 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt77) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "cbf133643851f91ddc7a1e19a0c21990459f2b7728da58f5", - .p_key = "197afb02ffbd8f699dacae87094d5243", - .p_ad = "", - .p_nonce = "5340ed7752c9ff", - .p_mac = "cf3b8e6c8aeb5eeb0a5efb3700be45a2" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 120 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt120) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe4829", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "782e4318" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 121 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt121) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe4829", - .p_ad = "a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe", - .p_nonce = "a265480ca88d5f", - .p_mac = "a04f270a" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 122 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt122) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe4829", - .p_ad = "2bed1ec06c1ca149d9ffbaf048c474ea2de000eb7950f18d6c25acf6ab3f19b5", - .p_nonce = "87ec7423f1ebfc", - .p_mac = "97dfd257" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 135 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt135) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "41b476013f45e4a781f253a6f3b1e530" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 136 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt136) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b", - .p_ad = "a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe", - .p_nonce = "a265480ca88d5f", - .p_mac = "f9f018fcd125822616083fffebc4c8e6" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 137 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt137) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b", - .p_ad = "2bed1ec06c1ca149d9ffbaf048c474ea2de000eb7950f18d6c25acf6ab3f19b5", - .p_nonce = "87ec7423f1ebfc", - .p_mac = "534cc67c44c877c9c908071ee1082f4c" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 180 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt180) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3", - .p_key = "f9fdca4ac64fe7f014de0f43039c7571", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "38f125fa" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 181 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt181) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7", - .p_key = "f9fdca4ac64fe7f014de0f43039c7571", - .p_ad = "5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e", - .p_nonce = "fdd2d6f503c915", - .p_mac = "28a66b69" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 182 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt182) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "1f16c6d370fff40c011a243356076b67e905d4672ae2f38f", - .p_key = "f9fdca4ac64fe7f014de0f43039c7571", - .p_ad = "f6468542923be79b4b06dfe70920d57d1da73a9c16f9c9a12d810d7de0d12467", - .p_nonce = "27d73d58100054", - .p_mac = "ee2de18c" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 195 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt195) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "b351ab96b2e45515254558d5212673ee6c776d42dbca3b51", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "2cf3a20b7fd7c49e6e79bef475c2906f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 196 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt196) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e", - .p_nonce = "fdd2d6f503c915", - .p_mac = "81d18ca149d6766bfaccec88f194eb5b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 197 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt197) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "04a29fc109dfc626e8297e0f586d0bfaf31260017d95f62d", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "f6468542923be79b4b06dfe70920d57d1da73a9c16f9c9a12d810d7de0d12467", - .p_nonce = "27d73d58100054", - .p_mac = "5eb4f0875dda5ccd9b94026ba49fb34e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 210 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt210) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 valid"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "934f893824e880f743d196b22d1f340a52608155087bd28a", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "c25e5329" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 211 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt211) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10", - .p_nonce = "0812757ad0cc4d17c4cfe7a642", - .p_mac = "59b3b3ee" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 128 - Count 212 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_encrypt212) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "c686eac859a7bae3cce97d0b6527a0a7c8c2b24ece35f437", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "0923b927b8295c5dfaf67da55e5014293bc8c708fda50af06c1e8aef31cccc86", - .p_nonce = "eff510acc1b85f35029cf7dc00", - .p_mac = "0bf6688e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt_0) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME( - "CCM 128 Decrypt message_len=0 ad_len=0 mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4ae701103c63deca5b5a3939d7d05992", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "02209f55" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt_1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4ae701103c63deca5b5a3939d7d05992", - .p_ad = "", - .p_nonce = "3796cf51b87266", - .p_mac = "9a04c241" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt_2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4ae701103c63deca5b5a3939d7d05992", - .p_ad = "", - .p_nonce = "89ca5a64050f9f", - .p_mac = "f5f915df" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 15 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt15) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "75d582db43ce9b13ab4b6f7f14341330" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 16 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt16) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "3796cf51b87266", - .p_mac = "3a65e03af37b81d05acc7ec1bc39deb0" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 17 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt17) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "89ca5a64050f9f", - .p_mac = "efc5721e0b9e4c3c90deab0e1d5c11bd" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 30 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt30) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "90156f3f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 31 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt31) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "a16a2e741f1cd9717285b6d882", - .p_mac = "88909016" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 32 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt32) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3", - .p_ad = "", - .p_nonce = "368f3b8180fd4b851b7b272cb1", - .p_mac = "de547d03" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 45 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt45) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "fb04dc5a44c6bb000f2440f5154364b4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 46 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt46) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "a16a2e741f1cd9717285b6d882", - .p_mac = "5447075bf42a59b91f08064738b015ab" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 47 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt47) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "368f3b8180fd4b851b7b272cb1", - .p_mac = "fdc992847f0815fac67aa935b35208ed" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 60 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt60) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "03e1fa6b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 61 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt61) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "31f8fa25827d48", - .p_mac = "23e5d81c" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 62 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt62) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "512ed208bf10d57406537e94d20a5b6e2e9ab0683dfdc685", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd", - .p_ad = "", - .p_nonce = "5340ed7752c9ff", - .p_mac = "869a97f0" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 75 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt75) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "24ab9eeb0e5508cae80074f1070ee188a637171860881f1f", - .p_key = "197afb02ffbd8f699dacae87094d5243", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "2d9a3fbc210595b7b8b1b41523111a8e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 76 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt76) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24", - .p_key = "197afb02ffbd8f699dacae87094d5243", - .p_ad = "", - .p_nonce = "31f8fa25827d48", - .p_mac = "63af747cc88a001fa94e060290f209c4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 77 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt77) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "cbf133643851f91ddc7a1e19a0c21990459f2b7728da58f5", - .p_key = "197afb02ffbd8f699dacae87094d5243", - .p_ad = "", - .p_nonce = "5340ed7752c9ff", - .p_mac = "cf3b8e6c8aeb5eeb0a5efb3700be45a2" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 120 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt120) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe4829", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "782e4318" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 121 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt121) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe4829", - .p_ad = "a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe", - .p_nonce = "a265480ca88d5f", - .p_mac = "a04f270a" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 122 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt122) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe4829", - .p_ad = "2bed1ec06c1ca149d9ffbaf048c474ea2de000eb7950f18d6c25acf6ab3f19b5", - .p_nonce = "87ec7423f1ebfc", - .p_mac = "97dfd257" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 135 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt135) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "41b476013f45e4a781f253a6f3b1e530" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 136 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt136) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b", - .p_ad = "a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe", - .p_nonce = "a265480ca88d5f", - .p_mac = "f9f018fcd125822616083fffebc4c8e6" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 137 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt137) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b", - .p_ad = "2bed1ec06c1ca149d9ffbaf048c474ea2de000eb7950f18d6c25acf6ab3f19b5", - .p_nonce = "87ec7423f1ebfc", - .p_mac = "534cc67c44c877c9c908071ee1082f4c" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 180 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt180) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3", - .p_key = "f9fdca4ac64fe7f014de0f43039c7571", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "38f125fa" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 181 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt181) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7", - .p_key = "f9fdca4ac64fe7f014de0f43039c7571", - .p_ad = "5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e", - .p_nonce = "fdd2d6f503c915", - .p_mac = "28a66b69" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 182 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt182) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "1f16c6d370fff40c011a243356076b67e905d4672ae2f38f", - .p_key = "f9fdca4ac64fe7f014de0f43039c7571", - .p_ad = "f6468542923be79b4b06dfe70920d57d1da73a9c16f9c9a12d810d7de0d12467", - .p_nonce = "27d73d58100054", - .p_mac = "ee2de18c" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 195 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt195) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "b351ab96b2e45515254558d5212673ee6c776d42dbca3b51", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "2cf3a20b7fd7c49e6e79bef475c2906f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 196 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt196) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e", - .p_nonce = "fdd2d6f503c915", - .p_mac = "81d18ca149d6766bfaccec88f194eb5b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 197 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt197) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "04a29fc109dfc626e8297e0f586d0bfaf31260017d95f62d", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "f6468542923be79b4b06dfe70920d57d1da73a9c16f9c9a12d810d7de0d12467", - .p_nonce = "27d73d58100054", - .p_mac = "5eb4f0875dda5ccd9b94026ba49fb34e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 210 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt210) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "934f893824e880f743d196b22d1f340a52608155087bd28a", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "c25e5329" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 211 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt211) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10", - .p_nonce = "0812757ad0cc4d17c4cfe7a642", - .p_mac = "59b3b3ee" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 128 - Count 212 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_128_decrypt212) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 128 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "c686eac859a7bae3cce97d0b6527a0a7c8c2b24ece35f437", - .p_key = "a7aa635ea51b0bb20a092bd5573e728c", - .p_ad = "0923b927b8295c5dfaf67da55e5014293bc8c708fda50af06c1e8aef31cccc86", - .p_nonce = "eff510acc1b85f35029cf7dc00", - .p_mac = "0bf6688e" -}; - -/* AES CCM STAR - Formal Specification of the CCM* Mode of Operation, September 16, 2004 - 2.5. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_spec) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=23 ad_len=8 mac_len=8 nonce_len=13"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "1a55a36abb6c610d066b3375649cef10d4664ecad854a8", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "a0a1a2a3a4a5a6a70302010006", - .p_mac = "0a895cc1d8ff9469" -}; - -/* AES CCM STAR - Formal Specification of the CCM* Mode of Operation, September 9, 2005 - 2.6. Not supported in cc310 lib. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_spec_2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=0 ad_len=26 mac_len=8 nonce_len=13"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "08d0842143010000000048deac020500000055cf000051525354", - .p_nonce = "acde4800000000010000000502", - .p_mac = "223bc1ec841ab553" -}; - -/* AES CCM STAR - Formal Specification of the CCM* Mode of Operation, September 9, 2005 - 2.7. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_spec_3) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=4 ad_len=26 mac_len=0 nonce_len=13"), - .p_plaintext = "61626364", - .p_ciphertext = "d43e022b", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "69dc842143020000000048deac010000000048deac0405000000", - .p_nonce = "acde4800000000010000000504", - .p_mac = "" -}; - -/* AES CCM STAR - Formal Specification of the CCM* Mode of Operation, September 9, 2005 - 2.8. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_spec_4) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=1 ad_len=29 mac_len=8 nonce_len=13"), - .p_plaintext = "ce", - .p_ciphertext = "d8", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "2bdc842143020000000048deacffff010000000048deac060500000001", - .p_nonce = "acde4800000000010000000506", - .p_mac = "4fde529061f9c6f1" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_level_0) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Security level 0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "", - .p_nonce = "01f04f8873ea675d98a43a4e00", - .p_mac = "" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_level_1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Security level 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "", - .p_nonce = "01f04f8873ea675d98a43a4e01", - .p_mac = "fc91d4fb" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_level_2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Security level 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "", - .p_nonce = "01f04f8873ea675d98a43a4e02", - .p_mac = "dc52d7f5b66dde7f" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_level_3) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Security level 3"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "", - .p_nonce = "01f04f8873ea675d98a43a4e03", - .p_mac = "38e9c4fc3b4129d893bba206c820bb67" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_level_4) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Security level 4"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "d16c46686c549404206596899b935c4b", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "", - .p_nonce = "01f04f8873ea675d98a43a4e04", - .p_mac = "" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_level_5) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Security level 5"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "44d1db2dc774a623ada69afd47b952af", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "", - .p_nonce = "01f04f8873ea675d98a43a4e05", - .p_mac = "031367fb" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_level_6) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Security level 6"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "96b87289284ed8779e98a5bf55d16f00", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "a3fd8b8dae862dc5" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_level_7) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Security level 7"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "604e3fe798363abfb65c29a7dd3ba533", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e07", - .p_mac = "4eb450488d495c1092f65217aa6b3de8" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_0) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=0 ad_len=8 mac_len=0 nonce_len=13"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e00", - .p_mac = "" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=16 ad_len=8 mac_len=0 nonce_len=13"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "d16c46686c549404206596899b935c4b", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e04", - .p_mac = "" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=16 ad_len=8 mac_len=4 nonce_len=13"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "44d1db2dc774a623ada69afd47b952af", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e05", - .p_mac = "d01b3d22" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_3) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=250 ad_len=8 mac_len=8 nonce_len=13"), - .p_plaintext = - "27d37753eea01ca96d03840176e29a3a5c7b5ce8978f293478915ccaaee70eb1159de4" - "bbb4af9ff9e10878bb1d0d40ea63c38693d222c34923f57e640a31e5e099cc5d043407" - "b2c5ad059603a76b9b1498e7b972c924f1211890e887423118c6470c922c6b6179718f" - "a60903ef9a9c6671f413525d79015b936f465704abe06a11dc2b5b2e1bc9b79d4916da" - "565f0efd05cb151a6263c2c2ba4a87e07a2bbb6a4992bc6678fa7ffd8db19d681c6173" - "7325cde751932f94cacc977edf7d5bb91a4a486b6959c792deb3adaaedc6a9efba6519" - "91cc625760b2d08b555c59967081fd2bb0701ca50a74f0dbca3f1cbc44c682e5629b28" - "76b7587fd0", - .p_ciphertext = - "85a0112287019297a4e2f5d502a4721e3d3458fa5744ce738e9e49ba4a85f88129146b" - "d808f6322fbcbae5763813081d7ea3bb708571581329d99a5326b0b98725374c7df07d" - "18f378f86a4fb5864b911e1e7a66780741ac6133fcf921505fe94509d277ddb62839fa" - "55dcb3dd76eb50379ba20576c815678a316146d963abd9ca2586591a5cd1b0ddc75ffd" - "1f64cfa3d7ece393a8036668390e5a87d770081f41b2df3c288b97ec756f20170aa7d8" - "3fb37b4a0570ec1d8abb1f180017473fd4edcf802ec5ade4eb0bc617675f72a9a531bd" - "5a48e2f4e055975e25de130bc160c93f333bc7d149e932459e015e44bd95a53531e67f" - "ac5ec94689", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "14a407a361e30073" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_4) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM STAR 128 message_len=16 ad_len=250 mac_len=8 nonce_len=13"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "96b87289284ed8779e98a5bf55d16f00", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "690ad6de2661681e8f02b16710372eb9992ea97ab1976a7c2b2b15b08500b307e5" - "d6c7501fff91b71e07d70104c35fbafe9d62dca19005703ff896ea429112aedeb6" - "c9a5c5bc9f7df1d1fae08049ec1f72f050e6758c72c7584ceb89dc86e79112b42d" - "0052b96e5ba155e9b21240c87bdd309ab8f6d88de816c9ddfde6b95af7ee617f37" - "9f5235a86a99322a33e5fb9470eb9d19c42e73386098c50b10a7d5d423858f9233" - "4ff55143158b00a75ea59ffea0dc107c3d7bfc1f564b2140f8efe2faeb587978bf" - "305a1c6e90077d846426b4543efd4aa916fda72326ef04eebedbdf276dcff15dc1" - "b8eedb3051c57fe9f405366a51c81ed4529cd2", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "bc3df5a9240a81d4" -}; - -/* AES CCM STAR - Custom test vector - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_star_128_inv_c1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = MBEDTLS_ERR_CCM_BAD_INPUT, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Invalid nonce_len=14"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "1a55a36abb6c610d066b3375649cef10d4664ecad854a8", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "a0a1a2a3a4a5a6a7030201000606", - .p_mac = "0a895cc1d8ff9469" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_star_128_inv_c4) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CCM STAR 128 Encrypt with invalid AES key"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "96b87289284ed8779e98a5bf55d16f00", - .p_key = "e1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "a3fd8b8dae862dc5" -}; - -/* This test vector file is very long. Chop off a few if this is set. */ -#if defined(CONFIG_CRYPTO_TEST_LARGE_VECTORS) - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_star_128_inv_c5) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = MBEDTLS_ERR_CCM_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CCM STAR 128 Decrypt with invalid AES key"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "96b87289284ed8779e98a5bf55d16f00", - .p_key = "e1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "a3fd8b8dae862dc5" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_star_128_inv_c6) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = MBEDTLS_ERR_CCM_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Decrypt Invalid MAC"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "96b87289284ed8779e98a5bf55d16f00", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "b3fd8b8dae862dc5" -}; - -/* AES CCM STAR - Custom Test vector. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_star_128_inv_c7) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = true, - .expected_err_code = MBEDTLS_ERR_CCM_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM STAR 128 Decrypt Invalid ciphertext"), - .p_plaintext = "34cb14f841ef56495779d46b21978724", - .p_ciphertext = "a6b87289284ed8779e98a5bf55d16f00", - .p_key = "d1fa7145ecd7a327ca3a8b58cd1147e6", - .p_ad = "04ebed593e86388a", - .p_nonce = "01f04f8873ea675d98a43a4e06", - .p_mac = "a3fd8b8dae862dc5" -}; - -#if defined(MBEDTLS_CIPHER_AES_256_CCM_C) - -/* AES CCM - Custom test vector 1 - Invalid behavior test for AES plaintext and AD. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_192_inv_c18) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 message_len=0 ad_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "01fb305afb2d32be292f90033763ab46fe8589bec3a8995c", - .p_ad = "", - .p_nonce = "0dde69f96145d07925e0bafcc0", - .p_mac = "c3c30acbddcb17ac" -}; - -/* AES CCM - Custom test vector 2 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_192_inv_c19) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt Invalid ciphertext"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "99b683088b1c9588e1bfd295ed496144c594508be17021", - .p_key = "01fb305afb2d32be292f90033763ab46fe8589bec3a8995c", - .p_ad = "0001020304050607", - .p_nonce = "0dde69f96145d07925e0bafcc0", - .p_mac = "e2e7c52772fd89a7" -}; - -/* AES CCM - Custom test vector 3 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_192_inv_c20) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = - EXPECTED_TO_FAIL, /* Generated plaintext will be incorrect. */ - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt Invalid MAC"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "89b683088b1c9588e1bfd295ed496144c594508be17021", - .p_key = "01fb305afb2d32be292f90033763ab46fe8589bec3a8995c", - .p_ad = "0001020304050607", - .p_nonce = "0dde69f96145d07925e0bafcc0", - .p_mac = "f2e7c52772fd89a7" -}; - -/* AES CCM - Custom test vector 4 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_192_inv_c21) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "89b683088b1c9588e1bfd295ed496144c594508be17021", - .p_key = "11fb305afb2d32be292f90033763ab46fe8589bec3a8995c", - .p_ad = "0001020304050607", - .p_nonce = "0dde69f96145d07925e0bafcc0", - .p_mac = "e2e7c52772fd89a7" -}; - -/* AES CCM - Custom test vector 5 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_192_inv_c22) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "89b683088b1c9588e1bfd295ed496144c594508be17021", - .p_key = "11fb305afb2d32be292f90033763ab46fe8589bec3a8995c", - .p_ad = "0001020304050607", - .p_nonce = "0dde69f96145d07925e0bafcc0", - .p_mac = "e2e7c52772fd89a7" -}; - -/* AES CCM - Custom test vector 6 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_192_inv_c23) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "89b683088b1c9588e1bfd295ed496144c594508be17021", - .p_key = "01fb305afb2d32be292f90033763ab46fe8589bec3a8995c", - .p_ad = "0001020304050607", - .p_nonce = "1dde69f96145d07925e0bafcc0", - .p_mac = "e2e7c52772fd89a7" -}; - -/* AES CCM - Custom test vector 7 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_192_inv_c24) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "89b683088b1c9588e1bfd295ed496144c594508be17021", - .p_key = "01fb305afb2d32be292f90033763ab46fe8589bec3a8995c", - .p_ad = "0001020304050607", - .p_nonce = "1dde69f96145d07925e0bafcc0", - .p_mac = "e2e7c52772fd89a7" -}; - -/* AES CCM - Custom test vector 8 */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_192_c8) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CCM 192 message_len=250 ad_len=8 mac_len=8"), - .p_plaintext = - "e96325847ce207c2bf6638a52634075139998888fa0ca1501a4b57ee0767210f1fee06" - "5b7ed1e4005fe1c3ec482b2d3cad3d8461d4ab2ba1c73cbe2c65ac8b1e61be3f052eca" - "df671a3f58601ec0f1ac95367dae85601449f434b9d10757a613784a229aa14bebe6ed" - "07579ec0a513ce7ce799d1e6cd468613f0d3f42e6162680b28f13aeb82657293442445" - "9137bd3aabec437bf4fdff007d2675d7fd2195280da092eb1b3549e5457e065cc47349" - "f2c3013b8a4a1938b05c033b2a5b6b477be39b415f4f50beac41f817783bda28f24bab" - "3c8095e1b01e48ce4271cd2a323d1d8c100bb9856f75f63bdee34510de01e32efc0b12" - "e980e9161a", - .p_ciphertext = - "cb0bf54c813d8565f18b38c36ccfe0ce12e2105229a0ee76219e8b1e84beac3bbfdde2" - "c04ee870b78d519d696f3b7e0fc7365448dababae43fa3a15578c5ef5d670a310b4920" - "75dccef10afb36abe74f58d3c884127119e7924f007b0d3f6a4582774567b9a15e647a" - "1845ffdaaec4933c1c44f7f2c0abdafcff9be04b12f9dbcf64fb34477ac2b40cf9144b" - "b0602a65773dda5f4a90da33904cbcb675590595fc9eeae690aa16f18f52b75e42f4f1" - "481868934b47df8b6521fdf04fa770c92b8e836b5fba653853ebe6429e9f31f65ede4e" - "bde133fca9fb0130951db79c0441664ea8293abbbdc6ab20ebd78458be42beb72f1dc4" - "4aaf7f7b36", - .p_key = "db14cb8ad97209986d73e45d23bff3a1546f9e2108370780", - .p_ad = "4bf9a35147f3b430", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "b90db57cea414f03" -}; - -/* AES CCM - Custom test vector 9 */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_192_c9) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM 192 message_len=16 ad_len=250 mac_len=8 nonce_len=13"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "2a61dac3f1d28ca85efc12755eeef188336282c1cfb151", - .p_key = "db14cb8ad97209986d73e45d23bff3a1546f9e2108370780", - .p_ad = "0ee0089ec32c7cfa036bd1ab9c23b98cd5d166214d61c719688c6a0ecff705da47" - "ac179cae7eaa3b638ab022a6669729fe47f24679e78488125d989cc7d1bbd8b472" - "b04678b45adde4cca92cd91c4e214257243b163eca04bf643e9df6f7c5bf55aa91" - "bc348154b5c3e9529a56fed8b04e0726b6de3ecc43f499108933e07297bdfcd4d8" - "df2aa9af908083aeccc5c23fe9efbbf5fa9a27ea2923d36188197c87c955fcc5f7" - "e0ebff4b01ebf008a5c93dab12ddfbf65f4225e5a3dfd44e36dbc3ba7891fce514" - "d127e5eb8adb939670b4c5643c46425c614546b90cf0d720203bef4a12ff2d7666" - "23c92e134420e3b423b526598f32e8884843bc", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "800cace2bac521f8" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt0) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM 192 Encrypt message_len=0 ad_len=0 mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "9d4b7f3b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c", - .p_ad = "", - .p_nonce = "3796cf51b87266", - .p_mac = "80745de9" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c", - .p_ad = "", - .p_nonce = "89ca5a64050f9f", - .p_mac = "2f6fa823" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 15 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt15) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "17223038fa99d53681ca1beabe78d1b4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 16 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt16) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "3796cf51b87266", - .p_mac = "d0e1eeef4d2a264536bb1c2c1bde7c35" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 17 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt17) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "89ca5a64050f9f", - .p_mac = "81d587f8673fd514c23172af7fb7523d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 30 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt30) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "fe69ed84" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 31 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt31) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "a16a2e741f1cd9717285b6d882", - .p_mac = "db7ffc82" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 32 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt32) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "368f3b8180fd4b851b7b272cb1", - .p_mac = "7a677329" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 45 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt45) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "0c66a8e547ed4f8c2c9a9a1eb5d455b9" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 46 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt46) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "a16a2e741f1cd9717285b6d882", - .p_mac = "38757b3a61a4dc97ca3ab88bf1240695" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 47 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt47) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "368f3b8180fd4b851b7b272cb1", - .p_mac = "11875da4445d92391d0fab5f3625497b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 60 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt60) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "411986d04d6463100bff03f7d0bde7ea2c3488784378138c", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "ddc93a54" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 61 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt61) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "32b649ab56162e55d4148a1292d6a225a988eb1308298273", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "31f8fa25827d48", - .p_mac = "b6889036" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 62 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt62) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "a963c3568ab413b174cd95cc1e3ca61ee181292bebdb2817", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "5340ed7752c9ff", - .p_mac = "9b4de35f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 75 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt75) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8", - .p_key = "197afb02ffbd8f699dacae87094d524324576b99844f75e1", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "c5a5ebecf7ac8607fe412189e83d9d20" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 76 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt76) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6", - .p_key = "197afb02ffbd8f699dacae87094d524324576b99844f75e1", - .p_ad = "", - .p_nonce = "31f8fa25827d48", - .p_mac = "e699f15f14d34dcaf9ba8ed4b877c97d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 77 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt77) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "93012c0a5f6f1025b8c4a5d897d3eea0b1c77be8000c9e59", - .p_key = "197afb02ffbd8f699dacae87094d524324576b99844f75e1", - .p_ad = "", - .p_nonce = "5340ed7752c9ff", - .p_mac = "f3b8899459788c58794f177cfd838f35" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 120 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt120) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe48297e03956f6083e451", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "1d089a5f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 121 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt121) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe48297e03956f6083e451", - .p_ad = "a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe", - .p_nonce = "a265480ca88d5f", - .p_mac = "2f46022a" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 122 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt122) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe48297e03956f6083e451", - .p_ad = "2bed1ec06c1ca149d9ffbaf048c474ea2de000eb7950f18d6c25acf6ab3f19b5", - .p_nonce = "87ec7423f1ebfc", - .p_mac = "67dc4693" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 135 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt135) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "5280a2137fee3deefcfe9b63a1199fb3" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 136 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt136) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2", - .p_ad = "a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe", - .p_nonce = "a265480ca88d5f", - .p_mac = "d40a7318c5f2d82f838c0beeefe0d598" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 137 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt137) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2", - .p_ad = "2bed1ec06c1ca149d9ffbaf048c474ea2de000eb7950f18d6c25acf6ab3f19b5", - .p_nonce = "87ec7423f1ebfc", - .p_mac = "7551978bc9592bf9e294b4984c5862bb" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 180 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt180) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "9f6ca4af9b159148c889a6584d1183ea26e2614874b05045", - .p_key = "f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "75dea8d1" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 181 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt181) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb", - .p_key = "f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4", - .p_ad = "5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e", - .p_nonce = "fdd2d6f503c915", - .p_mac = "d7965825" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 182 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt182) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "5f60a8f867a33b2077ecc69863b295c3c6aeae7d7cade7f8", - .p_key = "f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4", - .p_ad = "f6468542923be79b4b06dfe70920d57d1da73a9c16f9c9a12d810d7de0d12467", - .p_nonce = "27d73d58100054", - .p_mac = "f7f796fe" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 195 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt195) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "4d1d980d6fe0fb44b421992662b97975" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 196 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt196) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e", - .p_nonce = "fdd2d6f503c915", - .p_mac = "3c51d36c826f01384100886198a7f6a3" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 197 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt197) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "86a02bdd6ae733eee26f8eab898b336105978b5bbd6df781", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "f6468542923be79b4b06dfe70920d57d1da73a9c16f9c9a12d810d7de0d12467", - .p_nonce = "27d73d58100054", - .p_mac = "758a111aae4f735b7dd4d9802f2a8406" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 210 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt210) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "c25e9fce" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 211 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt211) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10", - .p_nonce = "0812757ad0cc4d17c4cfe7a642", - .p_mac = "8ecedb3e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 192 - Count 212 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_encrypt212) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "7075da2291e2cb527eb926ed08d8020c5f8f0f2d4a6a4745", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "0923b927b8295c5dfaf67da55e5014293bc8c708fda50af06c1e8aef31cccc86", - .p_nonce = "eff510acc1b85f35029cf7dc00", - .p_mac = "728da544" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt0) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME( - "CCM 192 Decrypt message_len=0 ad_len=0 mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "9d4b7f3b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c", - .p_ad = "", - .p_nonce = "3796cf51b87266", - .p_mac = "80745de9" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c", - .p_ad = "", - .p_nonce = "89ca5a64050f9f", - .p_mac = "2f6fa823" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 15 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt15) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "17223038fa99d53681ca1beabe78d1b4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 16 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt16) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "3796cf51b87266", - .p_mac = "d0e1eeef4d2a264536bb1c2c1bde7c35" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 17 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt17) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "89ca5a64050f9f", - .p_mac = "81d587f8673fd514c23172af7fb7523d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 30 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt30) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "fe69ed84" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 31 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt31) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "a16a2e741f1cd9717285b6d882", - .p_mac = "db7ffc82" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 32 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt32) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65", - .p_ad = "", - .p_nonce = "368f3b8180fd4b851b7b272cb1", - .p_mac = "7a677329" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 45 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt45) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "0c66a8e547ed4f8c2c9a9a1eb5d455b9" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 46 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt46) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "a16a2e741f1cd9717285b6d882", - .p_mac = "38757b3a61a4dc97ca3ab88bf1240695" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 47 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt47) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "368f3b8180fd4b851b7b272cb1", - .p_mac = "11875da4445d92391d0fab5f3625497b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 60 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt60) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "411986d04d6463100bff03f7d0bde7ea2c3488784378138c", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "ddc93a54" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 61 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt61) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "32b649ab56162e55d4148a1292d6a225a988eb1308298273", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "31f8fa25827d48", - .p_mac = "b6889036" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 62 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt62) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "a963c3568ab413b174cd95cc1e3ca61ee181292bebdb2817", - .p_key = "19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa", - .p_ad = "", - .p_nonce = "5340ed7752c9ff", - .p_mac = "9b4de35f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 75 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt75) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8", - .p_key = "197afb02ffbd8f699dacae87094d524324576b99844f75e1", - .p_ad = "", - .p_nonce = "5a8aa485c316e9", - .p_mac = "c5a5ebecf7ac8607fe412189e83d9d20" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 76 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt76) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6", - .p_key = "197afb02ffbd8f699dacae87094d524324576b99844f75e1", - .p_ad = "", - .p_nonce = "31f8fa25827d48", - .p_mac = "e699f15f14d34dcaf9ba8ed4b877c97d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 77 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt77) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22", - .p_ciphertext = "93012c0a5f6f1025b8c4a5d897d3eea0b1c77be8000c9e59", - .p_key = "197afb02ffbd8f699dacae87094d524324576b99844f75e1", - .p_ad = "", - .p_nonce = "5340ed7752c9ff", - .p_mac = "f3b8899459788c58794f177cfd838f35" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 120 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt120) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe48297e03956f6083e451", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "1d089a5f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 121 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt121) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe48297e03956f6083e451", - .p_ad = "a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe", - .p_nonce = "a265480ca88d5f", - .p_mac = "2f46022a" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 122 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt122) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "90929a4b0ac65b350ad1591611fe48297e03956f6083e451", - .p_ad = "2bed1ec06c1ca149d9ffbaf048c474ea2de000eb7950f18d6c25acf6ab3f19b5", - .p_nonce = "87ec7423f1ebfc", - .p_mac = "67dc4693" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 135 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt135) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "5280a2137fee3deefcfe9b63a1199fb3" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 136 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt136) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2", - .p_ad = "a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe", - .p_nonce = "a265480ca88d5f", - .p_mac = "d40a7318c5f2d82f838c0beeefe0d598" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 137 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt137) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2", - .p_ad = "2bed1ec06c1ca149d9ffbaf048c474ea2de000eb7950f18d6c25acf6ab3f19b5", - .p_nonce = "87ec7423f1ebfc", - .p_mac = "7551978bc9592bf9e294b4984c5862bb" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 180 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt180) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "9f6ca4af9b159148c889a6584d1183ea26e2614874b05045", - .p_key = "f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "75dea8d1" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 181 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt181) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb", - .p_key = "f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4", - .p_ad = "5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e", - .p_nonce = "fdd2d6f503c915", - .p_mac = "d7965825" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 182 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt182) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "5f60a8f867a33b2077ecc69863b295c3c6aeae7d7cade7f8", - .p_key = "f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4", - .p_ad = "f6468542923be79b4b06dfe70920d57d1da73a9c16f9c9a12d810d7de0d12467", - .p_nonce = "27d73d58100054", - .p_mac = "f7f796fe" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 195 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt195) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c", - .p_nonce = "5a8aa485c316e9", - .p_mac = "4d1d980d6fe0fb44b421992662b97975" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 196 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt196) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e", - .p_nonce = "fdd2d6f503c915", - .p_mac = "3c51d36c826f01384100886198a7f6a3" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 197 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt197) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "a265480ca88d5f536db0dc6abc40faf0d05be7a966977768", - .p_ciphertext = "86a02bdd6ae733eee26f8eab898b336105978b5bbd6df781", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "f6468542923be79b4b06dfe70920d57d1da73a9c16f9c9a12d810d7de0d12467", - .p_nonce = "27d73d58100054", - .p_mac = "758a111aae4f735b7dd4d9802f2a8406" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 210 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt210) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982", - .p_nonce = "5a8aa485c316e9403aff859fbb", - .p_mac = "c25e9fce" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 211 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt211) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10", - .p_nonce = "0812757ad0cc4d17c4cfe7a642", - .p_mac = "8ecedb3e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 192 - Count 212 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_192_decrypt212) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 192 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5", - .p_ciphertext = "7075da2291e2cb527eb926ed08d8020c5f8f0f2d4a6a4745", - .p_key = "a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d", - .p_ad = "0923b927b8295c5dfaf67da55e5014293bc8c708fda50af06c1e8aef31cccc86", - .p_nonce = "eff510acc1b85f35029cf7dc00", - .p_mac = "728da544" -}; - -/* AES CCM - Custom test vector 1 - Invalid behavior test for AES plaintext and AD. */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_256_inv_c18) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 message_len=0 ad_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "4a44110f37e0f8761aa1adc2eeae1c741568036b7eb3b3b8a7ae8ea41a353f5b", - .p_ad = "", - .p_nonce = "c34791ac7cc811e6d6642a7274", - .p_mac = "16b4db7258906488" -}; - -/* AES CCM - Custom test vector 2 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_256_inv_c19) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt Invalid ciphertext"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "c7877d560c6f604032ff9a67b99a8ca3697a76ee40bc73", - .p_key = - "4a44110f37e0f8761aa1adc2eeae1c741568036b7eb3b3b8a7ae8ea41a353f5b", - .p_ad = "0001020304050607", - .p_nonce = "c34791ac7cc811e6d6642a7274", - .p_mac = "b9f4e4d93b978141" -}; - -/* AES CCM - Custom test vector 3 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_256_inv_c20) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = - EXPECTED_TO_FAIL, /* Generated plaintext will be incorrect. */ - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt Invalid MAC"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "b7877d560c6f604032ff9a67b99a8ca3697a76ee40bc73", - .p_key = - "4a44110f37e0f8761aa1adc2eeae1c741568036b7eb3b3b8a7ae8ea41a353f5b", - .p_ad = "0001020304050607", - .p_nonce = "c34791ac7cc811e6d6642a7274", - .p_mac = "c9f4e4d93b978141" -}; - -/* AES CCM - Custom test vector 4 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_256_inv_c21) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "b7877d560c6f604032ff9a67b99a8ca3697a76ee40bc73", - .p_key = - "5a44110f37e0f8761aa1adc2eeae1c741568036b7eb3b3b8a7ae8ea41a353f5b", - .p_ad = "0001020304050607", - .p_nonce = "c34791ac7cc811e6d6642a7274", - .p_mac = "b9f4e4d93b978141" -}; - -/* AES CCM - Custom test vector 5 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_256_inv_c22) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "b7877d560c6f604032ff9a67b99a8ca3697a76ee40bc73", - .p_key = - "5a44110f37e0f8761aa1adc2eeae1c741568036b7eb3b3b8a7ae8ea41a353f5b", - .p_ad = "0001020304050607", - .p_nonce = "c34791ac7cc811e6d6642a7274", - .p_mac = "b9f4e4d93b978141" -}; - -/* AES CCM - Custom test vector 6 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_256_inv_c23) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "b7877d560c6f604032ff9a67b99a8ca3697a76ee40bc73", - .p_key = - "4a44110f37e0f8761aa1adc2eeae1c741568036b7eb3b3b8a7ae8ea41a353f5b", - .p_ad = "0001020304050607", - .p_nonce = "d34791ac7cc811e6d6642a7274", - .p_mac = "b9f4e4d93b978141" -}; - -/* AES CCM - Custom test vector 7 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_ccm_256_inv_c24) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "b7877d560c6f604032ff9a67b99a8ca3697a76ee40bc73", - .p_key = - "4a44110f37e0f8761aa1adc2eeae1c741568036b7eb3b3b8a7ae8ea41a353f5b", - .p_ad = "0001020304050607", - .p_nonce = "d34791ac7cc811e6d6642a7274", - .p_mac = "b9f4e4d93b978141" -}; - -/* AES CCM - Custom test vector 8 */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_256_c8) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CCM 256 message_len=250 ad_len=8 mac_len=8"), - .p_plaintext = - "e96325847ce207c2bf6638a52634075139998888fa0ca1501a4b57ee0767210f1fee06" - "5b7ed1e4005fe1c3ec482b2d3cad3d8461d4ab2ba1c73cbe2c65ac8b1e61be3f052eca" - "df671a3f58601ec0f1ac95367dae85601449f434b9d10757a613784a229aa14bebe6ed" - "07579ec0a513ce7ce799d1e6cd468613f0d3f42e6162680b28f13aeb82657293442445" - "9137bd3aabec437bf4fdff007d2675d7fd2195280da092eb1b3549e5457e065cc47349" - "f2c3013b8a4a1938b05c033b2a5b6b477be39b415f4f50beac41f817783bda28f24bab" - "3c8095e1b01e48ce4271cd2a323d1d8c100bb9856f75f63bdee34510de01e32efc0b12" - "e980e9161a", - .p_ciphertext = - "9149b2ed37d55b4624bbffc5cefdd81e4def4846e37b36145a9ee65fd5ab6d5257cf45" - "b9e820d398e2eca51187edf2fedc77f261ef7c9ce9ba32dfcb512dc7d5b02e8cea52a0" - "5fbe67494305e5db19d522a3654f368f916c249c0d969b04532c1b07cba06274b031c8" - "b99127c01b8743c2c0edc199805059942bc29fa2c0fc2a038714bee5e59c3f0e7fd5fb" - "ceaedd06e3d8eb464cf13a4897a57d1898578ac743263ab3c75ba456f0f5a39d874d36" - "9060c316c931901714451715648459a4b171fe3ab6092a06da3a4d34c6cf8311dc2727" - "6d6093a886a3cb05259f7e2cb11f73d4eb8c567a9867111c8f49a8a172bc8bc4f1df41" - "80ed1a2db0", - .p_key = - "b64736f19c3e10324637ccb90c4558170a0dc151a2d9769c686438e55fb78e7e", - .p_ad = "4bf9a35147f3b430", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "a74563df99af87f2" -}; - -/* AES CCM - Custom test vector 9 */ -ITEM_REGISTER(test_vector_aead_ccm_data, - test_vector_aead_t test_vector_aes_ccm_256_c9) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM 256 message_len=16 ad_len=250 mac_len=8 nonce_len=13"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "70239d62473a528b8bccd573fcdcc9586c6fdad5056a89", - .p_key = - "b64736f19c3e10324637ccb90c4558170a0dc151a2d9769c686438e55fb78e7e", - .p_ad = "0ee0089ec32c7cfa036bd1ab9c23b98cd5d166214d61c719688c6a0ecff705da47" - "ac179cae7eaa3b638ab022a6669729fe47f24679e78488125d989cc7d1bbd8b472" - "b04678b45adde4cca92cd91c4e214257243b163eca04bf643e9df6f7c5bf55aa91" - "bc348154b5c3e9529a56fed8b04e0726b6de3ecc43f499108933e07297bdfcd4d8" - "df2aa9af908083aeccc5c23fe9efbbf5fa9a27ea2923d36188197c87c955fcc5f7" - "e0ebff4b01ebf008a5c93dab12ddfbf65f4225e5a3dfd44e36dbc3ba7891fce514" - "d127e5eb8adb939670b4c5643c46425c614546b90cf0d720203bef4a12ff2d7666" - "23c92e134420e3b423b526598f32e8884843bc", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "515280d5ec0db1c4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt0) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "CCM 256 Encrypt message_len=0 ad_len=0 mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6", - .p_ad = "", - .p_nonce = "a544218dadd3c1", - .p_mac = "469c90bb" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6", - .p_ad = "", - .p_nonce = "d3d5424e20fbec", - .p_mac = "46a908ed" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6", - .p_ad = "", - .p_nonce = "e776620a3bd961", - .p_mac = "fdd35c4d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 15 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt15) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "a544218dadd3c1", - .p_mac = "8207eb14d33855a52acceed17dbcbf6e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 16 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt16) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "d3d5424e20fbec", - .p_mac = "60f8e127cb4d30db6df0622158cd931d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 17 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt17) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "e776620a3bd961", - .p_mac = "4239f29871651e9a26b8b06ffc5b3748" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 30 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt30) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "a544218dadd3c10583db49cf39", - .p_mac = "8a19a133" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 31 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt31) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "3c0e2815d37d844f7ac240ba9d", - .p_mac = "2e317f1b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 32 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt32) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "75549e7e5657e5fe19872fcee0", - .p_mac = "979bdcfe" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 45 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt45) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "a544218dadd3c10583db49cf39", - .p_mac = "97e1a8dd4259ccd2e431e057b0397fcf" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 46 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt46) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "3c0e2815d37d844f7ac240ba9d", - .p_mac = "5a9596c511ea6a8671adefc4f2157d8b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 47 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt47) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "75549e7e5657e5fe19872fcee0", - .p_mac = "66f5c53efbc74fa02dedc303fd95133a" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 60 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt60) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "a544218dadd3c1", - .p_mac = "22aa8d59" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 61 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt61) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "bfcda8b5a2d0d2", - .p_mac = "77d00a75" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 62 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt62) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "bf432e246b7fa4aff8b3ada738432b51f6872ed92284db9d", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "6bae7f35c56b27", - .p_mac = "28588021" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 75 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt75) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd", - .p_key = - "f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453", - .p_ad = "", - .p_nonce = "a544218dadd3c1", - .p_mac = "374f3bb6db8377ebfc79674858c4f305" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 76 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt76) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "afa1fa8e8a70e26b02161150556d604101fdf423f332c336", - .p_key = - "f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453", - .p_ad = "", - .p_nonce = "bfcda8b5a2d0d2", - .p_mac = "3275f2a4907d51b734fe7238cebbd48f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 77 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt77) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "72bc8ef21a847047091b673ccf231d35ecf6f4049741703b", - .p_key = - "f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453", - .p_ad = "", - .p_nonce = "6bae7f35c56b27", - .p_mac = "e672f1f22cbe4a5305f19aaa6967237b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 120 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt120) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4", - .p_ad = "d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab", - .p_nonce = "a544218dadd3c1", - .p_mac = "92d00fbe" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 121 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt121) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4", - .p_ad = "232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc", - .p_nonce = "78c46e3249ca28", - .p_mac = "9143e5c4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 122 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt122) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4", - .p_ad = "0d40324aa758dbbb5391b5e6edb8a2310c94a4ae51d4fba8a7458d7cc8488baa", - .p_nonce = "c18d9e7971e2ae", - .p_mac = "54337466" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 135 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt135) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088", - .p_ad = "d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab", - .p_nonce = "a544218dadd3c1", - .p_mac = "93af11a08379eb37a16aa2837f09d69d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 136 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt136) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088", - .p_ad = "232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc", - .p_nonce = "78c46e3249ca28", - .p_mac = "d19b0c14ec686a7961ca7c386d125a65" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 137 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt137) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088", - .p_ad = "0d40324aa758dbbb5391b5e6edb8a2310c94a4ae51d4fba8a7458d7cc8488baa", - .p_nonce = "c18d9e7971e2ae", - .p_mac = "02ea916d60e2ceec6d9dc9b1185569b3" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 180 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt180) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608", - .p_key = - "8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a", - .p_ad = "d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab", - .p_nonce = "a544218dadd3c1", - .p_mac = "3ebc7720" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 181 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt181) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81", - .p_key = - "8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a", - .p_ad = "5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b", - .p_nonce = "6ba004fd176791", - .p_mac = "c44db2c9" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 182 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt182) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "1d670ccf3e9ba59186c48da2e5bd0ab21973eee2ea2985bf", - .p_key = - "8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a", - .p_ad = "8f01a61eb17366d4e70942ab69b4f4bcf8ff6a97f5972ee5780a264c9dcf7d93", - .p_nonce = "45c5c284836414", - .p_mac = "83a09067" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 195 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt195) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab", - .p_nonce = "a544218dadd3c1", - .p_mac = "1ac68bd42f5ec7fa7e068cc0ecd79c2a" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 196 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt196) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "d543acda712b898cbb27b8f598b2e4438ce587a836e27851", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b", - .p_nonce = "6ba004fd176791", - .p_mac = "47c3338a2400809e739b63ba8227d2f9" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 197 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt197) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "39a8af5c976b995ea8049e55b68bc65503592ab009156386", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "8f01a61eb17366d4e70942ab69b4f4bcf8ff6a97f5972ee5780a264c9dcf7d93", - .p_nonce = "45c5c284836414", - .p_mac = "46288ce9dd1c7088c752e35947fdca98" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 210 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt210) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3", - .p_ciphertext = "c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907", - .p_nonce = "a544218dadd3c10583db49cf39", - .p_mac = "ef891339" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 211 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt211) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3", - .p_ciphertext = "60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800", - .p_nonce = "8fa501c5dd9ac9b868144c9fa5", - .p_mac = "3d488623" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Encrypt with keysize 256 - Count 212 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_encrypt212) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Encrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3", - .p_ciphertext = "81d7859dcbe51dcc94fe2591cd3b0540003d49a8c4dccbf4", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "07203674260208d5bd4d39506836f7e76ffc58e938799f21aff7bb4dea4410d2", - .p_nonce = "9bc0d1502a47e46350fe8667ca", - .p_mac = "527e5ed0" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt0) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME( - "CCM 256 Decrypt message_len=0 ad_len=0 mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6", - .p_ad = "", - .p_nonce = "a544218dadd3c1", - .p_mac = "469c90bb" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt1) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6", - .p_ad = "", - .p_nonce = "d3d5424e20fbec", - .p_mac = "46a908ed" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt2) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6", - .p_ad = "", - .p_nonce = "e776620a3bd961", - .p_mac = "fdd35c4d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 15 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt15) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "a544218dadd3c1", - .p_mac = "8207eb14d33855a52acceed17dbcbf6e" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 16 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt16) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "d3d5424e20fbec", - .p_mac = "60f8e127cb4d30db6df0622158cd931d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 17 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt17) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "e776620a3bd961", - .p_mac = "4239f29871651e9a26b8b06ffc5b3748" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 30 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt30) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "a544218dadd3c10583db49cf39", - .p_mac = "8a19a133" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 31 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt31) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "3c0e2815d37d844f7ac240ba9d", - .p_mac = "2e317f1b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 32 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt32) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8", - .p_ad = "", - .p_nonce = "75549e7e5657e5fe19872fcee0", - .p_mac = "979bdcfe" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 45 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt45) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "a544218dadd3c10583db49cf39", - .p_mac = "97e1a8dd4259ccd2e431e057b0397fcf" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 46 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt46) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "3c0e2815d37d844f7ac240ba9d", - .p_mac = "5a9596c511ea6a8671adefc4f2157d8b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 47 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt47) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=13 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "75549e7e5657e5fe19872fcee0", - .p_mac = "66f5c53efbc74fa02dedc303fd95133a" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 60 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt60) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "a544218dadd3c1", - .p_mac = "22aa8d59" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 61 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt61) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "bfcda8b5a2d0d2", - .p_mac = "77d00a75" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 62 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt62) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=0 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "bf432e246b7fa4aff8b3ada738432b51f6872ed92284db9d", - .p_key = - "af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569", - .p_ad = "", - .p_nonce = "6bae7f35c56b27", - .p_mac = "28588021" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 75 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt75) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd", - .p_key = - "f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453", - .p_ad = "", - .p_nonce = "a544218dadd3c1", - .p_mac = "374f3bb6db8377ebfc79674858c4f305" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 76 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt76) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "afa1fa8e8a70e26b02161150556d604101fdf423f332c336", - .p_key = - "f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453", - .p_ad = "", - .p_nonce = "bfcda8b5a2d0d2", - .p_mac = "3275f2a4907d51b734fe7238cebbd48f" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 77 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt77) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=0 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "d3d5424e20fbec43ae495353ed830271515ab104f8860c98", - .p_ciphertext = "72bc8ef21a847047091b673ccf231d35ecf6f4049741703b", - .p_key = - "f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453", - .p_ad = "", - .p_nonce = "6bae7f35c56b27", - .p_mac = "e672f1f22cbe4a5305f19aaa6967237b" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 120 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt120) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4", - .p_ad = "d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab", - .p_nonce = "a544218dadd3c1", - .p_mac = "92d00fbe" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 121 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt121) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4", - .p_ad = "232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc", - .p_nonce = "78c46e3249ca28", - .p_mac = "9143e5c4" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 122 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt122) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4", - .p_ad = "0d40324aa758dbbb5391b5e6edb8a2310c94a4ae51d4fba8a7458d7cc8488baa", - .p_nonce = "c18d9e7971e2ae", - .p_mac = "54337466" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 135 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt135) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088", - .p_ad = "d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab", - .p_nonce = "a544218dadd3c1", - .p_mac = "93af11a08379eb37a16aa2837f09d69d" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 136 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt136) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088", - .p_ad = "232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc", - .p_nonce = "78c46e3249ca28", - .p_mac = "d19b0c14ec686a7961ca7c386d125a65" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 137 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt137) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=0 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088", - .p_ad = "0d40324aa758dbbb5391b5e6edb8a2310c94a4ae51d4fba8a7458d7cc8488baa", - .p_nonce = "c18d9e7971e2ae", - .p_mac = "02ea916d60e2ceec6d9dc9b1185569b3" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 180 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt180) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 valid 1"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608", - .p_key = - "8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a", - .p_ad = "d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab", - .p_nonce = "a544218dadd3c1", - .p_mac = "3ebc7720" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 181 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt181) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 1"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81", - .p_key = - "8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a", - .p_ad = "5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b", - .p_nonce = "6ba004fd176791", - .p_mac = "c44db2c9" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 182 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt182) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=7 invalid 2"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "1d670ccf3e9ba59186c48da2e5bd0ab21973eee2ea2985bf", - .p_key = - "8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a", - .p_ad = "8f01a61eb17366d4e70942ab69b4f4bcf8ff6a97f5972ee5780a264c9dcf7d93", - .p_nonce = "45c5c284836414", - .p_mac = "83a09067" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 195 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt195) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 valid 1"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab", - .p_nonce = "a544218dadd3c1", - .p_mac = "1ac68bd42f5ec7fa7e068cc0ecd79c2a" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 196 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt196) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 1"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "d543acda712b898cbb27b8f598b2e4438ce587a836e27851", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b", - .p_nonce = "6ba004fd176791", - .p_mac = "47c3338a2400809e739b63ba8227d2f9" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 197 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt197) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=16 nonce_len=7 invalid 2"), - .p_plaintext = "78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3", - .p_ciphertext = "39a8af5c976b995ea8049e55b68bc65503592ab009156386", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "8f01a61eb17366d4e70942ab69b4f4bcf8ff6a97f5972ee5780a264c9dcf7d93", - .p_nonce = "45c5c284836414", - .p_mac = "46288ce9dd1c7088c752e35947fdca98" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 210 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt210) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 valid 1"), - .p_plaintext = "e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3", - .p_ciphertext = "c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907", - .p_nonce = "a544218dadd3c10583db49cf39", - .p_mac = "ef891339" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 211 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt211) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 1"), - .p_plaintext = "e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3", - .p_ciphertext = "60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800", - .p_nonce = "8fa501c5dd9ac9b868144c9fa5", - .p_mac = "3d488623" -}; - -/* AES CCM - NIST CAVS 11.1 DVPT Decrypt with keysize 256 - Count 212 */ -ITEM_REGISTER(test_vector_aead_ccm_simple_data, - test_vector_aead_t test_vector_aes_aead_ccm_256_decrypt212) = { - .mode = MBEDTLS_MODE_CCM, - .id = MBEDTLS_CIPHER_ID_AES, - .ccm_star = false, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CCM 256 Decrypt message_len=24 ad_len=32 " - "mac_len=4 nonce_len=13 invalid 2"), - .p_plaintext = "e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3", - .p_ciphertext = "81d7859dcbe51dcc94fe2591cd3b0540003d49a8c4dccbf4", - .p_key = - "705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe", - .p_ad = "07203674260208d5bd4d39506836f7e76ffc58e938799f21aff7bb4dea4410d2", - .p_nonce = "9bc0d1502a47e46350fe8667ca", - .p_mac = "527e5ed0" -}; - -#endif /* CRYPTO_TEST_LARGE_VECTORS */ -#endif /* MBEDTLS_CIPHER_AES_256_CCM_C */ diff --git a/tests/crypto/test_cases/test_vectors_aead_chachapoly.c b/tests/crypto/test_cases/test_vectors_aead_chachapoly.c deleted file mode 100644 index 51a25388ad03..000000000000 --- a/tests/crypto/test_cases/test_vectors_aead_chachapoly.c +++ /dev/null @@ -1,225 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include -#include "common_test.h" - -/**@brief ChaCHa Poly test vectors can be found in RFC 7539 document. - * - * https://tools.ietf.org/html/rfc7539 -*/ - -/* Multiple used ChaCha Poly test vectors. */ -const char chachapoly_plain_114[] = { - "4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f6620" - "2739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e65207469" - "7020666f7220746865206675747572652c2073756e73637265656e20776f756c6420626520" - "69742e" -}; -const char chachapoly_cipher_114[] = { - "d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8c" - "a9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803" - "aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec6" - "4b6116" -}; -const char chachapoly_key[] = { - "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f" -}; -const char chachapoly_ad[] = { "50515253c0c1c2c3c4c5c6c7" }; -const char chachapoly_nonce[] = { "070000004041424344454647" }; -const char chachapoly_mac[] = { "1ae10b594f09e26a7e902ecbd0600691" }; -const char chachapoly_invalid_key[] = { - "908182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f" -}; -const char chachapoly_invalid_mac[] = { "2ae10b594f09e26a7e902ecbd0600691" }; - -/* ChaCha Poly - RFC 7539 - section A.5 */ -ITEM_REGISTER(test_vector_aead_chachapoly_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_full_1) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly message_len=265 ad_len=12"), - .p_plaintext = - "496e7465726e65742d4472616674732061726520647261667420646f63756d656e7473" - "2076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320" - "616e64206d617920626520757064617465642c207265706c616365642c206f72206f62" - "736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074" - "696d652e20497420697320696e617070726f70726961746520746f2075736520496e74" - "65726e65742d447261667473206173207265666572656e6365206d6174657269616c20" - "6f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c77" - "6f726b20696e2070726f67726573732e2fe2809d", - .p_ciphertext = - "64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc" - "18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b" - "97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c1" - "86324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216" - "cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc54" - "6a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb" - "4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2e" - "da04df997b714d6c6f2c29a6ad5cb4022b02709b", - .p_key = - "1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0", - .p_ad = "f33388860000000000004e91", - .p_nonce = "000000000102030405060708", - .p_mac = "eead9d67890cbb22392336fea1851f38" -}; - -/* ChaCha Poly - RFC 7539 - section 2.8.2 */ -ITEM_REGISTER(test_vector_aead_chachapoly_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_full_2) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly message_len=114 ad_len=12"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_key, - .p_ad = chachapoly_ad, - .p_nonce = chachapoly_nonce, - .p_mac = chachapoly_mac -}; - -/* ChaCha Poly - Based on RFC 7539 - section 2.8.2 */ -/* Update: See RFC 7539 2.8. Quote concerning lengths: "Arbitrary length additional authenticated data (AAD)" */ -/* Therefore this should be expected to be valid, not invalid. */ -ITEM_REGISTER(test_vector_aead_chachapoly_simple_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_ad0_valid) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly Valid ad_len=0"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_key, - .p_ad = "", - .p_nonce = chachapoly_nonce, - .p_mac = chachapoly_mac -}; - -/* ChaCha Poly - Based on RFC 7539 - section 2.8.2 */ -ITEM_REGISTER(test_vector_aead_chachapoly_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_inv_nonce) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly Invalid nonce_len=12"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_key, - .p_ad = chachapoly_ad, - .p_nonce = "0000000001020304050607", - .p_mac = chachapoly_mac -}; - -/* ChaCha Poly - Based on RFC 7539 - section 2.8.2 */ -ITEM_REGISTER(test_vector_aead_chachapoly_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_inv_mac_len) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly Invalid mac_len=15"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_key, - .p_ad = chachapoly_ad, - .p_nonce = chachapoly_nonce, - .p_mac = "1ae10b594f09e26a7e902ecbd06006" -}; - -/* ChaCha Poly - Based on RFC 7539 - section 2.8.2 */ -ITEM_REGISTER( - test_vector_aead_chachapoly_simple_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_inv_key_encrypt) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly Encrypt Invalid key"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_invalid_key, - .p_ad = chachapoly_ad, - .p_nonce = chachapoly_nonce, - .p_mac = chachapoly_mac -}; - -/* ChaCha Poly - Based on RFC 7539 - section 2.8.2 */ -ITEM_REGISTER( - test_vector_aead_chachapoly_simple_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_inv_key_decrypt) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly Decrypt Invalid key"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_invalid_key, - .p_ad = chachapoly_ad, - .p_nonce = chachapoly_nonce, - .p_mac = chachapoly_mac -}; - -/* ChaCha Poly - Based on RFC 7539 - section 2.8.2 */ -ITEM_REGISTER( - test_vector_aead_chachapoly_simple_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_inv_mac_encrypt) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly Encrypt Invalid mac"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_key, - .p_ad = chachapoly_ad, - .p_nonce = chachapoly_nonce, - .p_mac = chachapoly_invalid_mac -}; - -/* ChaCha Poly - Based on RFC 7539 - section 2.8.2 */ -ITEM_REGISTER( - test_vector_aead_chachapoly_simple_data, - test_vector_aead_t test_vector_aes_aead_chachapoly_inv_mac_decrypt) = { - .mode = MBEDTLS_MODE_CHACHAPOLY, - .id = MBEDTLS_CIPHER_ID_CHACHA20, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ChaChaPoly Decrypt Invalid mac"), - .p_plaintext = chachapoly_plain_114, - .p_ciphertext = chachapoly_cipher_114, - .p_key = chachapoly_key, - .p_ad = chachapoly_ad, - .p_nonce = chachapoly_nonce, - .p_mac = chachapoly_invalid_mac -}; diff --git a/tests/crypto/test_cases/test_vectors_aead_gcm.c b/tests/crypto/test_cases/test_vectors_aead_gcm.c deleted file mode 100644 index 16e338a16d6b..000000000000 --- a/tests/crypto/test_cases/test_vectors_aead_gcm.c +++ /dev/null @@ -1,2788 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief GCM test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov - * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - */ - -/* AES GCM - Custom test vector 1 - Invalid behavior test for AES plaintext and AD. */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_128_inv_c1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 message_len=0 ad_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "61e84f784ac1975b" -}; - -/* AES GCM - Custom test vector 2 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_128_inv_c2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt Invalid ciphertext"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "fbcd7ef1f0c1f41c7187ec6bd407c3f3322c5b3a783b14", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "ca4deff6d149528c" -}; - -/* AES GCM - Custom test vector 3 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_128_inv_c3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = - EXPECTED_TO_FAIL, /* Generated plaintext will be incorrect. */ - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt Invalid MAC"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "ebcd7ef1f0c1f41c7187ec6bd407c3f3322c5b3a783b14", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "da4deff6d149528c" -}; - -/* AES GCM - Custom test vector 4 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_128_inv_c4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "ebcd7ef1f0c1f41c7187ec6bd407c3f3322c5b3a783b14", - .p_key = "e0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "ca4deff6d149528c" -}; - -/* AES GCM - Custom test vector 5 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_128_inv_c5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "ebcd7ef1f0c1f41c7187ec6bd407c3f3322c5b3a783b14", - .p_key = "e0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "ca4deff6d149528c" -}; - -/* AES GCM - Custom test vector 6 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_128_inv_c6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "ebcd7ef1f0c1f41c7187ec6bd407c3f3322c5b3a783b14", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "53925318850a09c9fb23247cbd", - .p_mac = "ca4deff6d149528c" -}; - -/* AES GCM - Custom test vector 7 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_128_inv_c7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "ebcd7ef1f0c1f41c7187ec6bd407c3f3322c5b3a783b14", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "53925318850a09c9fb23247cbd", - .p_mac = "ca4deff6d149528c" -}; - -/* AES GCM - Custom test vector 8 */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_128_c8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "GCM 128 message_len=250 ad_len=8 mac_len=8 nonce_len=13"), - .p_plaintext = - "e96325847ce207c2bf6638a52634075139998888fa0ca1501a4b57ee0767210f1fee06" - "5b7ed1e4005fe1c3ec482b2d3cad3d8461d4ab2ba1c73cbe2c65ac8b1e61be3f052eca" - "df671a3f58601ec0f1ac95367dae85601449f434b9d10757a613784a229aa14bebe6ed" - "07579ec0a513ce7ce799d1e6cd468613f0d3f42e6162680b28f13aeb82657293442445" - "9137bd3aabec437bf4fdff007d2675d7fd2195280da092eb1b3549e5457e065cc47349" - "f2c3013b8a4a1938b05c033b2a5b6b477be39b415f4f50beac41f817783bda28f24bab" - "3c8095e1b01e48ce4271cd2a323d1d8c100bb9856f75f63bdee34510de01e32efc0b12" - "e980e9161a", - .p_ciphertext = - "0aa7517e802efdd1def0c6dde626d2b513acc9a99e2aab368c9a470281487a5dbdfbd3" - "f44678144cda5f28a0c219424ff62068c3f6fa95e003c16459b8638df90f07250c4b7d" - "2a2d45ae0337498688b7aed64489e6263df3933eb587eba90f382daf07915407d5a55d" - "663437bd72dc7e6609329353c2dd8ccb21446500c2d04440af55eb0671effd3c51881e" - "3b71997e340c470ca3366ae8f05617785eecf735b38520f176f789e1511b52282666e3" - "e44372ef571d6b55c64f1fea7f528a5f1ca3d53710be9bad15968a6da93d2c77cbc900" - "2ba3b343d3fdefd9f753f4fcb595242079ae83a6cb13d4a3d012d291f9faa6a08007d1" - "7fca800a8d", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0001020304050607", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "7f53de1354ffae14" -}; - -/* AES GCM - Custom test vector 9 */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_128_c9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "GCM 128 message_len=16 ad_len=250 mac_len=8 nonce_len=13"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "ebcd7ef1f0c1f41c7187ec6bd407c3f3322c5b3a783b14", - .p_key = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf", - .p_ad = "0ee0089ec32c7cfa036bd1ab9c23b98cd5d166214d61c719688c6a0ecff705da47" - "ac179cae7eaa3b638ab022a6669729fe47f24679e78488125d989cc7d1bbd8b472" - "b04678b45adde4cca92cd91c4e214257243b163eca04bf643e9df6f7c5bf55aa91" - "bc348154b5c3e9529a56fed8b04e0726b6de3ecc43f499108933e07297bdfcd4d8" - "df2aa9af908083aeccc5c23fe9efbbf5fa9a27ea2923d36188197c87c955fcc5f7" - "e0ebff4b01ebf008a5c93dab12ddfbf65f4225e5a3dfd44e36dbc3ba7891fce514" - "d127e5eb8adb939670b4c5643c46425c614546b90cf0d720203bef4a12ff2d7666" - "23c92e134420e3b423b526598f32e8884843bc", - .p_nonce = "43925318850a09c9fb23247cbd", - .p_mac = "38cec0517f5fa1d8" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt0) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "cf063a34d4a9a76c2c86787d3f96db71", - .p_ad = "", - .p_nonce = "113b9785971864c83b01c787", - .p_mac = "72ac8493e3a5228b5d130a69d2510e42" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "a49a5e26a2f8cb63d05546c2a62f5343", - .p_ad = "", - .p_nonce = "907763b19b9b4ab6bd4f0281", - .p_mac = "a2be08210d8c470a8df6e8fbd79ec5cf" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "2ad0bf5aeb47a0c1a98da3dfdab4fded", - .p_ad = "", - .p_nonce = "25f1b6091ee7040fea4ba854", - .p_mac = "d7963d240317653e01cf5abe5d0966ae" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 3 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1cb603b886e9deb62cbf5182caaeb35", - .p_ad = "", - .p_nonce = "cd23f90cfd17727ea0975ff2", - .p_mac = "e319af65" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 4 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 3"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "e626638a113c617077f5c4b2284921c5", - .p_ad = "", - .p_nonce = "c4a8864b4c3385a78cb8759f", - .p_mac = "039d51f8" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 5 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 valid 3"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "8f74a8b922fcf1a8eed7320df9f03fd6", - .p_ad = "", - .p_nonce = "925ec6414e777062ac839f06", - .p_mac = "bb0dc912" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1f6af919cde85661208bdce0c27cb22", - .p_ad = "7c5faa40e636bbc91107e68010c92b9f", - .p_nonce = "898c6929b435017bf031c3c5", - .p_mac = "ae45f11777540a2caeb128be8092468a" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "2370e320d4344208e0ff5683f243b213", - .p_ad = "d43a8e5089eea0d026c03a85178b27da", - .p_nonce = "04dbb82f044d30831c441228", - .p_mac = "2a049c049d25aa95969b451d93c31c6e" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "bc3ab28150fd4cb731d5f48ed2784173", - .p_ad = "53d2fc19963fc99a36a524e39cb68aa8", - .p_nonce = "40408445c203c647312b8f01", - .p_mac = "3f04dbd2f49909f73044175041fd9eff" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "28286a321293253c3e0aa2704a278032", - .p_ciphertext = "5a3c1cf1985dbb8bed818036fdd5ab42", - .p_key = "e98b72a9881a84ca6b76e0f43e68647a", - .p_ad = "", - .p_nonce = "8b23299fde174053f3d652ba", - .p_mac = "23c7ab0f952b7091cd324835043b5eb5" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt10) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "95695a5b12f2870b9cc5fdc8f218a97d", - .p_ciphertext = "47bb7e23f7bdfe05a8091ac90e4f8b2e", - .p_key = "33240636cd3236165f1a553b773e728e", - .p_ad = "", - .p_nonce = "17c4d61493ecdc8f31700b12", - .p_mac = "b723c70e931d9785f40fd4ab1d612dc9" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt11) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "95695a5b12f2870b9cc5fdc8f218a97d", - .p_ciphertext = "0216c899c88d6e32c958c7e553daa5bc", - .p_key = "5164df856f1e9cac04a79b808dc5be39", - .p_ad = "", - .p_nonce = "e76925d5355e0584ce871b2b", - .p_mac = "a145319896329c96df291f64efbe0e3a" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt12) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "ecafe96c67a1646744f1c891f5e69427", - .p_ciphertext = "552ebe012e7bcf90fcef712f8344e8f1", - .p_key = "816e39070410cf2184904da03ea5075a", - .p_ad = "f2a30728ed874ee02983c294435d3c16", - .p_nonce = "32c367a3362613b27fc3e67e", - .p_mac = "ecaae9fc68276a45ab0ca3cb9dd9539f" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt13) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "ecafe96c67a1646744f1c891f5e69427", - .p_ciphertext = "1c785025e5a2678e4b29b29276e395bb", - .p_key = "867fc5d5476d5008f0703d81e3622255", - .p_ad = "261a9efd4f32bc3d07c115b4edcf8adf", - .p_nonce = "22945529dff947c3c9264df7", - .p_mac = "87fdf1261846164a950c37a3f2eea17d" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt14) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "ec18a057c22d12373b5efe4d177eb068", - .p_ciphertext = "0128a239bb43c12885f9591386ecac0f", - .p_key = "3d17f97bf1dae4268b6610dc90c70b28", - .p_ad = "681a4feac147ee2d25e9191aaa4c8830", - .p_nonce = "ebcd88fc18d4c99d28524d41", - .p_mac = "144def0210af9348f07afe27e65bdc7e" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt15) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 1"), - .p_plaintext = "1a964bfebe3908831558699d740bc46f", - .p_ciphertext = "55895bbe1f3bc758463a4a9355ef453f", - .p_key = "dc5a53d122399fdfb1e5cc2dfca8900b", - .p_ad = "2b7288f435248dc03dc0f3a2d5c82451bc34c1e319f23ce779d228d150bc8a69e8" - "2fb5062aa218d2a7810b39d551227b03e2e954179eac955be7f0a5b213f3a9f262" - "a24f75c7631af3761cfa34adca7d100b9b17ade5c3b19af5", - .p_nonce = - "fac4d131bc09ffb642a3e19f633f58a7bbc61949cea0ada34ab89df13e0e1b9080f968" - "195782f0f765170c46476bec7b4d062c9714e5bb9cd63e4586d74e4a624ea875ef955b" - "7614323a3f75af979423b4a39140c3a5edcef9ec9a158853a3fee6774e59c9863e1bef" - "aee60e2148639db953f4ab3b63e450529b0fccb3d3d134", - .p_mac = "c11a27542917f024c973500da2" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt16) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 1"), - .p_plaintext = "1a964bfebe3908831558699d740bc46f", - .p_ciphertext = "12559383ff63bfaf2863f612e3ee39bc", - .p_key = "c40ee4fec74740982e2b07183b9b81bb", - .p_ad = "3a00dfeb4b66254ce1294c0a18619ae98ab97dac1ba9f321b747979dba6594a5d6" - "fd7d6cea0f7453e1abd65752b168e4c907e32b486396dcf4c2648d534b22e8e619" - "cd390e370cfa7138ac967ff424f6e00fb887da79d6d96c53", - .p_nonce = - "42c38dae820a700f91ec38ae901947074250f2d813286ed5ec6353f7cd84e1eaa4649e" - "03cbfb2ea9604b05c3fdabf091681a1646b9cec137a2d46b31925ab6741cbd3cc02d1b" - "623b142407472b73a85cf9feef076fea6a56965733f5b15712b97622d75bd818fd996c" - "d1edb38ef1c5d0344169a165a87a5fb278f740ced141d9", - .p_mac = "4412b1fdb1405c250fcfa8db40" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_encrypt17) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 2"), - .p_plaintext = "f3e05222ea6133e1b867a53986e4b432", - .p_ciphertext = "5d5d86133086a689fed21cc37c856a6f", - .p_key = "fef36ef7f9305ecbd990619f28b2b9b6", - .p_ad = "5f4990dce32043db4143aa58aba99a3cfb745444cc1a282bcc47aa58cc7031b36f" - "d25c7575ea585fffe09e60bdcb477381a35f3fa3ec09426f05c84136e24f9aeabe" - "94f8117e8e2e9f7b3527877c0d9442587642c57c2be63415", - .p_nonce = - "601ef18957f79ccf67cacfd801aaed57a66c7e666385aeb9456284c567c27e38190fe6" - "52d44e9affe538236f25939ab127418498f04feeca35b38fca44e3fd0b6f98b77425cc" - "403e6edb9800cc5b343d6c01d9871cbc9a3b478447267aa5b6614ee8d25e141275c1f4" - "6f083ee93eaccb35040b22ceaed28f0f28cadb48d576a0", - .p_mac = "bd273924ae7e3ef6aa3ee66dbf" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt0) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "cf063a34d4a9a76c2c86787d3f96db71", - .p_ad = "", - .p_nonce = "113b9785971864c83b01c787", - .p_mac = "72ac8493e3a5228b5d130a69d2510e42" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "a49a5e26a2f8cb63d05546c2a62f5343", - .p_ad = "", - .p_nonce = "907763b19b9b4ab6bd4f0281", - .p_mac = "a2be08210d8c470a8df6e8fbd79ec5cf" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "2ad0bf5aeb47a0c1a98da3dfdab4fded", - .p_ad = "", - .p_nonce = "25f1b6091ee7040fea4ba854", - .p_mac = "d7963d240317653e01cf5abe5d0966ae" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 3 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1cb603b886e9deb62cbf5182caaeb35", - .p_ad = "", - .p_nonce = "cd23f90cfd17727ea0975ff2", - .p_mac = "e319af65" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 4 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "e626638a113c617077f5c4b2284921c5", - .p_ad = "", - .p_nonce = "c4a8864b4c3385a78cb8759f", - .p_mac = "039d51f8" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 5 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "8f74a8b922fcf1a8eed7320df9f03fd6", - .p_ad = "", - .p_nonce = "925ec6414e777062ac839f06", - .p_mac = "bb0dc912" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "d1f6af919cde85661208bdce0c27cb22", - .p_ad = "7c5faa40e636bbc91107e68010c92b9f", - .p_nonce = "898c6929b435017bf031c3c5", - .p_mac = "ae45f11777540a2caeb128be8092468a" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "2370e320d4344208e0ff5683f243b213", - .p_ad = "d43a8e5089eea0d026c03a85178b27da", - .p_nonce = "04dbb82f044d30831c441228", - .p_mac = "2a049c049d25aa95969b451d93c31c6e" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "bc3ab28150fd4cb731d5f48ed2784173", - .p_ad = "53d2fc19963fc99a36a524e39cb68aa8", - .p_nonce = "40408445c203c647312b8f01", - .p_mac = "3f04dbd2f49909f73044175041fd9eff" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "28286a321293253c3e0aa2704a278032", - .p_ciphertext = "5a3c1cf1985dbb8bed818036fdd5ab42", - .p_key = "e98b72a9881a84ca6b76e0f43e68647a", - .p_ad = "", - .p_nonce = "8b23299fde174053f3d652ba", - .p_mac = "23c7ab0f952b7091cd324835043b5eb5" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt10) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "95695a5b12f2870b9cc5fdc8f218a97d", - .p_ciphertext = "47bb7e23f7bdfe05a8091ac90e4f8b2e", - .p_key = "33240636cd3236165f1a553b773e728e", - .p_ad = "", - .p_nonce = "17c4d61493ecdc8f31700b12", - .p_mac = "b723c70e931d9785f40fd4ab1d612dc9" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt11) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "95695a5b12f2870b9cc5fdc8f218a97d", - .p_ciphertext = "0216c899c88d6e32c958c7e553daa5bc", - .p_key = "5164df856f1e9cac04a79b808dc5be39", - .p_ad = "", - .p_nonce = "e76925d5355e0584ce871b2b", - .p_mac = "a145319896329c96df291f64efbe0e3a" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt12) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "ecafe96c67a1646744f1c891f5e69427", - .p_ciphertext = "552ebe012e7bcf90fcef712f8344e8f1", - .p_key = "816e39070410cf2184904da03ea5075a", - .p_ad = "f2a30728ed874ee02983c294435d3c16", - .p_nonce = "32c367a3362613b27fc3e67e", - .p_mac = "ecaae9fc68276a45ab0ca3cb9dd9539f" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt13) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "ecafe96c67a1646744f1c891f5e69427", - .p_ciphertext = "1c785025e5a2678e4b29b29276e395bb", - .p_key = "867fc5d5476d5008f0703d81e3622255", - .p_ad = "261a9efd4f32bc3d07c115b4edcf8adf", - .p_nonce = "22945529dff947c3c9264df7", - .p_mac = "87fdf1261846164a950c37a3f2eea17d" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt14) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "ec18a057c22d12373b5efe4d177eb068", - .p_ciphertext = "0128a239bb43c12885f9591386ecac0f", - .p_key = "3d17f97bf1dae4268b6610dc90c70b28", - .p_ad = "681a4feac147ee2d25e9191aaa4c8830", - .p_nonce = "ebcd88fc18d4c99d28524d41", - .p_mac = "144def0210af9348f07afe27e65bdc7e" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt15) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 1"), - .p_plaintext = "1a964bfebe3908831558699d740bc46f", - .p_ciphertext = "55895bbe1f3bc758463a4a9355ef453f", - .p_key = "dc5a53d122399fdfb1e5cc2dfca8900b", - .p_ad = "2b7288f435248dc03dc0f3a2d5c82451bc34c1e319f23ce779d228d150bc8a69e8" - "2fb5062aa218d2a7810b39d551227b03e2e954179eac955be7f0a5b213f3a9f262" - "a24f75c7631af3761cfa34adca7d100b9b17ade5c3b19af5", - .p_nonce = - "fac4d131bc09ffb642a3e19f633f58a7bbc61949cea0ada34ab89df13e0e1b9080f968" - "195782f0f765170c46476bec7b4d062c9714e5bb9cd63e4586d74e4a624ea875ef955b" - "7614323a3f75af979423b4a39140c3a5edcef9ec9a158853a3fee6774e59c9863e1bef" - "aee60e2148639db953f4ab3b63e450529b0fccb3d3d134", - .p_mac = "c11a27542917f024c973500da2" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt16) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 1"), - .p_plaintext = "1a964bfebe3908831558699d740bc46f", - .p_ciphertext = "12559383ff63bfaf2863f612e3ee39bc", - .p_key = "c40ee4fec74740982e2b07183b9b81bb", - .p_ad = "3a00dfeb4b66254ce1294c0a18619ae98ab97dac1ba9f321b747979dba6594a5d6" - "fd7d6cea0f7453e1abd65752b168e4c907e32b486396dcf4c2648d534b22e8e619" - "cd390e370cfa7138ac967ff424f6e00fb887da79d6d96c53", - .p_nonce = - "42c38dae820a700f91ec38ae901947074250f2d813286ed5ec6353f7cd84e1eaa4649e" - "03cbfb2ea9604b05c3fdabf091681a1646b9cec137a2d46b31925ab6741cbd3cc02d1b" - "623b142407472b73a85cf9feef076fea6a56965733f5b15712b97622d75bd818fd996c" - "d1edb38ef1c5d0344169a165a87a5fb278f740ced141d9", - .p_mac = "4412b1fdb1405c250fcfa8db40" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 128 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_128_decrypt17) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 128 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 2"), - .p_plaintext = "f3e05222ea6133e1b867a53986e4b432", - .p_ciphertext = "5d5d86133086a689fed21cc37c856a6f", - .p_key = "fef36ef7f9305ecbd990619f28b2b9b6", - .p_ad = "5f4990dce32043db4143aa58aba99a3cfb745444cc1a282bcc47aa58cc7031b36f" - "d25c7575ea585fffe09e60bdcb477381a35f3fa3ec09426f05c84136e24f9aeabe" - "94f8117e8e2e9f7b3527877c0d9442587642c57c2be63415", - .p_nonce = - "601ef18957f79ccf67cacfd801aaed57a66c7e666385aeb9456284c567c27e38190fe6" - "52d44e9affe538236f25939ab127418498f04feeca35b38fca44e3fd0b6f98b77425cc" - "403e6edb9800cc5b343d6c01d9871cbc9a3b478447267aa5b6614ee8d25e141275c1f4" - "6f083ee93eaccb35040b22ceaed28f0f28cadb48d576a0", - .p_mac = "bd273924ae7e3ef6aa3ee66dbf" -}; - -/* AES GCM - Custom test vector 1 - Invalid behavior test for AES plaintext and AD. */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_192_inv_c1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 message_len=0 ad_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "3f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "", - .p_nonce = "457d26179c4405a24dfcc1e8da", - .p_mac = "04cb55750acf4061" -}; - -/* AES GCM - Custom test vector 2 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_192_inv_c2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt Invalid ciphertext"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "5d592caa5ecffd6815bc73543ba1a8f7db636b88abd377", - .p_key = "3f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "0001020304050607", - .p_nonce = "457d26179c4405a24dfcc1e8da", - .p_mac = "146e5bd753a09177" -}; - -/* AES GCM - Custom test vector 3 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_192_inv_c3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = - EXPECTED_TO_FAIL, /* Generated plaintext will be incorrect. */ - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt Invalid MAC"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "4d592caa5ecffd6815bc73543ba1a8f7db636b88abd377", - .p_key = "3f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "0001020304050607", - .p_nonce = "457d26179c4405a24dfcc1e8da", - .p_mac = "246e5bd753a09177" -}; - -/* AES GCM - Custom test vector 4 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_192_inv_c4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "4d592caa5ecffd6815bc73543ba1a8f7db636b88abd377", - .p_key = "4f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "0001020304050607", - .p_nonce = "457d26179c4405a24dfcc1e8da", - .p_mac = "146e5bd753a09177" -}; - -/* AES GCM - Custom test vector 5 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_192_inv_c5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "4d592caa5ecffd6815bc73543ba1a8f7db636b88abd377", - .p_key = "4f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "0001020304050607", - .p_nonce = "457d26179c4405a24dfcc1e8da", - .p_mac = "146e5bd753a09177" -}; - -/* AES GCM - Custom test vector 6 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_192_inv_c6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "4d592caa5ecffd6815bc73543ba1a8f7db636b88abd377", - .p_key = "3f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "0001020304050607", - .p_nonce = "557d26179c4405a24dfcc1e8da", - .p_mac = "146e5bd753a09177" -}; - -/* AES GCM - Custom test vector 7 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_192_inv_c7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "4d592caa5ecffd6815bc73543ba1a8f7db636b88abd377", - .p_key = "3f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "0001020304050607", - .p_nonce = "557d26179c4405a24dfcc1e8da", - .p_mac = "146e5bd753a09177" -}; - -/* AES GCM - Custom test vector 8 */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_192_c8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "GCM 192 message_len=250 ad_len=8 mac_len=8 nonce_len=13"), - .p_plaintext = - "e96325847ce207c2bf6638a52634075139998888fa0ca1501a4b57ee0767210f1fee06" - "5b7ed1e4005fe1c3ec482b2d3cad3d8461d4ab2ba1c73cbe2c65ac8b1e61be3f052eca" - "df671a3f58601ec0f1ac95367dae85601449f434b9d10757a613784a229aa14bebe6ed" - "07579ec0a513ce7ce799d1e6cd468613f0d3f42e6162680b28f13aeb82657293442445" - "9137bd3aabec437bf4fdff007d2675d7fd2195280da092eb1b3549e5457e065cc47349" - "f2c3013b8a4a1938b05c033b2a5b6b477be39b415f4f50beac41f817783bda28f24bab" - "3c8095e1b01e48ce4271cd2a323d1d8c100bb9856f75f63bdee34510de01e32efc0b12" - "e980e9161a", - .p_ciphertext = - "ac3303252e20f4a5bacb59e20980b9b1fae3f91b4dc2c8deca8ef69c0cac8141e093d0" - "7a83b21eb7100bb51594e8e86b13c3bb9cb687d827cca37d42aa03716c83d9c31251a9" - "401afb8a522c8d0dbb4787b60eb5e2d4cf0e939678065eb3cbdb2c5d4a1d40cb226a60" - "7bca61ca749ef280903d1bd607cb223add245a8f6463864249175e0936d9f882f99ccb" - "814e4cfb77f5758dc871ddcf736df52af2447ade0ef3b0f1b8d6e66fc2468398e1e3cc" - "4c5ba3eca38f9f30b9b13f92f7512dcc24475f4bfcfe081c28d1f83603efeec36c1b8e" - "e8b3d5e40214898f5964b6c62cafa19a541728bb3e678677e1e62423fb54085360434f" - "2a7495dd9d", - .p_key = "3f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "0001020304050607", - .p_nonce = "457d26179c4405a24dfcc1e8da", - .p_mac = "c0afcc477c8f5395" -}; - -/* AES GCM - Custom test vector 9 */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_192_c9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "GCM 192 message_len=16 ad_len=250 mac_len=8 nonce_len=13"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "4d592caa5ecffd6815bc73543ba1a8f7db636b88abd377", - .p_key = "3f4acd43fdcff484b1df2073c3d506bcccaf4eeb9184c9db", - .p_ad = "0ee0089ec32c7cfa036bd1ab9c23b98cd5d166214d61c719688c6a0ecff705da47" - "ac179cae7eaa3b638ab022a6669729fe47f24679e78488125d989cc7d1bbd8b472" - "b04678b45adde4cca92cd91c4e214257243b163eca04bf643e9df6f7c5bf55aa91" - "bc348154b5c3e9529a56fed8b04e0726b6de3ecc43f499108933e07297bdfcd4d8" - "df2aa9af908083aeccc5c23fe9efbbf5fa9a27ea2923d36188197c87c955fcc5f7" - "e0ebff4b01ebf008a5c93dab12ddfbf65f4225e5a3dfd44e36dbc3ba7891fce514" - "d127e5eb8adb939670b4c5643c46425c614546b90cf0d720203bef4a12ff2d7666" - "23c92e134420e3b423b526598f32e8884843bc", - .p_nonce = "457d26179c4405a24dfcc1e8da", - .p_mac = "7e099f28fb401297" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt0) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "0e5d6e68f82f32bea3f0b69498c1a31ef6d955cd3d27a2a8", - .p_ad = "", - .p_nonce = "caf72ee1e62e1001e8cfbc63", - .p_mac = "db1a74ffb5f7de26f5742e0942b1b9cb" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "f780e4089a6224b9db576b368149fc4f58e6c8f7061814e2", - .p_ad = "", - .p_nonce = "ae84a7ac9f89a70c92d566ec", - .p_mac = "cd65b48665146066b92b34b38ec3415e" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "0ed9f074d53b9b71bb87d123c16d269728ad819d89bba91c", - .p_ad = "", - .p_nonce = "8b4e5be3cef24b12640bd781", - .p_mac = "258e9d80875b4a6f4b7216da0db35e47" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bc27da31f2ad93f1bf07a386c3e437d5d1d8e641a778396", - .p_ad = "", - .p_nonce = "1e437ff8358fc7401bd935e2", - .p_mac = "08967511" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "3d673cb7f8f9b599cef3eb4956c319c939caccb627aea76e", - .p_ad = "", - .p_nonce = "bfc4d6b4a20ce5f9193ee4f5", - .p_mac = "a082171c" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 3"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "f3d1cd3c9c112a3a3b3768c3b65db6b9345028679513c4df", - .p_ad = "", - .p_nonce = "9a789d2c76b3d9d5731e8acf", - .p_mac = "bbd39626" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "aa921cb5a243ab08911f3289266b39dab133f5c420a6c5cd", - .p_ad = "487443c7c14ce474cb3d291f257070a2", - .p_nonce = "8f73db68daeeed2d155fb1a0", - .p_mac = "b12674fbeac6889a24948f2792e30a50" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "0778c653b8318c16cbe96af79e6fb57a628bb0a5eb65addc", - .p_ad = "303a3c3f74104252abcf89282521cb65", - .p_nonce = "d901bc5babba7958af15c8b8", - .p_mac = "d599c2b12f4afa1aeebbdee4c9e3ccf8" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "409e7a1f2dc87b887da6cd51fa66b3c439d6bb64eed4f58b", - .p_ad = "7ca7f102db61be6777cfb3142c81df38", - .p_nonce = "2c3eac60c57a4db5343c9fe5", - .p_mac = "c4d72c983924fcd886b6e076525b7104" -}; - -/* This test vector file is very long. Chop off a few if this is set. */ -#if defined(CONFIG_CRYPTO_TEST_LARGE_VECTORS) -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "99ae6f479b3004354ff18cd86c0b6efb", - .p_ciphertext = "132ae95bd359c44aaefa6348632cafbd", - .p_key = "7a7c5b6a8a9ab5acae34a9f6e41f19a971f9c330023c0f0c", - .p_ad = "", - .p_nonce = "aa4c38bf587f94f99fee77d5", - .p_mac = "19d7c7d5809ad6648110f22f272e7d72" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt10) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "7d81b948515c975308086fa960f7cc9a", - .p_ciphertext = "6e3720e76b6b4bf567ce9ae57f4aac9f", - .p_key = "2797751ef6dd828c794429543f8d690e9fe618139ac1510f", - .p_ad = "", - .p_nonce = "d960f74be927580a2e9f57ef", - .p_mac = "f277556fc0a94b4ea786465ca5146aa4" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt11) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 3"), - .p_plaintext = "28aa46393e1b8b8784b035f35d1ea9fa", - .p_ciphertext = "2f3c56eeeb62b393c571d126177865e9", - .p_key = "843ae0ef237636df82b0307fb9064ee12fdab5a98e838bd6", - .p_ad = "", - .p_nonce = "1df141ca68757aef80e414ec", - .p_mac = "0fa560a3474eb37895bebb990d5ebf14" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt12) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "28aa46393e1b8b8784b035f35d1ea9fa", - .p_ciphertext = "ad475445f3eecb217387be44895254e1", - .p_key = "f3167d3ea919d15bb5254717cc8b2a18da1e35950a872089", - .p_ad = "cc67a35257f75e8816d0de5b83d321f0", - .p_nonce = "5583ee965e59308a902a0703", - .p_mac = "f7e9cef0e7296bdb0b4305b0a8edf9ac" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt13) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 2"), - .p_plaintext = "28aa46393e1b8b8784b035f35d1ea9fa", - .p_ciphertext = "1d8a02f16a49117c4358380db3d6518d", - .p_key = "1a4c7488415dd3ba950be4a3bcd1ca00cd004afa28c2e1ce", - .p_ad = "fa0f64cb4ea0ce865aa4144e03ee0fd1", - .p_nonce = "c9de7004ac7f9ab4ece85998", - .p_mac = "c6bd80d982cc9db923b06e18bc557401" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt14) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 3"), - .p_plaintext = "28aa46393e1b8b8784b035f35d1ea9fa", - .p_ciphertext = "8ce3218d510f2f73621935a9dea64d1e", - .p_key = "85e0788c66431fd78ea4dbc188a380a74f2568252623e293", - .p_ad = "c1cc58d09b4a1e354275478ee87673e9", - .p_nonce = "b067415cca095c907c4e7473", - .p_mac = "d0bea06cf298f9e60a148715e587acb5" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt15) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 1"), - .p_plaintext = "aaa7c2dab7d6157f66268d60b6a718c0", - .p_ciphertext = "5b25b7681904d78ff19dde920c97623b", - .p_key = "f10357dde935755c762a96659886688a25bf5fd2ad71ac9b", - .p_ad = "bf36dc030d5bd3abbf2999df74aa81c2769338603e9d29f5c6016b041937157ead" - "f786666bc7c30f6db9bede08273768942a552692fce7e1ea5c17b3e7b86733adce" - "a5f6711a143b1be9525bf3c8b355e316029fa787c32e52dc", - .p_nonce = - "8bbd8715baf1025c029d1191ef59f29564ca8bde6cfb1c97aee754a7876205f31769c9" - "f774ce697d11b9c2581aae1efdf17b5ad759d0f67e06687abb81eda51726e11de3e45a" - "34d29b826a2c0fdc76a7f8180be72d602da9ec6bb186bd4c4e7c111cdf8a94b3a30473" - "e3e2ce7c8055b9edf41386b09480b0efe61e8199a576ed", - .p_mac = "0a951dc55d979a5615a9467bce" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt16) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 1"), - .p_plaintext = "aaa7c2dab7d6157f66268d60b6a718c0", - .p_ciphertext = "ae2e4c37a04ae37aade697cea78a26b2", - .p_key = "fe06c336529fd8533a53cb79c0500e2a569fc8febd161b0f", - .p_ad = "1ea558f79d06bed3bda5e03989dbaa583f27491a76cb9347f74b753e0c537df973" - "6db3ab38bc9f80d78190b8fda0cf2d31c9d3678540e8685c136e6ebb08e4b0c313" - "3b3b9732cb8ebbbfb0cbb780f3fc338c1ed338cd23537866", - .p_nonce = - "13aa3a4cc62921bedc8936f7a8e80fa7ed89639f2729565e2f8076efda1a411bee8bb1" - "0802d30538574fd86bbd05183c98d10bdc0bdc80fe3c8617c69bd9c839bec88f81b662" - "4543d8ead96c85106338e2898d60289e1f4ddf49dac2c3dc0c6032533b1d7afe81e870" - "1c5a9d0ef8a2e5bca1bf82d332b22c7d4ef2110e803308", - .p_mac = "c35d020bf4bcda7e972a81a253" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_encrypt17) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 2"), - .p_plaintext = "b32ef00ee70256466b9cdc1fa5728907", - .p_ciphertext = "0f74951242b2693f853daf1dc6660230", - .p_key = "e218693f9fe9ee77a9cf7a7ac4d44b8a4cd8ca4e33cfe6b8", - .p_ad = "d3bebae709147dbee6d023d3c2efc4d50b544a624b9843f8e6a3d13e7366b36c89" - "c50c202b43d1f3ef0d405b632cd3e3512f405dd339ce9b858bb721ae36e27cdda6" - "6c8163f37072fa84be152d1e96734c620f5228da2bc2403c", - .p_nonce = - "6a8d1a8778445165d4ee8212f8a2f48063f5ae588f9029ebf8431b9efcb185035c9748" - "8ed8b7f0004b864028f76692f193f0c68f20d9b5e6306147db45913403ebd8f5a9cf0f" - "342e540c77cbb27ae33e159a2acadcf06bd196852fcab6f7275061bf20f7648e0ad155" - "ec4b5de75254275ddad8f2e05469a20195b799103c6435", - .p_mac = "814e7e5595f8001801e482ed45" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt0) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "0e5d6e68f82f32bea3f0b69498c1a31ef6d955cd3d27a2a8", - .p_ad = "", - .p_nonce = "caf72ee1e62e1001e8cfbc63", - .p_mac = "db1a74ffb5f7de26f5742e0942b1b9cb" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "f780e4089a6224b9db576b368149fc4f58e6c8f7061814e2", - .p_ad = "", - .p_nonce = "ae84a7ac9f89a70c92d566ec", - .p_mac = "cd65b48665146066b92b34b38ec3415e" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "0ed9f074d53b9b71bb87d123c16d269728ad819d89bba91c", - .p_ad = "", - .p_nonce = "8b4e5be3cef24b12640bd781", - .p_mac = "258e9d80875b4a6f4b7216da0db35e47" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "4bc27da31f2ad93f1bf07a386c3e437d5d1d8e641a778396", - .p_ad = "", - .p_nonce = "1e437ff8358fc7401bd935e2", - .p_mac = "08967511" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "3d673cb7f8f9b599cef3eb4956c319c939caccb627aea76e", - .p_ad = "", - .p_nonce = "bfc4d6b4a20ce5f9193ee4f5", - .p_mac = "a082171c" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 3"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "f3d1cd3c9c112a3a3b3768c3b65db6b9345028679513c4df", - .p_ad = "", - .p_nonce = "9a789d2c76b3d9d5731e8acf", - .p_mac = "bbd39626" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "aa921cb5a243ab08911f3289266b39dab133f5c420a6c5cd", - .p_ad = "487443c7c14ce474cb3d291f257070a2", - .p_nonce = "8f73db68daeeed2d155fb1a0", - .p_mac = "b12674fbeac6889a24948f2792e30a50" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "0778c653b8318c16cbe96af79e6fb57a628bb0a5eb65addc", - .p_ad = "303a3c3f74104252abcf89282521cb65", - .p_nonce = "d901bc5babba7958af15c8b8", - .p_mac = "d599c2b12f4afa1aeebbdee4c9e3ccf8" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "409e7a1f2dc87b887da6cd51fa66b3c439d6bb64eed4f58b", - .p_ad = "7ca7f102db61be6777cfb3142c81df38", - .p_nonce = "2c3eac60c57a4db5343c9fe5", - .p_mac = "c4d72c983924fcd886b6e076525b7104" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "99ae6f479b3004354ff18cd86c0b6efb", - .p_ciphertext = "132ae95bd359c44aaefa6348632cafbd", - .p_key = "7a7c5b6a8a9ab5acae34a9f6e41f19a971f9c330023c0f0c", - .p_ad = "", - .p_nonce = "aa4c38bf587f94f99fee77d5", - .p_mac = "19d7c7d5809ad6648110f22f272e7d72" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt10) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "7d81b948515c975308086fa960f7cc9a", - .p_ciphertext = "6e3720e76b6b4bf567ce9ae57f4aac9f", - .p_key = "2797751ef6dd828c794429543f8d690e9fe618139ac1510f", - .p_ad = "", - .p_nonce = "d960f74be927580a2e9f57ef", - .p_mac = "f277556fc0a94b4ea786465ca5146aa4" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt11) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 3"), - .p_plaintext = "28aa46393e1b8b8784b035f35d1ea9fa", - .p_ciphertext = "2f3c56eeeb62b393c571d126177865e9", - .p_key = "843ae0ef237636df82b0307fb9064ee12fdab5a98e838bd6", - .p_ad = "", - .p_nonce = "1df141ca68757aef80e414ec", - .p_mac = "0fa560a3474eb37895bebb990d5ebf14" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt12) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "28aa46393e1b8b8784b035f35d1ea9fa", - .p_ciphertext = "ad475445f3eecb217387be44895254e1", - .p_key = "f3167d3ea919d15bb5254717cc8b2a18da1e35950a872089", - .p_ad = "cc67a35257f75e8816d0de5b83d321f0", - .p_nonce = "5583ee965e59308a902a0703", - .p_mac = "f7e9cef0e7296bdb0b4305b0a8edf9ac" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt13) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 2"), - .p_plaintext = "28aa46393e1b8b8784b035f35d1ea9fa", - .p_ciphertext = "1d8a02f16a49117c4358380db3d6518d", - .p_key = "1a4c7488415dd3ba950be4a3bcd1ca00cd004afa28c2e1ce", - .p_ad = "fa0f64cb4ea0ce865aa4144e03ee0fd1", - .p_nonce = "c9de7004ac7f9ab4ece85998", - .p_mac = "c6bd80d982cc9db923b06e18bc557401" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt14) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 3"), - .p_plaintext = "28aa46393e1b8b8784b035f35d1ea9fa", - .p_ciphertext = "8ce3218d510f2f73621935a9dea64d1e", - .p_key = "85e0788c66431fd78ea4dbc188a380a74f2568252623e293", - .p_ad = "c1cc58d09b4a1e354275478ee87673e9", - .p_nonce = "b067415cca095c907c4e7473", - .p_mac = "d0bea06cf298f9e60a148715e587acb5" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt15) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 1"), - .p_plaintext = "aaa7c2dab7d6157f66268d60b6a718c0", - .p_ciphertext = "5b25b7681904d78ff19dde920c97623b", - .p_key = "f10357dde935755c762a96659886688a25bf5fd2ad71ac9b", - .p_ad = "bf36dc030d5bd3abbf2999df74aa81c2769338603e9d29f5c6016b041937157ead" - "f786666bc7c30f6db9bede08273768942a552692fce7e1ea5c17b3e7b86733adce" - "a5f6711a143b1be9525bf3c8b355e316029fa787c32e52dc", - .p_nonce = - "8bbd8715baf1025c029d1191ef59f29564ca8bde6cfb1c97aee754a7876205f31769c9" - "f774ce697d11b9c2581aae1efdf17b5ad759d0f67e06687abb81eda51726e11de3e45a" - "34d29b826a2c0fdc76a7f8180be72d602da9ec6bb186bd4c4e7c111cdf8a94b3a30473" - "e3e2ce7c8055b9edf41386b09480b0efe61e8199a576ed", - .p_mac = "0a951dc55d979a5615a9467bce" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt16) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 1"), - .p_plaintext = "aaa7c2dab7d6157f66268d60b6a718c0", - .p_ciphertext = "ae2e4c37a04ae37aade697cea78a26b2", - .p_key = "fe06c336529fd8533a53cb79c0500e2a569fc8febd161b0f", - .p_ad = "1ea558f79d06bed3bda5e03989dbaa583f27491a76cb9347f74b753e0c537df973" - "6db3ab38bc9f80d78190b8fda0cf2d31c9d3678540e8685c136e6ebb08e4b0c313" - "3b3b9732cb8ebbbfb0cbb780f3fc338c1ed338cd23537866", - .p_nonce = - "13aa3a4cc62921bedc8936f7a8e80fa7ed89639f2729565e2f8076efda1a411bee8bb1" - "0802d30538574fd86bbd05183c98d10bdc0bdc80fe3c8617c69bd9c839bec88f81b662" - "4543d8ead96c85106338e2898d60289e1f4ddf49dac2c3dc0c6032533b1d7afe81e870" - "1c5a9d0ef8a2e5bca1bf82d332b22c7d4ef2110e803308", - .p_mac = "c35d020bf4bcda7e972a81a253" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 192 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_192_decrypt17) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 192 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 2"), - .p_plaintext = "b32ef00ee70256466b9cdc1fa5728907", - .p_ciphertext = "0f74951242b2693f853daf1dc6660230", - .p_key = "e218693f9fe9ee77a9cf7a7ac4d44b8a4cd8ca4e33cfe6b8", - .p_ad = "d3bebae709147dbee6d023d3c2efc4d50b544a624b9843f8e6a3d13e7366b36c89" - "c50c202b43d1f3ef0d405b632cd3e3512f405dd339ce9b858bb721ae36e27cdda6" - "6c8163f37072fa84be152d1e96734c620f5228da2bc2403c", - .p_nonce = - "6a8d1a8778445165d4ee8212f8a2f48063f5ae588f9029ebf8431b9efcb185035c9748" - "8ed8b7f0004b864028f76692f193f0c68f20d9b5e6306147db45913403ebd8f5a9cf0f" - "342e540c77cbb27ae33e159a2acadcf06bd196852fcab6f7275061bf20f7648e0ad155" - "ec4b5de75254275ddad8f2e05469a20195b799103c6435", - .p_mac = "814e7e5595f8001801e482ed45" -}; - -/* AES GCM - Custom test vector 1 - Invalid behavior test for AES plaintext and AD. */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_256_inv_c1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 message_len=0 ad_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "37e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "", - .p_nonce = "cd45bc603e251dfbceb5a8de2f", - .p_mac = "ca8a20df75d44807" -}; - -/* AES GCM - Custom test vector 2 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_256_inv_c2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt Invalid ciphertext"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "9fe6262e7040eae0feb2b17983d20ffbe04f23faa0246f", - .p_key = - "37e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "0001020304050607", - .p_nonce = "cd45bc603e251dfbceb5a8de2f", - .p_mac = "a4d04ea61a68aa21" -}; - -/* AES GCM - Custom test vector 3 - Invalid behavior test for AES buffer authenticated decryption. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_256_inv_c3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = - EXPECTED_TO_FAIL, /* Generated plaintext will be incorrect. */ - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt Invalid MAC"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "8fe6262e7040eae0feb2b17983d20ffbe04f23faa0246f", - .p_key = - "37e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "0001020304050607", - .p_nonce = "cd45bc603e251dfbceb5a8de2f", - .p_mac = "b4d04ea61a68aa21" -}; - -/* AES GCM - Custom test vector 4 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_256_inv_c4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "8fe6262e7040eae0feb2b17983d20ffbe04f23faa0246f", - .p_key = - "47e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "0001020304050607", - .p_nonce = "cd45bc603e251dfbceb5a8de2f", - .p_mac = "a4d04ea61a68aa21" -}; - -/* AES GCM - Custom test vector 5 - Invalid behavior test for AES key. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_256_inv_c5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt with invalid AES key"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "8fe6262e7040eae0feb2b17983d20ffbe04f23faa0246f", - .p_key = - "47e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "0001020304050607", - .p_nonce = "cd45bc603e251dfbceb5a8de2f", - .p_mac = "a4d04ea61a68aa21" -}; - -/* AES GCM - Custom test vector 6 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_256_inv_c6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "8fe6262e7040eae0feb2b17983d20ffbe04f23faa0246f", - .p_key = - "37e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "0001020304050607", - .p_nonce = "dd45bc603e251dfbceb5a8de2f", - .p_mac = "a4d04ea61a68aa21" -}; - -/* AES GCM - Custom test vector 7 - Invalid behavior test for AES nonce. */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_gcm_256_inv_c7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt with invalid AES nonce"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "8fe6262e7040eae0feb2b17983d20ffbe04f23faa0246f", - .p_key = - "37e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "0001020304050607", - .p_nonce = "dd45bc603e251dfbceb5a8de2f", - .p_mac = "a4d04ea61a68aa21" -}; - -/* AES GCM - Custom test vector 8 */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_256_c8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "GCM 256 message_len=250 ad_len=8 mac_len=8 nonce_len=13"), - .p_plaintext = - "e96325847ce207c2bf6638a52634075139998888fa0ca1501a4b57ee0767210f1fee06" - "5b7ed1e4005fe1c3ec482b2d3cad3d8461d4ab2ba1c73cbe2c65ac8b1e61be3f052eca" - "df671a3f58601ec0f1ac95367dae85601449f434b9d10757a613784a229aa14bebe6ed" - "07579ec0a513ce7ce799d1e6cd468613f0d3f42e6162680b28f13aeb82657293442445" - "9137bd3aabec437bf4fdff007d2675d7fd2195280da092eb1b3549e5457e065cc47349" - "f2c3013b8a4a1938b05c033b2a5b6b477be39b415f4f50beac41f817783bda28f24bab" - "3c8095e1b01e48ce4271cd2a323d1d8c100bb9856f75f63bdee34510de01e32efc0b12" - "e980e9161a", - .p_ciphertext = - "6e8c09a100afe32d51c59bcfb1f31ebdc1cfb1694635d02e23f49514ad0a4b0b1fbc2c" - "0b09a56d2c59e6bb4f75328c4e55ee3bf4182930825dd6119fb862a33a2d89e59b6856" - "ec8e86402f6a06e60ecb0c70c73a64d51255f5ee43f3fcee46e694518344441c0692e1" - "056cdd9159b390aa0c56500eeedef93cb4fbc0da2fac791f5866fb32dd96e31c7926e1" - "0700cd0ec8cae45bac04f3ef21246a4b4d1e16ff0823b02c442cad3041f79f38cbf169" - "f3d8ffad1f07dc06a3035768328d9539a3f9dc821b04b6ba2620340dcc51968d479fe1" - "99dc8271fca1d5f074a3f69399824ed6d520d5e573dc64dd832ca4918bb3f6df42fab6" - "2ed22e7c62", - .p_key = - "37e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "0001020304050607", - .p_nonce = "cd45bc603e251dfbceb5a8de2f", - .p_mac = "cca55736e5392b49" -}; - -/* AES GCM - Custom test vector 9 */ -ITEM_REGISTER(test_vector_aead_gcm_data, - test_vector_aead_t test_vector_aes_gcm_256_c9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME( - "GCM 256 message_len=16 ad_len=250 mac_len=8 nonce_len=13"), - .p_plaintext = "08090a0b0c0d0e0f101112131415161718191a1b1c1d1e", - .p_ciphertext = "8fe6262e7040eae0feb2b17983d20ffbe04f23faa0246f", - .p_key = - "37e16ad43779aa3b211679f375b31d0f15163ede0c5db4b9ebfa0ba7fc9e59ea", - .p_ad = "0ee0089ec32c7cfa036bd1ab9c23b98cd5d166214d61c719688c6a0ecff705da47" - "ac179cae7eaa3b638ab022a6669729fe47f24679e78488125d989cc7d1bbd8b472" - "b04678b45adde4cca92cd91c4e214257243b163eca04bf643e9df6f7c5bf55aa91" - "bc348154b5c3e9529a56fed8b04e0726b6de3ecc43f499108933e07297bdfcd4d8" - "df2aa9af908083aeccc5c23fe9efbbf5fa9a27ea2923d36188197c87c955fcc5f7" - "e0ebff4b01ebf008a5c93dab12ddfbf65f4225e5a3dfd44e36dbc3ba7891fce514" - "d127e5eb8adb939670b4c5643c46425c614546b90cf0d720203bef4a12ff2d7666" - "23c92e134420e3b423b526598f32e8884843bc", - .p_nonce = "cd45bc603e251dfbceb5a8de2f", - .p_mac = "4b9f2a6b57c00b1f" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt0) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "f5a2b27c74355872eb3ef6c5feafaa740e6ae990d9d48c3bd9bb8235e589f010", - .p_ad = "", - .p_nonce = "58d2240f580a31c1d24948e9", - .p_mac = "15e051a5e4a5f5da6cea92e2ebee5bac" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e5a8123f2e2e007d4e379ba114a2fb66e6613f57c72d4e4f024964053028a831", - .p_ad = "", - .p_nonce = "51e43385bf533e168427e1ad", - .p_mac = "38fe845c66e66bdd884c2aecafd280e6" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "c5ba3bf9ada560fb0301cd4e0b8b8a46a2aff2400395a72ed5804b3c755c4e59", - .p_ad = "", - .p_nonce = "de2b956e704063c000f28bbb", - .p_mac = "04eb9b20fd4548dc71594f20073a45a2" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "5765ad16f4dbd4d4e6370dbfa18b8ef5ac37459e39556afaba9b553dea4c1b23", - .p_ad = "", - .p_nonce = "59678f262588e4d526d9fc34", - .p_mac = "a68f33ed" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "a29fa93614e9f714c73d3707d1142b2514fa8a14641f79ef14e9bf0e812f49fa", - .p_ad = "", - .p_nonce = "68272acf71b1cdad4655dbdc", - .p_mac = "b90e554a" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "717d2a5396ae21560a895a7847f53c47956d155ca4dd2165137d3506ff48a7bf", - .p_ad = "", - .p_nonce = "6ccd8086830f586fa3b0e777", - .p_mac = "a618ac6a" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "6dfdafd6703c285c01f14fd10a6012862b2af950d4733abb403b2e745b26945d", - .p_ad = "c0d249871992e70302ae008193d1e89f", - .p_nonce = "3749d0b3d5bacb71be06ade6", - .p_mac = "4aa4cc69f84ee6ac16d9bfb4e05de500" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "033360a08d0b2963ce4dcf807b772ac86ae3e8b8fabb9cd3a636f8ec54365646", - .p_ad = "f9d15fc34984b8f4a7caa29a82b24c52", - .p_nonce = "8dcaa63d13a2425395609914", - .p_mac = "42bc9cc93a1c8592bd29c9ef9f907780" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 3"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "4f1a5fc8e4689c493ef8e23a653e86e4d4c8972a2338653375b0f36a4feb91d7", - .p_ad = "f09b0fc4e4ccb5e28dfcc0792a6800f3", - .p_nonce = "9b8221a631404088218fe487", - .p_mac = "31073f1a0050462a03c7ad0bbefaf93b" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "7789b41cb3ee548814ca0b388c10b343", - .p_ciphertext = "d2c78110ac7e8f107c0df0570bd7c90c", - .p_key = - "4c8ebfe1444ec1b2d503c6986659af2c94fafe945f72c1e8486a5acfedb8a0f8", - .p_ad = "", - .p_nonce = "473360e0ad24889959858995", - .p_mac = "c26a379b6d98ef2852ead8ce83a833a7" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt10) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "697aff2d6b77e5ed6232770e400c1ead", - .p_ciphertext = "e0de64302ac2d04048d65a87d2ad09fe", - .p_key = - "3934f363fd9f771352c4c7a060682ed03c2864223a1573b3af997e2ababd60ab", - .p_ad = "", - .p_nonce = "efe2656d878c586e41c539c4", - .p_mac = "33cbd8d2fb8a3a03e30c1eb1b53c1d99" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt11) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "697aff2d6b77e5ed6232770e400c1ead", - .p_ciphertext = "9f6607d68e22ccf21928db0986be126e", - .p_key = - "c997768e2d14e3d38259667a6649079de77beb4543589771e5068e6cd7cd0b14", - .p_ad = "", - .p_nonce = "835090aed9552dbdd45277e2", - .p_mac = "f32617f67c574fd9f44ef76ff880ab9f" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt12) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "85fc3dfad9b5a8d3258e4fc44571bd3b", - .p_ciphertext = "426e0efc693b7be1f3018db7ddbb7e4d", - .p_key = - "54e352ea1d84bfe64a1011096111fbe7668ad2203d902a01458c3bbd85bfce14", - .p_ad = "7e968d71b50c1f11fd001f3fef49d045", - .p_nonce = "df7c3bca00396d0c018495d9", - .p_mac = "ee8257795be6a1164d7e1d2d6cac77a7" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt13) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "3fe7811a8224a1881da34a27e03da86a", - .p_ciphertext = "c61155d41495e9fc76060fe7f8c926a2", - .p_key = - "82f0d1ddc58123f805541f55a7eab43f56ddfefc06c73d57709df3d5a4aabfb3", - .p_ad = "34325620a392739beeee6c370967d539", - .p_nonce = "0c9d74af29ed4406c77a8e4b", - .p_mac = "66d8c881d66370504d2bf00cdb06259e" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt14) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "3fe7811a8224a1881da34a27e03da86a", - .p_ciphertext = "e93165935ac18e3a2845d15fe31a9286", - .p_key = - "9a0343f850a6427120f764789ffec6d237447b898fbf51d2182f065d3861497d", - .p_ad = "dbb8226a624520863db6897017b2a4f8", - .p_nonce = "3deef6f453dd70d92143adcd", - .p_mac = "f5fc50d18766bc3d9e16dd136d45816b" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt15) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 1"), - .p_plaintext = "3fe7811a8224a1881da34a27e03da86a", - .p_ciphertext = "2975341596f99a22f85a48272d089357", - .p_key = - "f65818c25506e571ea4778e71b838ab24d3d6a318670885ded4761c2214ae08c", - .p_ad = "f16c6a6a94a09f7936c718ca182f0e2d8b90de8edecec7257354a02539bee9d232" - "c04b25d6fcc081e8852d834b7044cfec8b0073c62fc676b6d062693b99e791ddc6" - "292bee1f5dc39acc18b06bf5c73a64772195b89659b87275", - .p_nonce = - "f3d6c665c371db5c8d69ab46ac53eabfd4481a337d005bd0204f5838d770a1bb986808" - "2542b43732d371c7786ab5e3fa217176f959ede631e373488c996c03c00496ff468cc9" - "a2a15700e3aef82ae01f598f703e55da6d6cc9cace3c1f2adf6973af9f7f19dd903d7d" - "0670bc082ec0e97c244426910b6c8e85358eaea8a9807b", - .p_mac = "f260536b28c1220940044c3593" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt16) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 1"), - .p_plaintext = "32f7cc94968659f34f23bda8117f065e", - .p_ciphertext = "8700601301096fbfe50b413a8059202d", - .p_key = - "fb9cf2d324f5ca351b37d960f314d602d33c01b21be3fcbe0e5a3c55eb9f7d74", - .p_ad = "b0b6f49d881e0af5d879219d7acdd8efd7c2561ee5516de0cc32b61d1c8abd9629" - "bfed1bfdd3cb73e3b39d480af6ea7f9c823f55512a8013ac92b6f3b13efe707dd0" - "8c4349e6e15bb2fd6ea4cd6de69b8f1b1c290353ea6ec548", - .p_nonce = - "53571073c7deffe06b42e3a5cd0d0574ff9ba8afb2fa504420d5fbb1fc6c6aec70b412" - "d40e4e0e0c0abccda8830d3aa6dcb14514f1648b13920a1cf0bc0dfc7ef26d9304f8c1" - "a2858c5ae18993120508ead1f6aa1f7f5ed3f470b203045e9d3d97b493c7d6991061d6" - "2555c90bdbd46fa5fe40a4e762361c951f05ee3ce4dd1a", - .p_mac = "247b1c2705c6300785ff514d58" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_encrypt17) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Encrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 2"), - .p_plaintext = "32f7cc94968659f34f23bda8117f065e", - .p_ciphertext = "5bfb289d9832cc5dffce4d1d33357951", - .p_key = - "b21ef6860b889efdc04ee1cbae0e84a4f31ac9369b01caa901e873ee6f970839", - .p_ad = "d721291424b17f9ca4f059f208dd7908cdcfd50681641c8dfca185c89e7f1ecf17" - "61bc32b492d8e5ce9cd873cd18a778595fd9b53878634b285f5383a79e01abf654" - "2abffbf4f67347193740f73c3dbac654398027315280e2d5", - .p_nonce = - "7657f649159a91a7f953e323c236a62f678dab54dd5ae8381419fbcb0ce3d3ec358d46" - "fba5e4dc67cf4157bc6a8f42bc4b1d8624c0b9501f00146e628cecc6580aff6d1bf59f" - "5667f3005b2636f4333930b07f8e814966fce1740919d1f3befa418a81693c0be066b1" - "d17ede09ef36b35b1d908608aeb7ea77d03eec9936736b", - .p_mac = "8eac04b744d91e7b2c5a6ed792" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt0) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "f5a2b27c74355872eb3ef6c5feafaa740e6ae990d9d48c3bd9bb8235e589f010", - .p_ad = "", - .p_nonce = "58d2240f580a31c1d24948e9", - .p_mac = "15e051a5e4a5f5da6cea92e2ebee5bac" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt1) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "e5a8123f2e2e007d4e379ba114a2fb66e6613f57c72d4e4f024964053028a831", - .p_ad = "", - .p_nonce = "51e43385bf533e168427e1ad", - .p_mac = "38fe845c66e66bdd884c2aecafd280e6" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt2) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "c5ba3bf9ada560fb0301cd4e0b8b8a46a2aff2400395a72ed5804b3c755c4e59", - .p_ad = "", - .p_nonce = "de2b956e704063c000f28bbb", - .p_mac = "04eb9b20fd4548dc71594f20073a45a2" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt3) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "5765ad16f4dbd4d4e6370dbfa18b8ef5ac37459e39556afaba9b553dea4c1b23", - .p_ad = "", - .p_nonce = "59678f262588e4d526d9fc34", - .p_mac = "a68f33ed" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt4) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 invalid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "a29fa93614e9f714c73d3707d1142b2514fa8a14641f79ef14e9bf0e812f49fa", - .p_ad = "", - .p_nonce = "68272acf71b1cdad4655dbdc", - .p_mac = "b90e554a" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt5) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=0 " - "mac_len=4 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "717d2a5396ae21560a895a7847f53c47956d155ca4dd2165137d3506ff48a7bf", - .p_ad = "", - .p_nonce = "6ccd8086830f586fa3b0e777", - .p_mac = "a618ac6a" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt6) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "6dfdafd6703c285c01f14fd10a6012862b2af950d4733abb403b2e745b26945d", - .p_ad = "c0d249871992e70302ae008193d1e89f", - .p_nonce = "3749d0b3d5bacb71be06ade6", - .p_mac = "4aa4cc69f84ee6ac16d9bfb4e05de500" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt7) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "033360a08d0b2963ce4dcf807b772ac86ae3e8b8fabb9cd3a636f8ec54365646", - .p_ad = "f9d15fc34984b8f4a7caa29a82b24c52", - .p_nonce = "8dcaa63d13a2425395609914", - .p_mac = "42bc9cc93a1c8592bd29c9ef9f907780" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt8) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=0 ad_len=16 " - "mac_len=16 nonce_len=12 valid 3"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "4f1a5fc8e4689c493ef8e23a653e86e4d4c8972a2338653375b0f36a4feb91d7", - .p_ad = "f09b0fc4e4ccb5e28dfcc0792a6800f3", - .p_nonce = "9b8221a631404088218fe487", - .p_mac = "31073f1a0050462a03c7ad0bbefaf93b" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt9) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "7789b41cb3ee548814ca0b388c10b343", - .p_ciphertext = "d2c78110ac7e8f107c0df0570bd7c90c", - .p_key = - "4c8ebfe1444ec1b2d503c6986659af2c94fafe945f72c1e8486a5acfedb8a0f8", - .p_ad = "", - .p_nonce = "473360e0ad24889959858995", - .p_mac = "c26a379b6d98ef2852ead8ce83a833a7" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt10) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "697aff2d6b77e5ed6232770e400c1ead", - .p_ciphertext = "e0de64302ac2d04048d65a87d2ad09fe", - .p_key = - "3934f363fd9f771352c4c7a060682ed03c2864223a1573b3af997e2ababd60ab", - .p_ad = "", - .p_nonce = "efe2656d878c586e41c539c4", - .p_mac = "33cbd8d2fb8a3a03e30c1eb1b53c1d99" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt11) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=0 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "697aff2d6b77e5ed6232770e400c1ead", - .p_ciphertext = "9f6607d68e22ccf21928db0986be126e", - .p_key = - "c997768e2d14e3d38259667a6649079de77beb4543589771e5068e6cd7cd0b14", - .p_ad = "", - .p_nonce = "835090aed9552dbdd45277e2", - .p_mac = "f32617f67c574fd9f44ef76ff880ab9f" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt12) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 valid 1"), - .p_plaintext = "85fc3dfad9b5a8d3258e4fc44571bd3b", - .p_ciphertext = "426e0efc693b7be1f3018db7ddbb7e4d", - .p_key = - "54e352ea1d84bfe64a1011096111fbe7668ad2203d902a01458c3bbd85bfce14", - .p_ad = "7e968d71b50c1f11fd001f3fef49d045", - .p_nonce = "df7c3bca00396d0c018495d9", - .p_mac = "ee8257795be6a1164d7e1d2d6cac77a7" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt13) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 valid 2"), - .p_plaintext = "3fe7811a8224a1881da34a27e03da86a", - .p_ciphertext = "c61155d41495e9fc76060fe7f8c926a2", - .p_key = - "82f0d1ddc58123f805541f55a7eab43f56ddfefc06c73d57709df3d5a4aabfb3", - .p_ad = "34325620a392739beeee6c370967d539", - .p_nonce = "0c9d74af29ed4406c77a8e4b", - .p_mac = "66d8c881d66370504d2bf00cdb06259e" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt14) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=16 " - "mac_len=16 nonce_len=12 invalid 1"), - .p_plaintext = "3fe7811a8224a1881da34a27e03da86a", - .p_ciphertext = "e93165935ac18e3a2845d15fe31a9286", - .p_key = - "9a0343f850a6427120f764789ffec6d237447b898fbf51d2182f065d3861497d", - .p_ad = "dbb8226a624520863db6897017b2a4f8", - .p_nonce = "3deef6f453dd70d92143adcd", - .p_mac = "f5fc50d18766bc3d9e16dd136d45816b" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 0 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt15) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 1"), - .p_plaintext = "3fe7811a8224a1881da34a27e03da86a", - .p_ciphertext = "2975341596f99a22f85a48272d089357", - .p_key = - "f65818c25506e571ea4778e71b838ab24d3d6a318670885ded4761c2214ae08c", - .p_ad = "f16c6a6a94a09f7936c718ca182f0e2d8b90de8edecec7257354a02539bee9d232" - "c04b25d6fcc081e8852d834b7044cfec8b0073c62fc676b6d062693b99e791ddc6" - "292bee1f5dc39acc18b06bf5c73a64772195b89659b87275", - .p_nonce = - "f3d6c665c371db5c8d69ab46ac53eabfd4481a337d005bd0204f5838d770a1bb986808" - "2542b43732d371c7786ab5e3fa217176f959ede631e373488c996c03c00496ff468cc9" - "a2a15700e3aef82ae01f598f703e55da6d6cc9cace3c1f2adf6973af9f7f19dd903d7d" - "0670bc082ec0e97c244426910b6c8e85358eaea8a9807b", - .p_mac = "f260536b28c1220940044c3593" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 1 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt16) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = 0, - .crypt_expected_result = EXPECTED_TO_PASS, - .mac_expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 valid 1"), - .p_plaintext = "32f7cc94968659f34f23bda8117f065e", - .p_ciphertext = "8700601301096fbfe50b413a8059202d", - .p_key = - "fb9cf2d324f5ca351b37d960f314d602d33c01b21be3fcbe0e5a3c55eb9f7d74", - .p_ad = "b0b6f49d881e0af5d879219d7acdd8efd7c2561ee5516de0cc32b61d1c8abd9629" - "bfed1bfdd3cb73e3b39d480af6ea7f9c823f55512a8013ac92b6f3b13efe707dd0" - "8c4349e6e15bb2fd6ea4cd6de69b8f1b1c290353ea6ec548", - .p_nonce = - "53571073c7deffe06b42e3a5cd0d0574ff9ba8afb2fa504420d5fbb1fc6c6aec70b412" - "d40e4e0e0c0abccda8830d3aa6dcb14514f1648b13920a1cf0bc0dfc7ef26d9304f8c1" - "a2858c5ae18993120508ead1f6aa1f7f5ed3f470b203045e9d3d97b493c7d6991061d6" - "2555c90bdbd46fa5fe40a4e762361c951f05ee3ce4dd1a", - .p_mac = "247b1c2705c6300785ff514d58" -}; - -/* AES GCM - NIST CAVS 14.0 Decrypt with keysize 256 - Count 2 */ -ITEM_REGISTER(test_vector_aead_gcm_simple_data, - test_vector_aead_t test_vector_aes_aead_gcm_256_decrypt17) = { - .mode = MBEDTLS_MODE_GCM, - .id = MBEDTLS_CIPHER_ID_AES, - .expected_err_code = MBEDTLS_ERR_CIPHER_AUTH_FAILED, - .crypt_expected_result = EXPECTED_TO_FAIL, - .mac_expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("GCM 256 Decrypt message_len=16 ad_len=90 " - "mac_len=13 nonce_len=128 invalid 2"), - .p_plaintext = "32f7cc94968659f34f23bda8117f065e", - .p_ciphertext = "5bfb289d9832cc5dffce4d1d33357951", - .p_key = - "b21ef6860b889efdc04ee1cbae0e84a4f31ac9369b01caa901e873ee6f970839", - .p_ad = "d721291424b17f9ca4f059f208dd7908cdcfd50681641c8dfca185c89e7f1ecf17" - "61bc32b492d8e5ce9cd873cd18a778595fd9b53878634b285f5383a79e01abf654" - "2abffbf4f67347193740f73c3dbac654398027315280e2d5", - .p_nonce = - "7657f649159a91a7f953e323c236a62f678dab54dd5ae8381419fbcb0ce3d3ec358d46" - "fba5e4dc67cf4157bc6a8f42bc4b1d8624c0b9501f00146e628cecc6580aff6d1bf59f" - "5667f3005b2636f4333930b07f8e814966fce1740919d1f3befa418a81693c0be066b1" - "d17ede09ef36b35b1d908608aeb7ea77d03eec9936736b", - .p_mac = "8eac04b744d91e7b2c5a6ed792" -}; - -#endif /* CRYPTO_TEST_LARGE_VECTORS */ diff --git a/tests/crypto/test_cases/test_vectors_aes_cbc.c b/tests/crypto/test_cases/test_vectors_aes_cbc.c deleted file mode 100644 index f8cf515c1db6..000000000000 --- a/tests/crypto/test_cases/test_vectors_aes_cbc.c +++ /dev/null @@ -1,2141 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief AES CBC test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/block-ciphers#AES - */ - -/* AES CBC - Functional test using test vector NIST CAVS 11.1 CBC KeySbox 128 - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_func_data, - test_vector_aes_t test_vector_aes_cbc_128_functional) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Functional"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "6d251e6944b051e04eaa6fb4dbf78465", - .p_key = "10a58869d74be5a374cf867cfb473859", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - Custom test vector - Encrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_c0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_c0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_c3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 128 Encrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de", - .p_ciphertext = "65a55df93aa327a88cb5710d7cc1afa2", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_c3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 128 Decrypt message_len=1 pkcs7-padding"), - .p_plaintext = - "de0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f", /**< The 15 padded bytes (0x0f) will - be removed in the actual - generated plaintext. */ - .p_ciphertext = "65a55df93aa327a88cb5710d7cc1afa2", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_c4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 128 Encrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede", - .p_ciphertext = - "620dd9eb230c761d55593923a7bbdb820eb10da808529643edb8cfd3585bd59a", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_c4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 128 Decrypt message_len=16 pkcs7-padding"), - .p_plaintext = - "dededededededededededededededede101010101010101010101010101" - "01010", /**< The 16 padded bytes (0x10) will be removed in - the actual generated plaintext. */ - .p_ciphertext = - "620dd9eb230c761d55593923a7bbdb820eb10da808529643edb8cfd3585bd59a", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_c5) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 128 Encrypt message_len=31 pkcs7-padding"), - .p_plaintext = - "dedededededededededededededededededededededededededededededede", - .p_ciphertext = - "620dd9eb230c761d55593923a7bbdb82dd286d2d7acf39756cfeb0f836cfb0db", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_c5) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 128 Decrypt message_len=31 pkcs7-padding"), - .p_plaintext = - "dededededededededededededededededededededededededededededed" - "ede01", /**< The padded byte (0x01) will be removed in the - actual generated plaintext. */ - .p_ciphertext = - "620dd9eb230c761d55593923a7bbdb82dd286d2d7acf39756cfeb0f836cfb0db", - .p_key = "89df4c819f49dbcbcb124304023cf38c", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Test using test vector NIST CAVS 11.1 GFSBox Tests 128 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_gfsb0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt Key Zero"), - .p_plaintext = "f34481ec3cc627bacd5dc3fb08f273e6", - .p_ciphertext = "0336763e966d92595a567cc9ce537f5e", - .p_key = "00000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - Test using test vector NIST CAVS 11.1 GFSBox Tests 128 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_gfsb0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt Key Zero"), - .p_plaintext = "f34481ec3cc627bacd5dc3fb08f273e6", - .p_ciphertext = "0336763e966d92595a567cc9ce537f5e", - .p_key = "00000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 128 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_vk0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "0edd33d3c621e546455bd8ba1418bec8", - .p_key = "80000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 128 Encrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_vk127) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt VarKey 127"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "a1f6258c877d5fcd8964484538bfc92c", - .p_key = "ffffffffffffffffffffffffffffffff", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 128 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_vk0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "0edd33d3c621e546455bd8ba1418bec8", - .p_key = "80000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 128 Decrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_vk127) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt VarKey 127"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "a1f6258c877d5fcd8964484538bfc92c", - .p_key = "ffffffffffffffffffffffffffffffff", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_16) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=16"), - .p_plaintext = "45cf12964fc824ab76616ae2f4bf0822", - .p_ciphertext = "0f61c4d44c5147c03c195ad7e2cc12b2", - .p_key = "1f8e4973953f3fb0bd6b16662e9a3c17", - .p_iv = "2fe2b333ceda8f98f4a99b40d2cd34a8" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_32) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=32"), - .p_plaintext = - "068b25c7bfb1f8bdd4cfc908f69dffc5ddc726a197f0e5f720f730393279be91", - .p_ciphertext = - "c4dc61d9725967a3020104a9738f23868527ce839aab1752fd8bdb95a82c4d00", - .p_key = "0700d603a1c514e46b6191ba430a3a0c", - .p_iv = "aad1583cd91365e3bb2f0c3430d065bb" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_48) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=48"), - .p_plaintext = - "9b7cee827a26575afdbb7c7a329f887238052e3601a7917456ba61251c2" - "14763d5e1847a6ad5d54127a399ab07ee3599", - .p_ciphertext = - "d5aed6c9622ec451a15db12819952b6752501cf05cdbf8cda34a457726" - "ded97818e1f127a28d72db5652749f0c6afee5", - .p_key = "3348aa51e9a45c2dbe33ccc47f96e8de", - .p_iv = "19153c673160df2b1d38c28060e59b96" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_64) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=64"), - .p_plaintext = - "9ac19954ce1319b354d3220460f71c1e373f1cd336240881160cfde46ebfed2e791e8d" - "5a1a136ebd1dc469dec00c4187722b841cdabcb22c1be8a14657da200e", - .p_ciphertext = - "19b9609772c63f338608bf6eb52ca10be65097f89c1e0905c42401fd47791ae2c5440b" - "2d473116ca78bd9ff2fb6015cfd316524eae7dcb95ae738ebeae84a467", - .p_key = "b7f3c9576e12dd0db63e8f8fac2b9a39", - .p_iv = "c80f095d8bb1a060699f7c19974a1aa0" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_80) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=80"), - .p_plaintext = - "db397ec22718dbffb9c9d13de0efcd4611bf792be4fce0dc5f25d4f577e" - "d8cdbd4eb9208d593dda3d4653954ab64f05676caa3ce9bfa795b08b67c" - "eebc923fdc89a8c431188e9e482d8553982cf304d1", - .p_ciphertext = - "10ea27b19e16b93af169c4a88e06e35c99d8b420980b058e34b4b8f132" - "b13766f72728202b089f428fecdb41c79f8aa0d0ef68f5786481cca29e" - "2126f69bc14160f1ae2187878ba5c49cf3961e1b7ee9", - .p_key = "b6f9afbfe5a1562bba1368fc72ac9d9c", - .p_iv = "3f9d5ebe250ee7ce384b0d00ee849322" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_96) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=96"), - .p_plaintext = - "2aad0c2c4306568bad7447460fd3dac054346d26feddbc9abd9110914011b4794be2a9" - "a00a519a51a5b5124014f4ed2735480db21b434e99a911bb0b60fe0253763725b628d5" - "739a5117b7ee3aefafc5b4c1bf446467e7bf5f78f31ff7caf187", - .p_ciphertext = - "3b8611bfc4973c5cd8e982b073b33184cd26110159172e44988eb5ff5661a1e16fad67" - "258fcbfee55469267a12dc374893b4e3533d36f5634c3095583596f135aa8cd1138dc8" - "98bc5651ee35a92ebf89ab6aeb5366653bc60a70e0074fc11efe", - .p_key = "bbe7b7ba07124ff1ae7c3416fe8b465e", - .p_iv = "7f65b5ee3630bed6b84202d97fb97a1e" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_112) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=112"), - .p_plaintext = - "807bc4ea684eedcfdcca30180680b0f1ae2814f35f36d053c5aea6595a3" - "86c1442770f4d7297d8b91825ee7237241da8925dd594ccf676aecd46ca" - "2068e8d37a3a0ec8a7d5185a201e663b5ff36ae197110188a23503763b8" - "218826d23ced74b31e9f6e2d7fbfa6cb43420c7807a8625", - .p_ciphertext = - "406af1429a478c3d07e555c5287a60500d37fc39b68e5bbb9bafd6ddb2" - "23828561d6171a308d5b1a4551e8a5e7d572918d25c968d3871848d2f1" - "6635caa9847f38590b1df58ab5efb985f2c66cfaf86f61b3f9c0afad6c" - "963c49cee9b8bc81a2ddb06c967f325515a4849eec37ce721a", - .p_key = "89a553730433f7e6d67d16d373bd5360", - .p_iv = "f724558db3433a523f4e51a5bea70497" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_128) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=128"), - .p_plaintext = - "cb6a787e0dec56f9a165957f81af336ca6b40785d9e94093c6190e5152649f882e874d" - "79ac5e167bd2a74ce5ae088d2ee854f6539e0a94796b1e1bd4c9fcdbc79acbef4d01ee" - "b89776d18af71ae2a4fc47dd66df6c4dbe1d1850e466549a47b636bcc7c2b3a62495b5" - "6bb67b6d455f1eebd9bfefecbca6c7f335cfce9b45cb9d", - .p_ciphertext = - "7b2931f5855f717145e00f152a9f4794359b1ffcb3e55f594e33098b51c23a6c74a06c" - "1d94fded7fd2ae42c7db7acaef5844cb33aeddc6852585ed0020a6699d2cb53809cefd" - "169148ce42292afab063443978306c582c18b9ce0da3d084ce4d3c482cfd8fcf1a8508" - "4e89fb88b40a084d5e972466d07666126fb761f84078f2", - .p_key = "c491ca31f91708458e29a925ec558d78", - .p_iv = "9ef934946e5cd0ae97bd58532cb49381" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_144) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=144"), - .p_plaintext = - "f82bef3c73a6f7f80db285726d691db6bf55eec25a859d3ba0e0445f26b" - "9bb3b16a3161ed1866e4dd8f2e5f8ecb4e46d74a7a78c20cdfc7bcc9e47" - "9ba7a0caba9438238ad0c01651d5d98de37f03ddce6e6b4bd4ab03cf9e8" - "ed818aedfa1cf963b932067b97d776dce1087196e7e913f7448e3824450" - "9f0caf36bd8217e15336d35c149fd4e41707893fdb84014f8729", - .p_ciphertext = - "b09512f3eff9ed0d85890983a73dadbb7c3678d52581be64a8a8fc586f" - "490f2521297a478a0598040ebd0f5509fafb0969f9d9e600eaef33b1b9" - "3eed99687b167f89a5065aac439ce46f3b8d22d30865e64e45ef8cd30b" - "6984353a844a11c8cd60dba0e8866b3ee30d24b3fa8a643b328353e060" - "10fa8273c8fd54ef0a2b6930e5520aae5cd5902f9b86a33592ca4365", - .p_key = "f6e87d71b0104d6eb06a68dc6a71f498", - .p_iv = "1c245f26195b76ebebc2edcac412a2f8" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_160) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt message_len=160"), - .p_plaintext = - "40d930f9a05334d9816fe204999c3f82a03f6a0457a8c475c94553d1d116693adc6180" - "49f0a769a2eed6a6cb14c0143ec5cccdbc8dec4ce560cfd206225709326d4de7948e54" - "d603d01b12d7fed752fb23f1aa4494fbb00130e9ded4e77e37c079042d828040c325b1" - "a5efd15fc842e44014ca4374bf38f3c3fc3ee327733b0c8aee1abcd055772f18dc0460" - "3f7b2c1ea69ff662361f2be0a171bbdcea1e5d3f", - .p_ciphertext = - "6be8a12800455a320538853e0cba31bd2d80ea0c85164a4c5c261ae485417d93effe2e" - "bc0d0a0b51d6ea18633d210cf63c0c4ddbc27607f2e81ed9113191ef86d56f3b99be6c" - "415a4150299fb846ce7160b40b63baf1179d19275a2e83698376d28b92548c68e06e6d" - "994e2c1501ed297014e702cdefee2f656447706009614d801de1caaf73f8b7fa56cf1b" - "a94b631933bbe577624380850f117435a0355b2b", - .p_key = "2c14413751c31e2730570ba3361c786b", - .p_iv = "1dbbeb2f19abb448af849796244a19d7" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_16) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=16"), - .p_plaintext = "940bc76d61e2c49dddd5df7f37fcf105", - .p_ciphertext = "f8eb31b31e374e960030cd1cadb0ef0c", - .p_key = "6a7082cf8cda13eff48c8158dda206ae", - .p_iv = "bd4172934078c2011cb1f31cffaf486e" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_32) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=32"), - .p_plaintext = - "360dc1896ce601dfb2a949250067aad96737847a4580ede2654a329b842fe81e", - .p_ciphertext = - "5d6fed86f0c4fe59a078d6361a142812514b295dc62ff5d608a42ea37614e6a1", - .p_key = "625eefa18a4756454e218d8bfed56e36", - .p_iv = "73d9d0e27c2ec568fbc11f6a0998d7c8" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_48) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=48"), - .p_plaintext = - "a206385945b21f812a9475f47fddbb7fbdda958a8d14c0dbcdaec36e8b2" - "8f1f6ececa1ceae4ce17721d162c1d42a66c1", - .p_ciphertext = - "e29e3114c8000eb484395b256b1b3267894f290d3999819ff35da03e64" - "63c186c4d7ebb964941f1986a2d69572fcaba8", - .p_key = "fd6e0b954ae2e3b723d6c9fcae6ab09b", - .p_iv = "f08b65c9f4dd950039941da2e8058c4e" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_64) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=64"), - .p_plaintext = - "b968aeb199ad6b3c8e01f26c2edad444538c78bfa36ed68ca76123b8cdce615a01f611" - "2bb80bfc3f17490578fb1f909a52e162637b062db04efee291a1f1af60", - .p_ciphertext = - "d3f89b71e033070f9d7516a6cb4ea5ef51d6fb63d4f0fea089d0a60e47bbb3c2e10e9b" - "a3b282c7cb79aefe3068ce228377c21a58fe5a0f8883d0dbd3d096beca", - .p_key = "7b1ab9144b0239315cd5eec6c75663bd", - .p_iv = "0b1e74f45c17ff304d99c059ce5cde09" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_80) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=80"), - .p_plaintext = - "999983467c47bb1d66d7327ab5c58f61ddb09b93bd2460cb78cbc12b5fa" - "1ea0c5f759ccc5e478697687012ff4673f6e61eecaeda0ccad2d674d309" - "8c7d17f887b62b56f56b03b4d055bf3a4460e83efa", - .p_ciphertext = - "9ed957bd9bc52bba76f68cfbcde52157a8ca4f71ac050a3d92bdebbfd7" - "c78316b4c9f0ba509fad0235fdafe90056ad115dfdbf08338b2acb1c80" - "7a88182dd2a882d1810d4302d598454e34ef2b23687d", - .p_key = "36466b6bd25ea3857ea42f0cac1919b1", - .p_iv = "7186fb6bdfa98a16189544b228f3bcd3" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_96) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=96"), - .p_plaintext = - "45efd00daa4cdc8273ef785cae9e944a7664a2391e1e2c449f475acec0124bbc229443" - "31678617408a1702917971f4654310ffb9229bec6173715ae512d37f93aaa6abf009f7" - "e30d65669d1db0366b5bce4c7b00f871014f5753744a1878dc57", - .p_ciphertext = - "1bcba44ddff503db7c8c2ec4c4eea0e827957740cce125c1e11769842fa97e25f1b892" - "69e6d77923a512a358312f4ba1cd33f2d111280cd83e1ef9e7cf7036d55048d5c27365" - "2afa611cc81b4e9dac7b5078b7c4716062e1032ead1e3329588a", - .p_key = "89373ee6e28397640d5082eed4123239", - .p_iv = "1a74d7c859672c804b82472f7e6d3c6b" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_112) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=112"), - .p_plaintext = - "c5585ff215bbb73ba5393440852fb199436de0d15e55c631f877670aa3e" - "da9f672eb1f876f09544e63558436b8928000db2f02a5ad90f95b05ac4c" - "f49e198e617e7678480fdf0efacc6aae691271e6cdd3541ebf719a1ccae" - "db24e2f80f92455dd5910cb5086b0960a3942ec182dcbd7", - .p_ciphertext = - "c65b94b1f291fa9f0600f22c3c0432c895ad5d177bcccc9ea44e8ec339" - "c9adf43855b326179d6d81aa36ef59462fd86127e9d81b0f286f93306b" - "f74d4c79e47c1b3d4b74edd3a16290e3c63b742e41f20d66ceee794316" - "bb63d3bd002712a1b136ba6185bd5c1dab81b07db90d2af5e5", - .p_key = "bab0cceddc0abd63e3f82e9fbff7b8aa", - .p_iv = "68b9140f300490c5c942f66e777eb806" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_128) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=128"), - .p_plaintext = - "1d1f8d81bdc3e2c7cb057f408e6450000c5aaed3260ff1e87fbb6f324df6887ffd8f78" - "d7e2a04c9ed9deda9d64482d2b002f4a2b78d8b4f691875c8295d4a64b22257ceaf713" - "ed2f4b92530d7ad7151d629acda882b4829577a43990b0948c1149c22fe4273656d1b0" - "8833930e8b06709a94579a78fc220f7057bbc1fa9f6563", - .p_ciphertext = - "ba9f646755dacc22911f51d7de2f7e7cb0bc0b75257ea44fe883edb055c7c28ede04c3" - "a0adcb10128ad4517d0093fa16bb0bcd2635e7a0ba92c7609bc8d8568002a7a9834737" - "24d256513aa7d51b477aabec1975ab5faf2872a6407e922180eff02f1ef86a4591c8bd" - "3d143da6f0ef0e4806f94ace0d5b0151c99640fccbc843", - .p_key = "9c702898efa44557b29ed283f5bc0293", - .p_iv = "cec6e1b82e8b2a591a9fa5ff1cf5cc51" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_144) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=144"), - .p_plaintext = - "6d40fd2f908f48ce19241b6b278b1b1676dffd4a97ce9f8a1574c33bc59" - "237deb536bee376fd6c381e6987700e39283aa111cf1a59f26fae6fb670" - "0bf012646a2ab80239bf5e1632329043aa87d7911978b36523a2bc0bed9" - "a9737ccf7a00baa2f3822b4e9e742e168e7069290705fed2eb63aa044b7" - "8f97dd33a8d6b24741ec1fd8c8db79d93b884e762dba0f406961", - .p_ciphertext = - "198351f453103face6655666fe90bdbd9630e3733b2d66c013a634e91f" - "2bf015bd2d975d71b26322e44defa32d4e9dce50363557046ece08ba38" - "f258dae5fd3e5049c647476c81e73482e40c171d89f9fea29452caf995" - "733589b0061464fbd5dabe27dc5ea463a3deeb7dcb43664ae6a65c498c" - "143883ab8e83b51e5410b181647602443dc3cfffe86f0205398fa83c", - .p_key = "5674636dbdb38f705f0b08c372ef4785", - .p_iv = "3f20ce0509b57420d53b6be4d0b7f0a9" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_160) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt message_len=160"), - .p_plaintext = - "e8b89150d8438bf5b17449d6ed26bd72127e10e4aa57cad85283e8359e089208e84921" - "649f5b60ea21f7867cbc9620560c4c6238db021216db453c9943f1f1a60546173daef2" - "557c3cdd855031b353d4bf176f28439e48785c37d38f270aa4a6faad2baabcb0c0b2d1" - "dd5322937498ce803ba1148440a52e227ddba4872fe4d81d2d76a939d24755adb8a7b8" - "452ceed2d179e1a5848f316f5c016300a390bfa7", - .p_ciphertext = - "22cdc3306fcd4d31ccd32720cbb61bad28d855670657c48c7b88c31f4fa1f93c01b57d" - "a90be63ead67d6a325525e6ed45083e6fb70a53529d1fa0f55653b942af59d78a26603" - "61d63a7290155ac5c43312a25b235dacbbc863faf00940c99624076dfa44068e7c554c" - "9038176953e571751dfc0954d41d113771b06466b1c8d13e0d4cb675ed58d1a619e154" - "0970983781dc11d2dd8525ab5745958d615defda", - .p_key = "97a1025529b9925e25bbe78770ca2f99", - .p_iv = "d4b4eab92aa9637e87d366384ed6915c" -}; - -#if defined(CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS) -/* AES CBC - NIST CAVS 11.1 Monte Carlo 128 Encrypt */ -ITEM_REGISTER(test_vector_aes_cbc_monte_carlo_data, - test_vector_aes_t test_vector_aes_cbc_128_encrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Encrypt Monte Carlo"), - .p_plaintext = "1fd4ee65603e6130cfc2a82ab3d56c24", - .p_ciphertext = "7bed7671c8913aa1330f193761523e67", - .p_key = "8809e7dd3a959ee5d8dbb13f501f2274", - .p_iv = "e5c0bb535d7d54572ad06d170a0e58ae" -}; - -/* AES CBC - NIST CAVS 11.1 Monte Carlo 128 Decrypt */ -ITEM_REGISTER(test_vector_aes_cbc_monte_carlo_data, - test_vector_aes_t test_vector_aes_cbc_128_decrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 128 Decrypt Monte Carlo"), - .p_plaintext = "4769317b0562c45949c18b3855f8bf4a", - .p_ciphertext = "7c54923b0490a9d4de4ec1ce6790aa4d", - .p_key = "287b07c78f8e3e1be7c41b3d96c04e6e", - .p_iv = "41b461f9464fd515d25413b4241002b8" -}; -#endif /* CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS */ - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) -/* AES CBC - Functional test using test vector NIST CAVS 11.1 CBC KeySbox 192 - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_func_data, - test_vector_aes_t test_vector_aes_cbc_192_functional) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Functional"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "0956259c9cd5cfd0181cca53380cde06", - .p_key = "e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - Custom test vector - Encrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_c0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_c0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_c3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 192 Encrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de", - .p_ciphertext = "4bb7de2040dad371b882c161608b50ed", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_c3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 192 Decrypt message_len=1 pkcs7-padding"), - .p_plaintext = - "de0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f", /**< The 15 padded bytes (0x0f) will - be removed in the actual - generated plaintext. */ - .p_ciphertext = "4bb7de2040dad371b882c161608b50ed", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_c4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 192 Encrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede", - .p_ciphertext = - "20410bb5a89451158f6e82fb4ab423e5ae4b22c09442248b12d9d7bc09266ae2", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_c4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 192 Decrypt message_len=16 pkcs7-padding"), - .p_plaintext = - "dededededededededededededededede101010101010101010101010101" - "01010", /**< The 16 padded bytes (0x10) will be removed in - the actual generated plaintext. */ - .p_ciphertext = - "20410bb5a89451158f6e82fb4ab423e5ae4b22c09442248b12d9d7bc09266ae2", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_c5) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 192 Encrypt message_len=31 pkcs7-padding"), - .p_plaintext = - "dedededededededededededededededededededededededededededededede", - .p_ciphertext = - "20410bb5a89451158f6e82fb4ab423e5ca4aaff6411c38eb07d63a0c7117d93f", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_c5) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 192 Decrypt message_len=31 pkcs7-padding"), - .p_plaintext = - "dededededededededededededededededededededededededededededed" - "ede01", /**< The padded byte (0x01) will be removed in the - actual generated plaintext. */ - .p_ciphertext = - "20410bb5a89451158f6e82fb4ab423e5ca4aaff6411c38eb07d63a0c7117d93f", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - NIST CAVS 11.1 GFSBox Tests 192 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_gfsb0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt GFSBox 0"), - .p_plaintext = "1b077a6af4b7f98229de786d7516b639", - .p_ciphertext = "275cfc0413d8ccb70513c3859b1d0f72", - .p_key = "000000000000000000000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 GFSBox Tests 192 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_gfsb0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt GFSBox 0"), - .p_plaintext = "1b077a6af4b7f98229de786d7516b639", - .p_ciphertext = "275cfc0413d8ccb70513c3859b1d0f72", - .p_key = "000000000000000000000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 192 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_vk0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "de885dc87f5a92594082d02cc1e1b42c", - .p_key = "800000000000000000000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 192 Encrypt - Count 191 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_vk191) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt VarKey 191"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "dd8a493514231cbf56eccee4c40889fb", - .p_key = "ffffffffffffffffffffffffffffffffffffffffffffffff", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 192 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_vk0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "de885dc87f5a92594082d02cc1e1b42c", - .p_key = "800000000000000000000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 192 Decrypt - Count 191 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_vk191) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt VarKey 191"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "dd8a493514231cbf56eccee4c40889fb", - .p_key = "ffffffffffffffffffffffffffffffffffffffffffffffff", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_16) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=16"), - .p_plaintext = "c51fc276774dad94bcdc1d2891ec8668", - .p_ciphertext = "70dd95a14ee975e239df36ff4aee1d5d", - .p_key = "ba75f4d1d9d7cf7f551445d56cc1a8ab2a078e15e049dc2c", - .p_iv = "531ce78176401666aa30db94ec4a30eb" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_32) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=32"), - .p_plaintext = - "9d4e4cccd1682321856df069e3f1c6fa391a083a9fb02d59db74c14081b3acc4", - .p_ciphertext = - "51d44779f90d40a80048276c035cb49ca2a47bcb9b9cf7270b9144793787d53f", - .p_key = "eab3b19c581aa873e1981c83ab8d83bbf8025111fb2e6b21", - .p_iv = "f3d6667e8d4d791e60f7505ba383eb05" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_48) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=48"), - .p_plaintext = - "c5ce958613bf741718c17444484ebaf1050ddcacb59b9590178cbe69d7a" - "d7919608cb03af13bbe04f3506b718a301ea0", - .p_ciphertext = - "ed6a50e0c6921d52d6647f75d67b4fd56ace1fedb8b5a6a997b4d13164" - "0547d22c5d884a75e6752b5846b5b33a5181f4", - .p_key = "16c93bb398f1fc0cf6d68fc7a5673cdf431fa147852b4a2d", - .p_iv = "eaaeca2e07ddedf562f94df63f0a650f" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_64) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=64"), - .p_plaintext = - "db3785a889b4bd387754da222f0e4c2d2bfe0d79e05bc910fba941beea30f1239eacf0" - "068f4619ec01c368e986fca6b7c58e490579d29611bd10087986eff54f", - .p_ciphertext = - "d5f5589760bf9c762228fde236de1fa2dd2dad448db3fa9be0c4196efd46a35c84dd1a" - "c77d9db58c95918cb317a6430a08d2fb6a8e8b0f1c9b72c7a344dc349f", - .p_key = "067bb17b4df785697eaccf961f98e212cb75e6797ce935cb", - .p_iv = "8b59c9209c529ca8391c9fc0ce033c38" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_80) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=80"), - .p_plaintext = - "38fbda37e28fa86d9d83a4345e419dea95d28c7818ff25925db6ac3aeda" - "f0a86154e20a4dfcc5b1b4192895393e5eb5846c88bdbd41ecf7af3104f" - "410eaee470f5d9017ed460475f626953035a13db1f", - .p_ciphertext = - "edadae2f9a45ff3473e02d904c94d94a30a4d92da4deb6bcb4b0774472" - "694571842039f21c496ef93fd658842c735f8a81fcd0aa578442ab893b" - "18f606aed1bab11f81452dd45e9b56adf2eccf4ea095", - .p_key = "0fd39de83e0be77a79c8a4a612e3dd9c8aae2ce35e7a2bf8", - .p_iv = "7e1d629b84f93b079be51f9a5f5cb23c" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_96) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=96"), - .p_plaintext = - "931b2f5f3a5820d53a6beaaa6431083a3488f4eb03b0f5b57ef838e1579623103bd6e6" - "800377538b2e51ef708f3c4956432e8a8ee6a34e190642b26ad8bdae6c2af9a6c7996f" - "3b6004d2671e41f1c9f40ee03d1c4a52b0a0654a331f15f34dce", - .p_ciphertext = - "75395974bd32b3665654a6c8e396b88ae34b123575872a7ab687d8e76b46df911a8a59" - "0cd01d2f5c330be3a6626e9dd3aa5e10ed14e8ff829811b6fed50f3f533ca4385a1cbc" - "a78f5c4744e50f2f8359165c2485d1324e76c3eae76a0ccac629", - .p_key = "e3fecc75f0075a09b383dfd389a3d33cc9b854b3b254c0f4", - .p_iv = "36eab883afef936cc38f63284619cd19" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_112) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=112"), - .p_plaintext = - "6abcc270173cf114d44847e911a050db57ba7a2e2c161c6f37ccb6aaa46" - "77bddcaf50cad0b5f8758fcf7c0ebc650ceb5cd52cafb8f8dd3edcece55" - "d9f1f08b9fa8f54365cf56e28b9596a7e1dd1d3418e4444a7724add4cf7" - "9d527b183ec88de4be4eeff29c80a97e54f85351cb189ee", - .p_ciphertext = - "ca282924a61187feb40520979106e5cc861957f23828dcb7285e0eaac8" - "a0ca2a6b60503d63d6039f4693dba32fa1f73ae2e709ca94911f28a5ed" - "d1f30eaddd54680c43acc9c74cd90d8bb648b4e544275f47e514daa206" - "97f66c738eb30337f017fca1a26da4d1a0cc0a0e98e2463070", - .p_key = "f9c27565eb07947c8cb51b79248430f7b1066c3d2fdc3d13", - .p_iv = "2bd67cc89ab7948d644a49672843cbd9" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_128) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=128"), - .p_plaintext = - "c1a37683fb289467dd1b2c89efba16bbd2ee24cf18d19d44596ded2682c79a2f711c7a" - "32bf6a24badd32a4ee637c73b7a41da6258635650f91fb9ffa45bdfc3cb122136241b3" - "deced8996aa51ea8d3e81c9d70e006a44bc0571ed48623a0d622a93fa9da290baaedf5" - "d9e876c94620945ff8ecc83f27379ed55cf490c5790f27", - .p_ciphertext = - "8158e21420f25b59d6ae943fa1cbf21f02e979f419dab0126a721b7eef55bee9ad97f5" - "ccff7d239057bbc19a8c378142f7672f1d5e7e17d7bebcb0070e8355cace6660171a53" - "b61816ae824a6ef69ce470b6ffd3b5bb4b438874d91d27854d3b6f25860d3868958de3" - "307d62b1339bdddb8a318c0ce0f33c17caf0e9f6040820", - .p_key = "fb09cf9e00dbf883689d079c920077c0073c31890b55bab5", - .p_iv = "e3c89bd097c3abddf64f4881db6dbfe2" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_144) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=144"), - .p_plaintext = - "5becbc31d8bead6d36ae014a5863d14a431e6b55d29ea6baaa417271716" - "db3a33b2e506b452086dfe690834ac2de30bc41254ec5401ec47d064237" - "c7792fdcd7914d8af20eb114756642d519021a8c75a92f6bc53d326ae9a" - "5b7e1b10a9756574692934d9939fc399e0c203f7edf8e7e6482eadd31a0" - "400770e897b48c6bca2b404593045080e93377358c42a0f4dede", - .p_ciphertext = - "926db248cc1ba20f0c57631a7c8aef094f791937b905949e3460240e8b" - "fa6fa483115a1b310b6e4369caebc5262888377b1ddaa5800ea496a2bd" - "ff0f9a1031e7129c9a20e35621e7f0b8baca0d87030f2ae7ca8593c859" - "9677a06fd4b26009ead08fecac24caa9cf2cad3b470c8227415a7b1e0f" - "2eab3fad96d70a209c8bb26c627677e2531b9435ca6e3c444d195b5f", - .p_key = "bca6fa3c67fd294e958f66fe8bd64f45f428f5bc8e9733a7", - .p_iv = "92a47f2833f1450d1da41717bdc6e83c" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_160) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt message_len=160"), - .p_plaintext = - "be8abf00901363987a82cc77d0ec91697ba3857f9e4f84bd79406c138d02698f003276" - "d0449120bef4578d78fecabe8e070e11710b3f0a2744bd52434ec70015884c181ebdfd" - "51c604a71c52e4c0e110bc408cd462b248a80b8a8ac06bb952ac1d7faed144807f1a73" - "1b7febcaf7835762defe92eccfc7a9944e1c702cffe6bc86733ed321423121085ac02d" - "f8962bcbc1937092eebf0e90a8b20e3dd8c244ae", - .p_ciphertext = - "c82cf2c476dea8cb6a6e607a40d2f0391be82ea9ec84a537a6820f9afb997b76397d00" - "5424faa6a74dc4e8c7aa4a8900690f894b6d1dca80675393d2243adac762f159301e35" - "7e98b724762310cd5a7bafe1c2a030dba46fd93a9fdb89cc132ca9c17dc72031ec6822" - "ee5a9d99dbca66c784c01b0885cbb62e29d97801927ec415a5d215158d325f9ee68943" - "7ad1b7684ad33c0d92739451ac87f39ff8c31b84", - .p_key = "162ad50ee64a0702aa551f571dedc16b2c1b6a1e4d4b5eee", - .p_iv = "24408038161a2ccae07b029bb66355c1" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_16) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=16"), - .p_plaintext = "aa41179d880e6fe3b14818d6e4a62eb5", - .p_ciphertext = "39a9b42de19e512ab7f3043564c3515a", - .p_key = "8e2740fba157aef2422e442312d15c14d312553684fcdc15", - .p_iv = "324015878cdc82bfae59a2dc1ff34ea6" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_32) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=32"), - .p_plaintext = - "854e97e19b5c4fbd7a2ac7f8ddccdc8eac1a166832b58f05ae5088d7caba8fee", - .p_ciphertext = - "2cd57dce7465d5ecde153e87ce45e62286c6b023a446dae3ec0fdc0648f29308", - .p_key = "0ac0d2add273d1a260c432c662b4be4d8d366edc3f402e40", - .p_iv = "0cc3744fa9cef13fe04a5ab6ac9b8de4" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_48) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=48"), - .p_plaintext = - "4a7a4dca5c555d3f0358be7db4af14f1322a8861a3cb977f029fdcbd8ee" - "4a8d451f32d7865e6a2376edf67e4d1092e15", - .p_ciphertext = - "a9968021d6df78ff2c4c236bdd9a55bc727b0dc506f44958b2041f0948" - "860a3444588242ffbdcf2726001e2f6b5bd5fb", - .p_key = "3915d786c786731cfe35abe39fac714f5fa32c7ef3c6681b", - .p_iv = "a2d326a8226576e32e48f62b3da96c40" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_64) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=64"), - .p_plaintext = - "7b88fb0195a57ac61ccb3198a05517717523444da92d2e8c37840a7f7614c9effa6dd6" - "f1d1a730ec350cd64b99738cfb3b962c791b2674929f936e894cbcb994", - .p_ciphertext = - "f67581763d23326f699e05696043b4c553928c2a9f857377f12029fcae4acee992dba5" - "0697f617a51899fbd6367214d97bf5dbd9bdab7fd745cd2be431118793", - .p_key = "92317d4d38168a359118a0df0b7b45cbfdcc2011e7175d3c", - .p_iv = "75be95a6a54400b2e1b485e24ead18ed" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_80) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=80"), - .p_plaintext = - "07d471fa87fb5f267346aa4956c8bdb6c95493b1c19be8ca09deffd690d" - "57463229352faf2878bc66a20f199d9f6b2378e6073c2cef002c628ce94" - "d1adb5539bd15c4a51156f98f52bbe90a1905d35de", - .p_ciphertext = - "a12b32199ae6484418ac7097fda9bb33f2ae421dfd795c9b553615e175" - "46dcec6f3e7caf83334e6df035ac660a19a8b58d7cfe79310448337ee9" - "716fe2b46ca7014726644c1eb9a6d5d4e28661e9b51a", - .p_key = "cd00048ce8ead5b5dff2346a86eac594b2a4194ca99fc89f", - .p_iv = "154cb1d42ad9e8d85ebb0b5189b6e1bc" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_96) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=96"), - .p_plaintext = - "8ab7b8b3c3c7d79b6d5cc605d3094a33756a8755140782967fb86297cf599eaea03e38" - "4018631b18425363e9ada971412d3eab03c63748749001e5b1a4a2e80ed7b915e6b9fa" - "38e490301d6b45e27c0c72fd8cf6895de950d8d02774a8c33a6a", - .p_ciphertext = - "69e771f860e0291e4477dce2a48f2c6ae2922b9337667b86f79cb38c16ea0523ecdb1e" - "5135c54e385cfce9ebf945ed80988de466bcdb0cf92384b6544c9eec6637b656496cc6" - "5fce3e61935d51314bfc5aa38dad26e12efdde0139da897b95a5", - .p_key = "c4b39f1d90658aa1769a777956026573567bd0f3d6333b3b", - .p_iv = "f6085f2331e851db9c2654dacb5baf19" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_112) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=112"), - .p_plaintext = - "839238a996e51b542ab7aa55eae3150097291ca19e756325c326803926e" - "a45ad6ef6b7790ce89d084bbb2ad2d95bc889f5d19ffd3092aff609d5e6" - "3b7324ea207ce22f8598f189563cc6e611f5ef25be06b6a78fc6a682706" - "83542de69b0a44aee456d1138d0fd9ad4df68083633defc", - .p_ciphertext = - "65cfb38f922f1716225472eb36a127327007f8f5c08479ca7beac4b0ae" - "e26f3bb130bbf1ff390ef344c2a4e0b8fa81f6acbbaa7a620d945a22ec" - "dd128a4b3acc2658b1cb41020809fab87d1f9a74b76624f9fd5c2e59a6" - "49f0b9d0229b5855adeccefbe60092eba26abf65728318b1ca", - .p_key = "62cff862e7bef3569a380ea7ff40918e3afb5c7ad265cd5f", - .p_iv = "04d1cab2b002d9dd6c5b66add5d6148b" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_128) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=128"), - .p_plaintext = - "d50a55ea83ccd556e1d663424d3e19c1ad9b8d16ff01f5422accadf3dae07d597f1375" - "aaa319994ef71e1753485660e418dc1d6767a37ae93d8e700fc639e5d7283a9ecc2945" - "b4429e8203f33178f25ed67d231667af7b8f2994e3d904437fed121612a04eb3e4c230" - "789d46e4409e24c7bd1f86ae502eee5a11af1cad5c98b5", - .p_ciphertext = - "f5f05cedea55a4f47ce943463bd15ccc7ae4f6bda2b3f5c3ccc6495a8e2965791428f2" - "757356c5223bd40f3b4bcfd404ea4b9f2d131f73fa0f4104a14a4427f45f1f883f7530" - "9b74ce81d5859d491b1218b67b44cfe91af93c436d219bdfac67fc5f841596ec0d315e" - "78fbecd846183e2dadf2ca7f19d0077952eba12a01db1d", - .p_key = "2c25af9d60e1af42c7f0fc2fbf011637e6119bd0e8e9bab9", - .p_iv = "c264b21a1eca4b2c8bd8606d87e38471" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_144) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=144"), - .p_plaintext = - "c970a819cfb715f777e8b63167999ebe17c71ff505c3ff24cc6995430fa" - "d4013e1fc69ba5123072a7123e376d1f7de8cc610ada3fdd905a1476bc2" - "3724861e85dcf950db2b4982b60271752b49e438a20ef4e8e09cac0dc49" - "ed15b84e32627e243814fee0430744ac675c7e5673d3f57a52360ec6ff8" - "d18ed4b5bd8f1456c1f688825cb999789cad5e1b37a4b92ace3b", - .p_ciphertext = - "8a21ea1381284bcdf818c2d4dfa976c13e5a3c253164ba1d30eccc2794" - "7c263457b43bff1c3d5e9c6fff27544d9419b0e7fc81d4a392a10e643e" - "0eaf0bed571a3e3ee71a687e2d7900d7face0fc42a96ecc886864a60e9" - "207536a285d9971a8ac427b70d6dd4ff8a340801e92b23f09ad62812e4" - "2fb6d87aed3b4f500664b7ac73d8708033251ef792fa054eab98b5e5", - .p_key = "c6680fe9a1968f899479eca1092beaac18ad945a42ce8f93", - .p_iv = "54130eea9e96a1199d3c090f690a479f" -}; - -/* This test vector file is very long. Chop off a few if this is set. */ -#if defined(CONFIG_CRYPTO_TEST_LARGE_VECTORS) - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_160) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt message_len=160"), - .p_plaintext = - "67d2dda6da26e21307973400600725727ae81415511772f4a09ad9903bcf90cc2c0dac" - "58ba559a0109c54a9d6117b15bb574ca473e848047e9a54ee4abde76aff9849c44109d" - "161f46442e1610d8b015cf36a010ed8efa3207fdfc8fcc548f145c027e44c5b0ec35c9" - "886f4b9d6513a5bc10d0ea6bbbc26f54b183bcae27fb799d8872ff748fc459d55cfa25" - "5aae29d71b076d9b44c14d5ceba9332a763d9c94", - .p_ciphertext = - "6928299c52b4f047926f8a541529da2d6bbaa399143ced8efb77ab47409d9a953a386c" - "7abd6026f49831c717627c2a5e77bd2d433d4d130dacd927ea0d13a23d01a7cf39c671" - "6dafb6ed552410ef5d27fb947be2c8782eee7829196c7edcf151c65f9a01f54f8d20f3" - "8b7da4a7e83a2f0127d59d3e2405d8674fc9f41b604f788f4715f9d3624eee57f387bf" - "add18a1f905e839c26b8617482347fab6d08845a", - .p_key = "509baf46fb9de34281dafcc3db79593bffa8426904302688", - .p_iv = "d6d86e0c82dd8788f4147a26f9a71c74" -}; - -#if defined(CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS) -/* AES CBC - NIST CAVS 11.1 Monte Carlo 192 Encrypt */ -ITEM_REGISTER(test_vector_aes_cbc_monte_carlo_data, - test_vector_aes_t test_vector_aes_cbc_192_encrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Encrypt Monte Carlo"), - .p_plaintext = "cd0b8c8a8179ecb171b64c894a4d60fd", - .p_ciphertext = "e6457bfc3433e80299c52b2be418f582", - .p_key = "dea64f83cfe6a0a183ddbe865cfca059b3c615c1623d63fc", - .p_iv = "426fbc087b50b395c0fc81ef9fd6d1aa" -}; - -/* AES CBC - NIST CAVS 11.1 Monte Carlo 192 Decrypt */ -ITEM_REGISTER(test_vector_aes_cbc_monte_carlo_data, - test_vector_aes_t test_vector_aes_cbc_192_decrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 192 Decrypt Monte Carlo"), - .p_plaintext = "836424eadf8155aaf9a9a51391a1cf7e", - .p_ciphertext = "eb2c4e2712591ff13b8ac7870c9c404c", - .p_key = "a24ebd4d7a080c28caae984b5098a9ea38cf7280e2c5f122", - .p_iv = "c5aeb9b51ad5108371c59d0b90816310" -}; -#endif /* CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS */ - -/* AES CBC - Functional test using test vector NIST CAVS 11.1 CBC KeySbox 256 - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_func_data, - test_vector_aes_t test_vector_aes_cbc_256_functional) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Functional"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "46f2fb342d6f0ab477476fc501242c5f", - .p_key = - "c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - Custom test vector - Encrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_c0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_c0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_c3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 256 Encrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de", - .p_ciphertext = "5f4ae74bf458250d7ccab86c0fd78d5f", - .p_key = - "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_c3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 256 Decrypt message_len=1 pkcs7-padding"), - .p_plaintext = - "de0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f", /**< The 15 padded bytes (0x0f) will - be removed in the actual - generated plaintext. */ - .p_ciphertext = "5f4ae74bf458250d7ccab86c0fd78d5f", - .p_key = - "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_c4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 256 Encrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede", - .p_ciphertext = - "e672ab8a22ae0d97eada096311f0ce7a88059d5133fad50d906286782f77c874", - .p_key = - "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_c4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 256 Decrypt message_len=16 pkcs7-padding"), - .p_plaintext = - "dededededededededededededededede101010101010101010101010101" - "01010", /**< The 16 padded bytes (0x10) will be removed in - the actual generated plaintext. */ - .p_ciphertext = - "e672ab8a22ae0d97eada096311f0ce7a88059d5133fad50d906286782f77c874", - .p_key = - "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_c5) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = - TV_NAME("CBC 256 Encrypt message_len=31 pkcs7-padding"), - .p_plaintext = - "dedededededededededededededededededededededededededededededede", - .p_ciphertext = - "e672ab8a22ae0d97eada096311f0ce7a2440990504b280f31c303b966bc28f03", - .p_key = - "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_c5) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = - TV_NAME("CBC 256 Decrypt message_len=31 pkcs7-padding"), - .p_plaintext = - "dededededededededededededededededededededededededededededed" - "ede01", /**< The padded byte (0x01) will be removed in the - actual generated plaintext. */ - .p_ciphertext = - "e672ab8a22ae0d97eada096311f0ce7a2440990504b280f31c303b966bc28f03", - .p_key = - "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d", - .p_iv = "97ead25a84abd4a55268d1d347faee05" -}; - -/* AES CBC - NIST CAVS 11.1 GFSBox Tests 256 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_gfsb0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt GFSBox 0"), - .p_plaintext = "014730f80ac625fe84f026c60bfd547d", - .p_ciphertext = "5c9d844ed46f9885085e5d6a4f94c7d7", - .p_key = - "0000000000000000000000000000000000000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 GFSBox Tests 256 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_gfsb0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt GFSBox 0"), - .p_plaintext = "014730f80ac625fe84f026c60bfd547d", - .p_ciphertext = "5c9d844ed46f9885085e5d6a4f94c7d7", - .p_key = - "0000000000000000000000000000000000000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 256 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_vk0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "e35a6dcb19b201a01ebcfa8aa22b5759", - .p_key = - "8000000000000000000000000000000000000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 256 Encrypt - Count 255 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_vk255) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt VarKey 255"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "4bf85f1b5d54adbc307b0a048389adcb", - .p_key = - "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 256 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_vk0) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "e35a6dcb19b201a01ebcfa8aa22b5759", - .p_key = - "8000000000000000000000000000000000000000000000000000000000000000", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 VarKey Tests 256 Decrypt - Count 255 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_vk255) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt VarKey 255"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "4bf85f1b5d54adbc307b0a048389adcb", - .p_key = - "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_16) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=16"), - .p_plaintext = "6282b8c05c5c1530b97d4816ca434762", - .p_ciphertext = "6acc04142e100a65f51b97adf5172c41", - .p_key = - "6ed76d2d97c69fd1339589523931f2a6cff554b15f738f21ec72dd97a7330907", - .p_iv = "851e8764776e6796aab722dbb644ace8" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_32) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=32"), - .p_plaintext = - "50e9eee1ac528009e8cbcd356975881f957254b13f91d7c6662d10312052eb00", - .p_ciphertext = - "2fa0df722a9fd3b64cb18fb2b3db55ff2267422757289413f8f657507412a64c", - .p_key = - "dce26c6b4cfb286510da4eecd2cffe6cdf430f33db9b5f77b460679bd49d13ae", - .p_iv = "fdeaa134c8d7379d457175fd1a57d3fc" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_48) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=48"), - .p_plaintext = - "8d3aa196ec3d7c9b5bb122e7fe77fb1295a6da75abe5d3a510194d3a8a4" - "157d5c89d40619716619859da3ec9b247ced9", - .p_ciphertext = - "608e82c7ab04007adb22e389a44797fed7de090c8c03ca8a2c5acd9e84" - "df37fbc58ce8edb293e98f02b640d6d1d72464", - .p_key = - "fe8901fecd3ccd2ec5fdc7c7a0b50519c245b42d611a5ef9e90268d59f3edf33", - .p_iv = "bd416cb3b9892228d8f1df575692e4d0" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_64) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=64"), - .p_plaintext = - "8b37f9148df4bb25956be6310c73c8dc58ea9714ff49b643107b34c9bff096a94fedd6" - "823526abc27a8e0b16616eee254ab4567dd68e8ccd4c38ac563b13639c", - .p_ciphertext = - "05d5c77729421b08b737e41119fa4438d1f570cc772a4d6c3df7ffeda0384ef84288ce" - "37fc4c4c7d1125a499b051364c389fd639bdda647daa3bdadab2eb5594", - .p_key = - "0493ff637108af6a5b8e90ac1fdf035a3d4bafd1afb573be7ade9e8682e663e5", - .p_iv = "c0cd2bebccbb6c49920bd5482ac756e8" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_80) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=80"), - .p_plaintext = - "c7917f84f747cd8c4b4fedc2219bdbc5f4d07588389d8248854cf2c2f89" - "667a2d7bcf53e73d32684535f42318e24cd45793950b3825e5d5c5c8fcd" - "3e5dda4ce9246d18337ef3052d8b21c5561c8b660e", - .p_ciphertext = - "9c99e68236bb2e929db1089c7750f1b356d39ab9d0c40c3e2f05108ae9" - "d0c30b04832ccdbdc08ebfa426b7f5efde986ed05784ce368193bb3699" - "bc691065ac62e258b9aa4cc557e2b45b49ce05511e65", - .p_key = - "9adc8fbd506e032af7fa20cf5343719de6d1288c158c63d6878aaf64ce26ca85", - .p_iv = "11958dc6ab81e1c7f01631e9944e620f" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_96) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=96"), - .p_plaintext = - "3adea6e06e42c4f041021491f2775ef6378cb08824165edc4f6448e232175b60d0345b" - "9f9c78df6596ec9d22b7b9e76e8f3c76b32d5d67273f1d83fe7a6fc3dd3c49139170fa" - "5701b3beac61b490f0a9e13f844640c4500f9ad3087adfb0ae10", - .p_ciphertext = - "ac3d6dbafe2e0f740632fd9e820bf6044cd5b1551cbb9cc03c0b25c39ccb7f33b83aac" - "fca40a3265f2bbff879153448acacb88fcfb3bb7b10fe463a68c0109f028382e3e557b" - "1adf02ed648ab6bb895df0205d26ebbfa9a5fd8cebd8e4bee3dc", - .p_key = - "73b8faf00b3302ac99855cf6f9e9e48518690a5906a4869d4dcf48d282faae2a", - .p_iv = "b3cb97a80a539912b8c21f450d3b9395" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_112) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=112"), - .p_plaintext = - "cf52e5c3954c51b94c9e38acb8c9a7c76aebdaa9943eae0a1ce155a2efd" - "b4d46985d935511471452d9ee64d2461cb2991d59fc0060697f9a671672" - "163230f367fed1422316e52d29eceacb8768f56d9b80f6d278093c9a8ac" - "d3cfd7edd8ebd5c293859f64d2f8486ae1bd593c65bc014", - .p_ciphertext = - "34df561bd2cfebbcb7af3b4b8d21ca5258312e7e2e4e538e35ad2490b6" - "112f0d7f148f6aa8d522a7f3c61d785bd667db0e1dc4606c318ea4f26a" - "f4fe7d11d4dcff0456511b4aed1a0d91ba4a1fd6cd9029187bc5881a5a" - "07fe02049d39368e83139b12825bae2c7be81e6f12c61bb5c5", - .p_key = - "9ddf3745896504ff360a51a3eb49c01b79fccebc71c3abcb94a949408b05b2c9", - .p_iv = "e79026639d4aa230b5ccffb0b29d79bc" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_128) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=128"), - .p_plaintext = - "256fd73ce35ae3ea9c25dd2a9454493e96d8633fe633b56176dce8785ce5dbbb84dbf2" - "c8a2eeb1e96b51899605e4f13bbc11b93bf6f39b3469be14858b5b720d4a522d36feed" - "7a329c9b1e852c9280c47db8039c17c4921571a07d1864128330e09c308ddea1694e95" - "c84500f1a61e614197e86a30ecc28df64ccb3ccf5437aa", - .p_ciphertext = - "90b7b9630a2378f53f501ab7beff039155008071bc8438e789932cfd3eb1299195465e" - "6633849463fdb44375278e2fdb1310821e6492cf80ff15cb772509fb426f3aeee27bd4" - "938882fd2ae6b5bd9d91fa4a43b17bb439ebbe59c042310163a82a5fe5388796eee35a" - "181a1271f00be29b852d8fa759bad01ff4678f010594cd", - .p_key = - "458b67bf212d20f3a57fce392065582dcefbf381aa22949f8338ab9052260e1d", - .p_iv = "4c12effc5963d40459602675153e9649" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_144) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=144"), - .p_plaintext = - "026006c4a71a180c9929824d9d095b8faaa86fc4fa25ecac61d85ff6de9" - "2dfa8702688c02a282c1b8af4449707f22d75e91991015db22374c95f8f" - "195d5bb0afeb03040ff8965e0e1339dba5653e174f8aa5a1b39fe3ac839" - "ce307a4e44b4f8f1b0063f738ec18acdbff2ebfe07383e734558723e741" - "f0a1836dafdf9de82210a9248bc113b3c1bc8b4e252ca01bd803", - .p_ciphertext = - "0254b23463bcabec5a395eb74c8fb0eb137a07bc6f5e9f61ec0b057de3" - "05714f8fa294221c91a159c315939b81e300ee902192ec5f15254428d8" - "772f79324ec43298ca21c00b370273ee5e5ed90e43efa1e05a5d171209" - "fe34f9f29237dba2a6726650fd3b1321747d1208863c6c3c6b3e2d879a" - "b5f25782f08ba8f2abbe63e0bedb4a227e81afb36bb6645508356d34", - .p_key = - "d2412db0845d84e5732b8bbd642957473b81fb99ca8bff70e7920d16c1dbec89", - .p_iv = "51c619fcf0b23f0c7925f400a6cacb6d" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_160) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt message_len=160"), - .p_plaintext = - "0c63d413d3864570e70bb6618bf8a4b9585586688c32bba0a5ecc1362fada74ada32c5" - "2acfd1aa7444ba567b4e7daaecf7cc1cb29182af164ae5232b002868695635599807a9" - "a7f07a1f137e97b1e1c9dabc89b6a5e4afa9db5855edaa575056a8f4f8242216242bb0" - "c256310d9d329826ac353d715fa39f80cec144d6424558f9f70b98c920096e0f2c855d" - "594885a00625880e9dfb734163cecef72cf030b8", - .p_ciphertext = - "fc5873e50de8faf4c6b84ba707b0854e9db9ab2e9f7d707fbba338c6843a18fc6faceb" - "af663d26296fb329b4d26f18494c79e09e779647f9bafa87489630d79f4301610c2300" - "c19dbf3148b7cac8c4f4944102754f332e92b6f7c5e75bc6179eb877a078d471900902" - "1744c14f13fd2a55a2b9c44d18000685a845a4f632c7c56a77306efa66a24d05d088dc" - "d7c13fe24fc447275965db9e4d37fbc9304448cd", - .p_key = - "48be597e632c16772324c8d3fa1d9c5a9ecd010f14ec5d110d3bfec376c5532b", - .p_iv = "d6d581b8cf04ebd3b6eaa1b53f047ee1" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_16) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=16"), - .p_plaintext = "07270d0e63aa36daed8c6ade13ac1af1", - .p_ciphertext = "d51d19ded5ca4ae14b2b20b027ffb020", - .p_key = - "43e953b2aea08a3ad52d182f58c72b9c60fbe4a9ca46a3cb89e3863845e22c9e", - .p_iv = "ddbbb0173f1e2deb2394a62aa2a0240e" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_32) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=32"), - .p_plaintext = - "98a8a9d84356bf403a9ccc384a06fe043dfeecb89e59ce0cb8bd0a495ef76cf0", - .p_ciphertext = - "6cb4e2f4ddf79a8e08c96c7f4040e8a83266c07fc88dd0074ee25b00d445985a", - .p_key = - "addf88c1ab997eb58c0455288c3a4fa320ada8c18a69cc90aa99c73b174dfde6", - .p_iv = "60cc50e0887532e0d4f3d2f20c3c5d58" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_48) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=48"), - .p_plaintext = - "0faa5d01b9afad3bb519575daaf4c60a5ed4ca2ba20c625bc4f08799add" - "cf89d19796d1eff0bd790c622dc22c1094ec7", - .p_ciphertext = - "e4046d05385ab789c6a72866e08350f93f583e2a005ca0faecc32b5cfc" - "323d461c76c107307654db5566a5bd693e227c", - .p_key = - "54682728db5035eb04b79645c64a95606abb6ba392b6633d79173c027c5acf77", - .p_iv = "2eb94297772851963dd39a1eb95d438f" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_64) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=64"), - .p_plaintext = - "82fec664466d585023821c2e39a0c43345669a41244d05018a23d7159515f8ff4d88b0" - "1cd0eb83070d0077e065d74d7373816b61505718f8d4f270286a59d45e", - .p_ciphertext = - "6c24f19b9c0b18d7126bf68090cb8ae72db3ca7eabb594f506aae7a2493e5326a5afae" - "4ec4d109375b56e2b6ff4c9cf639e72c63dc8114c796df95b3c6b62021", - .p_key = - "7482c47004aef406115ca5fd499788d582efc0b29dc9e951b1f959406693a54f", - .p_iv = "485ebf2215d20b816ea53944829717ce" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_80) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=80"), - .p_plaintext = - "8d22db30c4253c3e3add9685c14d55b05f7cf7626c52cccfcbe9b99fd89" - "13663b8b1f22e277a4cc3d0e7e978a34782eb876867556ad4728486d5e8" - "90ea738243e3700a696d6eb58cd81c0e60eb121c50", - .p_ciphertext = - "d50ea48c8962962f7c3d301fa9f877245026c204a7771292cddca1e7ff" - "ebbef00e86d72910b7d8a756dfb45c9f1040978bb748ca537edd90b670" - "ecee375e15d98582b9f93b6355adc9f80f4fb2108fb9", - .p_key = - "3ae38d4ebf7e7f6dc0a1e31e5efa7ca123fdc321e533e79fedd5132c5999ef5b", - .p_iv = "36d55dc9edf8669beecd9a2a029092b9" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_96) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=96"), - .p_plaintext = - "0b6e2a8213169b3b78db6de324e286f0366044e035c6970afbf0a1a5c32a05b24ba706" - "cd9c6609737651a81b2bcf4c681dc0861983a5aec76e6c8b244112d64d489e84328974" - "737394b83a39459011727162652b7aa793bfb1b71488b7dec96b", - .p_ciphertext = - "31e4677a17aed120bd3af69fbb0e4b645b9e8c104e280b799ddd49f1e241c3ccb7d40e" - "1c6ff226bf04f8049c51a86e2981cf1331c824d7d451746ccf77fc22fd3717001ee519" - "13d81f7a06fb0037f309957579f695670f2c4c7397d2d990374e", - .p_key = - "d30bfc0b2a19d5b8b6f8f46ab7f444ee136a7fa3fbdaf530cc3e8976339afcc4", - .p_iv = "80be76a7f885d2c06b37d6a528fae0cd" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_112) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=112"), - .p_plaintext = - "f7e0f79cfddd15ed3600ab2d29c56ba3c8e96d1a896aff6dec773e6ea47" - "10a77f2f4ec646b76efda6428c175d007c84aa9f4b18c5e1bac5f27f730" - "7b737655eee813f7e1f5880a37ac63ad1666e7883083b648454d45786f5" - "3ea3db1b5129291138abe40c79fcb7ab7c6f6b9ea133b5f", - .p_ciphertext = - "d99771963b7ae5202e382ff8c06e035367909cd24fe5ada7f3d39bfaeb" - "5de98b04eaf4989648e00112f0d2aadb8c5f2157b64581450359965140" - "c141e5fb631e43469d65d1b7370eb3b396399fec32cced294a5eee46d6" - "547f7bbd49dee148b4bc31d6c493cfd28f3908e36cb698629d", - .p_key = - "64a256a663527ebea71f8d770990b4cee4a2d3afbfd33fb12c7ac300ef59e49a", - .p_iv = "18cce9147f295c5c00dbe0424089d3b4" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_128) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=128"), - .p_plaintext = - "cfc155a3967de347f58fa2e8bbeb4183d6d32f7427155e6ab39cddf2e627c572acae02" - "f1f243f3b784e73e21e7e520eacd3befafbee814867334c6ee8c2f0ee7376d3c72728c" - "de7813173dbdfe3357deac41d3ae2a04229c0262f2d109d01f5d03e7f848fb50c28849" - "146c02a2f4ebf7d7ffe3c9d40e31970bf151873672ef2b", - .p_ciphertext = - "b32e2b171b63827034ebb0d1909f7ef1d51c5f82c1bb9bc26bc4ac4dccdee8357dca61" - "54c2510ae1c87b1b422b02b621bb06cac280023894fcff3406af08ee9be1dd72419bec" - "cddff77c722d992cdcc87e9c7486f56ab406ea608d8c6aeb060c64cf2785ad1a159147" - "567e39e303370da445247526d95942bf4d7e88057178b0", - .p_key = - "31358e8af34d6ac31c958bbd5c8fb33c334714bffb41700d28b07f11cfe891e7", - .p_iv = "144516246a752c329056d884daf3c89d" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_144) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=144"), - .p_plaintext = - "a0bb1d2fdeb7e6bf34c690fe7b72a5e9d65796aa57982fe340c286d6923" - "dbddb426566ff58e9c0b3af52e4db446f6cc5daa5bfcf4e3c85db5a5638" - "e670c370cce128db22c97542a64a63846f18a228d3462a11376dcb71f66" - "ec52ebda474f7b6752915b0801797974bc51eb1218127fed60f1009430e" - "b5089fb3ba5f28fad24c518ccddc2501393ceb6dffc46a159421", - .p_ciphertext = - "ba21db8ec170fa4d73cfc381687f3fa188dd2d012bef48007f3dc88329" - "e22ba32fe235a315be362546468b9db6af6705c6e5d4d36822f42883c0" - "8d4a994cc454a7db292c4ca1f4b62ebf8e479a5d545d6af9978d2cfee7" - "bc80999192c2c8662ce9b4be11af40bd68f3e2d5685bb28c0f3dc08017" - "c0aba8263e6fdc45ed7f9893bf14fd3a86c418a35c5667e642d59985", - .p_key = - "5b4b69339891db4e3337c3486f439dfbd0fb2a782ca71ef0059819d51669d93c", - .p_iv = "2b28a2d19ba9ecd149dae96622c21769" -}; - -/* AES CBC - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_cbc_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_160) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt message_len=160"), - .p_plaintext = - "bfe5c6354b7a3ff3e192e05775b9b75807de12e38a626b8bf0e12d5fff78e4f1775aa7" - "d792d885162e66d88930f9c3b2cdf8654f56972504803190386270f0aa43645db187af" - "41fcea639b1f8026ccdd0c23e0de37094a8b941ecb7602998a4b2604e69fc04219585d" - "854600e0ad6f99a53b2504043c08b1c3e214d17cde053cbdf91daa999ed5b47c37983b" - "a3ee254bc5c793837daaa8c85cfc12f7f54f699f", - .p_ciphertext = - "5b97a9d423f4b97413f388d9a341e727bb339f8e18a3fac2f2fb85abdc8f135deb3005" - "4a1afdc9b6ed7da16c55eba6b0d4d10c74e1d9a7cf8edfaeaa684ac0bd9f9d24ba6749" - "55c79dc6be32aee1c260b558ff07e3a4d49d24162011ff254db8be078e8ad07e648e6b" - "f5679376cb4321a5ef01afe6ad8816fcc7634669c8c4389295c9241e45fff39f3225f7" - "745032daeebe99d4b19bcb215d1bfdb36eda2c24", - .p_key = - "87725bd43a45608814180773f0e7ab95a3c859d83a2130e884190e44d14c6996", - .p_iv = "e49651988ebbb72eb8bb80bb9abbca34" -}; - -#if defined(CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS) -/* AES CBC - NIST CAVS 11.1 Monte Carlo 256 Encrypt */ -ITEM_REGISTER(test_vector_aes_cbc_monte_carlo_data, - test_vector_aes_t test_vector_aes_cbc_256_encrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Encrypt Monte Carlo"), - .p_plaintext = "90ed17475f0a62bc381ba1f3ffbfff33", - .p_ciphertext = "bade1667b42f537f0cb3f5573a949aaa", - .p_key = - "632bac4fe4db44cfcf18cfa90b43f86f378611b8d968595eb89e7ae98624564a", - .p_iv = "ff8127621be616803e3f002377730185" -}; - -/* AES CBC - NIST CAVS 11.1 Monte Carlo 256 Decrypt */ -ITEM_REGISTER(test_vector_aes_cbc_monte_carlo_data, - test_vector_aes_t test_vector_aes_cbc_256_decrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CBC 256 Decrypt Monte Carlo"), - .p_plaintext = "9be831799a79b0955241f308f0d5b2e1", - .p_ciphertext = "27a1d5c10fe45b801d15f56e654a70f0", - .p_key = - "31397ad8cc79c519e0f46e0f70303587e38958d70723b771552336b7771f6311", - .p_iv = "4139cb54eeac3fcf36ed72941122c40f" -}; -#endif /* CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS */ -#endif /* CRYPTO_TEST_LARGE_VECTORS */ -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ diff --git a/tests/crypto/test_cases/test_vectors_aes_cbc_mac.c b/tests/crypto/test_cases/test_vectors_aes_cbc_mac.c deleted file mode 100644 index 79ceca3cf592..000000000000 --- a/tests/crypto/test_cases/test_vectors_aes_cbc_mac.c +++ /dev/null @@ -1,212 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief AES CBC-MAC is tested using only custom generated test vectors. - * - */ -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_128_1) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 128 message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "2b7e151628aed2a6abf7158809cf4f3c", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_128_2) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 128 message_len=16"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172a", - .p_ciphertext = "3ad77bb40d7a3660a89ecaf32466ef97", - .p_key = "2b7e151628aed2a6abf7158809cf4f3c", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_128_3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 128 message_len=32"), - .p_plaintext = - "d602b63eebba5b8fe1db84d8ca71abf5023e147508ce206c9732a28cc94eaabc", - .p_ciphertext = "5a88111a1e75ccc0ebad8b7b74e1c6d1", - .p_key = "2b7e151628aed2a6abf7158809cf4f3c", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_128_4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 128 message_len=64"), - .p_plaintext = - "93cccff91971303929c53d0de3dd7a96851e54fe1b484d240cae8ff2b99051766f4d6f" - "7b500d26e2e43295bd4c6313bca988875944215d8de20298e3bb795d9d", - .p_ciphertext = "289df89c9703958b37b1b9b1f7842984", - .p_key = "2b7e151628aed2a6abf7158809cf4f3c", - .p_iv = "00000000000000000000000000000000" -}; - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_192_1) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 192 message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "291dc8f04aabad1d63b9820389329e2b4db30bc94264f677", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_192_2) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 192 message_len=16"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172a", - .p_ciphertext = "9cd89b028e16378d71ac45fdc45b7b08", - .p_key = "291dc8f04aabad1d63b9820389329e2b4db30bc94264f677", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_192_3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 192 message_len=32"), - .p_plaintext = - "d602b63eebba5b8fe1db84d8ca71abf5023e147508ce206c9732a28cc94eaabc", - .p_ciphertext = "098f08d19aef1c6bf63f38c5aa2b9b31", - .p_key = "291dc8f04aabad1d63b9820389329e2b4db30bc94264f677", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_192_4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 192 message_len=64"), - .p_plaintext = - "93cccff91971303929c53d0de3dd7a96851e54fe1b484d240cae8ff2b99051766f4d6f" - "7b500d26e2e43295bd4c6313bca988875944215d8de20298e3bb795d9d", - .p_ciphertext = "5e0eb2751c73e2b7de96c302caed1459", - .p_key = "291dc8f04aabad1d63b9820389329e2b4db30bc94264f677", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_256_1) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 256 message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = - "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_256_2) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 256 message_len=16"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172a", - .p_ciphertext = "f3eed1bdb5d2a03c064b5a7e3db181f8", - .p_key = - "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_256_3) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 256 message_len=32"), - .p_plaintext = - "d602b63eebba5b8fe1db84d8ca71abf5023e147508ce206c9732a28cc94eaabc", - .p_ciphertext = "b0d33b64ae39d12fdd26cb39657b9047", - .p_key = - "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", - .p_iv = "00000000000000000000000000000000" -}; - -/* AES CBC MAC - Custom test vector */ -ITEM_REGISTER(test_vector_aes_cbc_mac_data, - test_vector_aes_t test_vector_aes_cbc_mac_256_4) = { - .mode = MBEDTLS_MODE_CBC, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CBC MAC 256 message_len=64"), - .p_plaintext = - "93cccff91971303929c53d0de3dd7a96851e54fe1b484d240cae8ff2b99051766f4d6f" - "7b500d26e2e43295bd4c6313bca988875944215d8de20298e3bb795d9d", - .p_ciphertext = "8dbe503b77ebed416cd0ad049314aaa4", - .p_key = - "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", - .p_iv = "00000000000000000000000000000000" -}; -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ diff --git a/tests/crypto/test_cases/test_vectors_aes_ctr.c b/tests/crypto/test_cases/test_vectors_aes_ctr.c deleted file mode 100644 index 298f48421c89..000000000000 --- a/tests/crypto/test_cases/test_vectors_aes_ctr.c +++ /dev/null @@ -1,792 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief CTR test vectors can be found NIST Special Publication 800-38A. - * - * https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf - */ -const char ctr_long_plain[] = { - "d8571a7c14be149a0e94fc6c0d8ec2fa0d55510787762e41726d33f96d45f909194fe52571" - "b7dd556a6016f8063cf1bd1601b4cac12814adf097d20c01ebc74e6ff786895ac85aca48cf" - "982eb089eed94d0c3f1f33156a01fa7675154971756fa63493cc0d587ff3d2895c782618a6" - "7f8f7003b7c7fee18e609cc159ad99bc70bc16fda7e01f8352d9a628c861cd97b82b7ebd83" - "7506a5a14a94e8e7db0589cb5ef10c3808977accc1f261d2e87a5e4556a626a388b83349f3" - "75b79a35297c294a0deb0dff4c414235a4c3d799a602eb3633d655725e084421c20e5415a1" - "f11765514d1d8d8800617e3c26cbbe71cc423305f62c4c770bffec44" -}; -const char ctr_128_long_cipher[] = { - "34dbc50f8cde682afc46ea19e710631e3b7e2d3be0057f226acd442e91158aa77363265d09" - "3eea1ad4d4dee311869df9fe9d8d5531d98c6b249de3d714876cb0dffac1714e42cbc4b8a7" - "a8b920c24bdb15957b457ef46bf4e9bca48d34f89c749ded3fb54486540ab7e0f04065e0d4" - "3df2eacd37803db28775c679f15d1c2bc10b8a4481a0f1cbc54c091edd4b7e6183513cd2f5" - "f8bf4049562120a9ac4844e6f35141df20baf912999cb557e2e9d1501b8497425a091bdd09" - "d4483ce1a51c1a4fd775f236ae3fa543535e012fa89a1aa81218cf1d3b23572309afa230d8" - "e6e1814719fb76c82ed66c4dec3c5568d2911e9b8862c8a679b884bc" -}; -const char ctr_128_key[] = { "2b7e151628aed2a6abf7158809cf4f3c" }; -const char ctr_counter_1[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff" }; -const char ctr_counter_2[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdff00" }; -const char ctr_counter_3[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdff01" }; -const char ctr_counter_4[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdff02" }; -const char ctr_counter_5[] = { "f0f1f2f3f4f5f6f7f8f9fafbfcfdff03" }; -const char ctr_plain_1[] = { "6bc1bee22e409f96e93d7e117393172a" }; -const char ctr_plain_2[] = { "ae2d8a571e03ac9c9eb76fac45af8e51" }; -const char ctr_plain_3[] = { "30c81c46a35ce411e5fbc1191a0a52ef" }; -const char ctr_plain_4[] = { "f69f2445df4f9b17ad2b417be66c3710" }; -const char ctr_128_cipher_1[] = { "874d6191b620e3261bef6864990db6ce" }; -const char ctr_128_cipher_2[] = { "9806f66b7970fdff8617187bb9fffdff" }; -const char ctr_128_cipher_3[] = { "5ae4df3edbd5d35e5b4f09020db03eab" }; -const char ctr_128_cipher_4[] = { "1e031dda2fbe03d1792170a0f3009cee" }; - -/* AES CTR - Functional test using test vector NIST SP 800-38A CTR-AES128.Encrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_func_data, - test_vector_aes_t test_vector_aes_ctr_128_functional) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("CTR 128 Functional"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_128_cipher_1, - .p_key = ctr_128_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - long */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_long) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt message_len=250"), - .p_plaintext = ctr_long_plain, - .p_ciphertext = ctr_128_long_cipher, - .p_key = ctr_128_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - short */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_short) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = ctr_128_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Encrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_1) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt message_len=16 valid 1"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_128_cipher_1, - .p_key = ctr_128_key, - .p_iv = ctr_counter_1, - .p_ad = ctr_counter_2 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Encrypt - Block 2 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_2) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt message_len=16 valid 2"), - .p_plaintext = ctr_plain_2, - .p_ciphertext = ctr_128_cipher_2, - .p_key = ctr_128_key, - .p_iv = ctr_counter_2, - .p_ad = ctr_counter_3 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Encrypt - Block 3 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_3) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt message_len=16 valid 3"), - .p_plaintext = ctr_plain_3, - .p_ciphertext = ctr_128_cipher_3, - .p_key = ctr_128_key, - .p_iv = ctr_counter_3, - .p_ad = ctr_counter_4 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Encrypt - Block 4 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_4) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt message_len=16 valid 4"), - .p_plaintext = ctr_plain_4, - .p_ciphertext = ctr_128_cipher_4, - .p_key = ctr_128_key, - .p_iv = ctr_counter_4, - .p_ad = ctr_counter_5 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Encrypt - Counter Oveflow */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_encrypt_5) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Encrypt Counter Overflow"), - .p_plaintext = "563d9cd1fcf40d7335cfe7932ae6183c", - .p_ciphertext = "cfcb732b9d80dc141cb6a163516e0882", - .p_key = "7d5b752df6956655c091c69fb2684483", - .p_iv = "ffffffffffffffffffffffffffffffff", - .p_ad = "00000000000000000000000000000000" -}; - -/* AES CTR - Custom test vector - long */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_decrypt_long) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Decrypt message_len=250"), - .p_plaintext = ctr_long_plain, - .p_ciphertext = ctr_128_long_cipher, - .p_key = ctr_128_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - short */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_decrypt_short) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = ctr_128_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Decrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_decrypt_1) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Decrypt message_len=16 valid 1"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_128_cipher_1, - .p_key = ctr_128_key, - .p_iv = ctr_counter_1, - .p_ad = ctr_counter_2 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Decrypt - Block 2 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_decrypt_2) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Decrypt message_len=16 valid 2"), - .p_plaintext = ctr_plain_2, - .p_ciphertext = ctr_128_cipher_2, - .p_key = ctr_128_key, - .p_iv = ctr_counter_2, - .p_ad = ctr_counter_3 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Decrypt - Block 3 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_decrypt_3) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Decrypt message_len=16 valid 3"), - .p_plaintext = ctr_plain_3, - .p_ciphertext = ctr_128_cipher_3, - .p_key = ctr_128_key, - .p_iv = ctr_counter_3, - .p_ad = ctr_counter_4 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Decrypt - Block 4 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_decrypt_4) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Decrypt message_len=16 valid 4"), - .p_plaintext = ctr_plain_4, - .p_ciphertext = ctr_128_cipher_4, - .p_key = ctr_128_key, - .p_iv = ctr_counter_4, - .p_ad = ctr_counter_5 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES128.Decrypt - Counter Oveflow */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_128_decrypt_5) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 128 Decrypt Counter Overflow"), - .p_plaintext = "563d9cd1fcf40d7335cfe7932ae6183c", - .p_ciphertext = "cfcb732b9d80dc141cb6a163516e0882", - .p_key = "7d5b752df6956655c091c69fb2684483", - .p_iv = "ffffffffffffffffffffffffffffffff", - .p_ad = "00000000000000000000000000000000" -}; - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - -const char ctr_192_key[] = { - "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b" -}; -const char ctr_192_long_cipher[] = { - "a92a37ba2dac97aea88286248063bbdbaa7be2bc93d3783239169e93dc24f9cc37b14b0803" - "00ff345e26ca874a1608a5afe63779ccff86e2072b499bbf41400e27e5cabe58fca4ffe09e" - "784cc5cfca70930f46ad9227b517d872291b05d8456085d360f1a27ea78c5efd48aaa80d6b" - "9a17f07eb814082fa6746b48e8b308e90345927f4c587d9c6b18c2e166efbfc538e0e02d01" - "62a42ac696a013290757f80e8bc04135efe6c2f3166259e1878d091d7c00e30f18ab9c20b2" - "ff62f7e0d8a7ab8120ef931e4a272f4f3760c0def8b3059834767b3476cd538bfc25709e93" - "6ced8825d02cf2283db2807f1fb903f2c0fef64d6f478e67d68af46a" -}; -const char ctr_192_cipher_1[] = { "1abc932417521ca24f2b0459fe7e6e0b" }; -const char ctr_192_cipher_2[] = { "090339ec0aa6faefd5ccc2c6f4ce8e94" }; -const char ctr_192_cipher_3[] = { "1e36b26bd1ebc670d1bd1d665620abf7" }; -const char ctr_192_cipher_4[] = { "4f78a7f6d29809585a97daec58c6b050" }; - -/* AES CTR - Functional test using test vector NIST SP 800-38A CTR-AES192.Encrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_func_data, - test_vector_aes_t test_vector_aes_ctr_192_functional) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("CTR 192 Functional"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_192_cipher_1, - .p_key = ctr_192_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - long */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_encrypt_long) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Encrypt message_len=250"), - .p_plaintext = ctr_long_plain, - .p_ciphertext = ctr_192_long_cipher, - .p_key = ctr_192_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - short */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_encrypt_short) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = ctr_192_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Encrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_encrypt_1) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Encrypt message_len=16 valid 1"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_192_cipher_1, - .p_key = ctr_192_key, - .p_iv = ctr_counter_1, - .p_ad = ctr_counter_2 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Encrypt - Block 2 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_encrypt_2) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Encrypt message_len=16 valid 2"), - .p_plaintext = ctr_plain_2, - .p_ciphertext = ctr_192_cipher_2, - .p_key = ctr_192_key, - .p_iv = ctr_counter_2, - .p_ad = ctr_counter_3 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Encrypt - Block 3 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_encrypt_3) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Encrypt message_len=16 valid 3"), - .p_plaintext = ctr_plain_3, - .p_ciphertext = ctr_192_cipher_3, - .p_key = ctr_192_key, - .p_iv = ctr_counter_3, - .p_ad = ctr_counter_4 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Encrypt - Block 4 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_encrypt_4) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Encrypt message_len=16 valid 4"), - .p_plaintext = ctr_plain_4, - .p_ciphertext = ctr_192_cipher_4, - .p_key = ctr_192_key, - .p_iv = ctr_counter_4, - .p_ad = ctr_counter_5 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Encrypt - Counter Oveflow */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_encrypt_5) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Encrypt Counter Overflow"), - .p_plaintext = "563d9cd1fcf40d7335cfe7932ae6183c", - .p_ciphertext = "e11c6b5f89b024821b042e9cf8c0005d", - .p_key = "24ce863c213533bb79f1592f4f350da3c7f70e5f977b315d", - .p_iv = "ffffffffffffffffffffffffffffffff", - .p_ad = "00000000000000000000000000000000" -}; - -/* AES CTR - Custom test vector - long */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_decrypt_long) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Decrypt message_len=250"), - .p_plaintext = ctr_long_plain, - .p_ciphertext = ctr_192_long_cipher, - .p_key = ctr_192_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - short */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_decrypt_short) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = ctr_192_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Decrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_decrypt_1) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Decrypt message_len=16 valid 1"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_192_cipher_1, - .p_key = ctr_192_key, - .p_iv = ctr_counter_1, - .p_ad = ctr_counter_2 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Decrypt - Block 2 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_decrypt_2) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Decrypt message_len=16 valid 2"), - .p_plaintext = ctr_plain_2, - .p_ciphertext = ctr_192_cipher_2, - .p_key = ctr_192_key, - .p_iv = ctr_counter_2, - .p_ad = ctr_counter_3 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Decrypt - Block 3 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_decrypt_3) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Decrypt message_len=16 valid 3"), - .p_plaintext = ctr_plain_3, - .p_ciphertext = ctr_192_cipher_3, - .p_key = ctr_192_key, - .p_iv = ctr_counter_3, - .p_ad = ctr_counter_4 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Decrypt - Block 4 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_decrypt_4) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Decrypt message_len=16 valid 4"), - .p_plaintext = ctr_plain_4, - .p_ciphertext = ctr_192_cipher_4, - .p_key = ctr_192_key, - .p_iv = ctr_counter_4, - .p_ad = ctr_counter_5 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES192.Decrypt - Counter Oveflow */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_192_decrypt_5) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 192 Decrypt Counter Overflow"), - .p_plaintext = "563d9cd1fcf40d7335cfe7932ae6183c", - .p_ciphertext = "e11c6b5f89b024821b042e9cf8c0005d", - .p_key = "24ce863c213533bb79f1592f4f350da3c7f70e5f977b315d", - .p_iv = "ffffffffffffffffffffffffffffffff", - .p_ad = "00000000000000000000000000000000" -}; - -const char ctr_256_key[] = { - "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4" -}; -const char ctr_256_long_cipher[] = { - "d388678d4da902a9500e7779c5ee07f8573b389ad4173747265eb5c5e220829d028ec9b970" - "d6d00867ebc05b31b23bdf3f575502a81d221c4e7e4e7fa2feb1f8e480796983b453589f38" - "963259462d6e01e7589d5313628296d4be506cebf0c2bffac0303d4dfe8107de4038c859ff" - "17bb1f2abe7933808d04bb1dc2864ed19662ab6edaaa716e5b0fe9dbe14a0c19c8b1b2942b" - "24e5d4ac817b1592c9eb97fc93fd96e8ce43aae1540589d7fcaa9139fb8043ca6df80cd8a6" - "8978a9ecfdc47eb7fdab2e9f0bfe75b9113f56854edf14fcfc56daa86fb60046058ecc089a" - "5042724f176b2806ce3abc7952ae2de0e3742eff568a90ee491d8203" -}; -const char ctr_256_cipher_1[] = { "601ec313775789a5b7a7f504bbf3d228" }; -const char ctr_256_cipher_2[] = { "f443e3ca4d62b59aca84e990cacaf5c5" }; -const char ctr_256_cipher_3[] = { "2b0930daa23de94ce87017ba2d84988d" }; -const char ctr_256_cipher_4[] = { "dfc9c58db67aada613c2dd08457941a6" }; - -/* AES CTR - Functional test using test vector NIST SP 800-38A CTR-AES256.Encrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_func_data, - test_vector_aes_t test_vector_aes_ctr_256_functional) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("CTR 256 Functional"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_256_cipher_1, - .p_key = ctr_256_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - long */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_encrypt_long) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Encrypt message_len=250"), - .p_plaintext = ctr_long_plain, - .p_ciphertext = ctr_256_long_cipher, - .p_key = ctr_256_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - short */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_encrypt_short) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = ctr_256_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Encrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_encrypt_1) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Encrypt message_len=16 valid 1"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_256_cipher_1, - .p_key = ctr_256_key, - .p_iv = ctr_counter_1, - .p_ad = ctr_counter_2 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Encrypt - Block 2 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_encrypt_2) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Encrypt message_len=16 valid 2"), - .p_plaintext = ctr_plain_2, - .p_ciphertext = ctr_256_cipher_2, - .p_key = ctr_256_key, - .p_iv = ctr_counter_2, - .p_ad = ctr_counter_3 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Encrypt - Block 3 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_encrypt_3) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Encrypt message_len=16 valid 3"), - .p_plaintext = ctr_plain_3, - .p_ciphertext = ctr_256_cipher_3, - .p_key = ctr_256_key, - .p_iv = ctr_counter_3, - .p_ad = ctr_counter_4 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Encrypt - Block 4 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_encrypt_4) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Encrypt message_len=16 valid 4"), - .p_plaintext = ctr_plain_4, - .p_ciphertext = ctr_256_cipher_4, - .p_key = ctr_256_key, - .p_iv = ctr_counter_4, - .p_ad = ctr_counter_5 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Encrypt - Counter Oveflow */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_encrypt_5) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Encrypt Counter Overflow"), - .p_plaintext = "2bdb7c499b55bfe636860c320d2eee1b", - .p_ciphertext = "02a1ef073c9c0ba74f195564455398c5", - .p_key = - "47778b2c9558790eb5def620fafcb8f5a447e3bfe34eb8d6c0911b27f0f95e85", - .p_iv = "ffffffffffffffffffffffffffffffff", - .p_ad = "00000000000000000000000000000000" -}; - -/* AES CTR - Custom test vector - long */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_decrypt_long) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Decrypt message_len=250"), - .p_plaintext = ctr_long_plain, - .p_ciphertext = ctr_256_long_cipher, - .p_key = ctr_256_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - Custom test vector - short */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_decrypt_short) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = ctr_256_key, - .p_iv = ctr_counter_1 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Decrypt - Block 1 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_decrypt_1) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Decrypt message_len=16 valid 1"), - .p_plaintext = ctr_plain_1, - .p_ciphertext = ctr_256_cipher_1, - .p_key = ctr_256_key, - .p_iv = ctr_counter_1, - .p_ad = ctr_counter_2 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Decrypt - Block 2 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_decrypt_2) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Decrypt message_len=16 valid 2"), - .p_plaintext = ctr_plain_2, - .p_ciphertext = ctr_256_cipher_2, - .p_key = ctr_256_key, - .p_iv = ctr_counter_2, - .p_ad = ctr_counter_3 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Decrypt - Block 3 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_decrypt_3) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Decrypt message_len=16 valid 3"), - .p_plaintext = ctr_plain_3, - .p_ciphertext = ctr_256_cipher_3, - .p_key = ctr_256_key, - .p_iv = ctr_counter_3, - .p_ad = ctr_counter_4 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Decrypt - Block 4 */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_decrypt_4) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Decrypt message_len=16 valid 4"), - .p_plaintext = ctr_plain_4, - .p_ciphertext = ctr_256_cipher_4, - .p_key = ctr_256_key, - .p_iv = ctr_counter_4, - .p_ad = ctr_counter_5 -}; - -/* AES CTR - NIST SP 800-38A CTR-AES256.Decrypt - Counter Oveflow */ -ITEM_REGISTER(test_vector_aes_ctr_data, - test_vector_aes_t test_vector_aes_ctr_256_decrypt_5) = { - .mode = MBEDTLS_MODE_CTR, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("CTR 256 Decrypt Counter Overflow"), - .p_plaintext = "2bdb7c499b55bfe636860c320d2eee1b", - .p_ciphertext = "02a1ef073c9c0ba74f195564455398c5", - .p_key = - "47778b2c9558790eb5def620fafcb8f5a447e3bfe34eb8d6c0911b27f0f95e85", - .p_iv = "ffffffffffffffffffffffffffffffff", - .p_ad = "00000000000000000000000000000000" -}; - -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ diff --git a/tests/crypto/test_cases/test_vectors_aes_ecb.c b/tests/crypto/test_cases/test_vectors_aes_ecb.c deleted file mode 100644 index e51789e822b4..000000000000 --- a/tests/crypto/test_cases/test_vectors_aes_ecb.c +++ /dev/null @@ -1,2097 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" - -/**@brief ECB test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/block-ciphers#AES - */ - -/* AES ECB - Functional test using test vector NIST CAVS 11.1 ECB KeySbox 128 - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_func_data, - test_vector_aes_t test_vector_aes_ecb_128_functional) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Functional"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "6d251e6944b051e04eaa6fb4dbf78465", - .p_key = "10a58869d74be5a374cf867cfb473859" -}; - -/* AES ECB - Custom test vector - Encrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_c0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; - -/* AES ECB - Custom test vector - Decrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_c0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; - -#if 0 - -ECB padding currently unsupported by mbedTLS. - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_128_encrypt_c3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de", - .p_ciphertext = "77914f065bdaccd3ca428385e4f20643", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_128_decrypt_c3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f", /**< The 15 padded bytes (0x0f) will be removed in the actual generated plaintext. */ - .p_ciphertext = "77914f065bdaccd3ca428385e4f20643", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_128_encrypt_c4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede", - .p_ciphertext = "012e6cf02e5746a4ae7ad6287e244973a87e6dbf88ffd1413b95b96491c8872a", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_128_decrypt_c4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede10101010101010101010101010101010", /**< The 16 padded bytes (0x10) will be removed in the actual generated plaintext. */ - .p_ciphertext = "012e6cf02e5746a4ae7ad6287e244973a87e6dbf88ffd1413b95b96491c8872a", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_128_encrypt_c5) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=31 pkcs7-padding"), - .p_plaintext = "dedededededededededededededededededededededededededededededede", - .p_ciphertext = "012e6cf02e5746a4ae7ad6287e244973e0dcca6023766f779fd984c5c321c7ee", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_128_decrypt_c5) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=31 pkcs7-padding"), - .p_plaintext = "dedededededededededededededededededededededededededededededede01", /**< The padded byte (0x01) will be removed in the actual generated plaintext. */ - .p_ciphertext = "012e6cf02e5746a4ae7ad6287e244973e0dcca6023766f779fd984c5c321c7ee", - .p_key = "89df4c819f49dbcbcb124304023cf38c" -}; -#endif - -/* AES ECB - NIST CAVS 11.1 GFSBox Tests 128 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_gfsb0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt GFSBox 0"), - .p_plaintext = "f34481ec3cc627bacd5dc3fb08f273e6", - .p_ciphertext = "0336763e966d92595a567cc9ce537f5e", - .p_key = "00000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 GFSBox Tests 128 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_gfsb0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt GFSBox 0"), - .p_plaintext = "f34481ec3cc627bacd5dc3fb08f273e6", - .p_ciphertext = "0336763e966d92595a567cc9ce537f5e", - .p_key = "00000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 128 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_vk0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "0edd33d3c621e546455bd8ba1418bec8", - .p_key = "80000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 128 Encrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_vk127) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt VarKey 127"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "a1f6258c877d5fcd8964484538bfc92c", - .p_key = "ffffffffffffffffffffffffffffffff" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 128 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_vk0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "0edd33d3c621e546455bd8ba1418bec8", - .p_key = "80000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 128 Decrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_vk127) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt VarKey 127"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "a1f6258c877d5fcd8964484538bfc92c", - .p_key = "ffffffffffffffffffffffffffffffff" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 128 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_vt0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt VarTxt 0"), - .p_plaintext = "80000000000000000000000000000000", - .p_ciphertext = "3ad78e726c1ec02b7ebfe92b23d9ec34", - .p_key = "00000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 128 Encrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_vt127) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt VarTxt 127"), - .p_plaintext = "ffffffffffffffffffffffffffffffff", - .p_ciphertext = "3f5b8cc9ea855a0afa7347d23e8d664e", - .p_key = "00000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 128 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_vt0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt VarTxt 0"), - .p_plaintext = "80000000000000000000000000000000", - .p_ciphertext = "3ad78e726c1ec02b7ebfe92b23d9ec34", - .p_key = "00000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 128 Decrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_vt127) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt VarTxt 127"), - .p_plaintext = "ffffffffffffffffffffffffffffffff", - .p_ciphertext = "3f5b8cc9ea855a0afa7347d23e8d664e", - .p_key = "00000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_16) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=16"), - .p_plaintext = "1695fe475421cace3557daca01f445ff", - .p_ciphertext = "7888beae6e7a426332a7eaa2f808e637", - .p_key = "edfdb257cb37cdf182c5455b0c0efebb" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_32) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=32"), - .p_plaintext = - "1b0a69b7bc534c16cecffae02cc5323190ceb413f1db3e9f0f79ba654c54b60e", - .p_ciphertext = - "ad5b089515e7821087c61652dc477ab1f2cc6331a70dfc59c9ffb0c723c682f6", - .p_key = "7723d87d773a8bbfe1ae5b081235b566" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_48) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=48"), - .p_plaintext = - "6f172bb6ec364833411841a8f9ea2051735d600538a9ea5e8cd2431a432" - "903c1d6178988b616ed76e00036c5b28ccd8b", - .p_ciphertext = - "4cc2a8f13c8c7c36ed6a814db7f26900c7e04df49cbad916ce6a44d0ae" - "4fe7edc0b402794675b3694933ebbc356525d8", - .p_key = "280afe063216a10b9cad9b2095552b16" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_64) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=64"), - .p_plaintext = - "593559318cc66bf695e49feb42794bdfb66bce895ec222ca2609b133ecf66ac7344d13" - "021e01e11a969c4684cbe20abae2b19d3ceb2cacd41419f21f1c865149", - .p_ciphertext = - "3ea6f4305217bd47eebe773da4b578549cac744c00cbd8f9d596d38010304bd850cc2f" - "4b19a91c2e022eabf100266185ca2705127815dfd46efbe4ecd46a3058", - .p_key = "ef60fb1400c83936414a25651eb51a1b" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_80) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=80"), - .p_plaintext = - "84f809fc5c84652376cc0df10095bc00b9f0547fa91a2d3310a0adbc9cc" - "6191ade2aaa6fffa5e406af7223955f9277bfb06eb1dd2bbfbefe32ab34" - "2c36302bf22bc64e1b394032bbb5f4e6744f1bcbf2", - .p_ciphertext = - "a6dc096bc21b0658e416a0f679fefc6e958e9c56e3ce04fdf6e392c2db" - "770a60d9523c255925e14a3e02a1002bf3875c2e501bac618bee1f55f9" - "850454854eef9d693d90937cc8387b6f4c4414e2080b", - .p_key = "c5805cd1c4a7b98a715badb709720bf4" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_96) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=96"), - .p_plaintext = - "7adcf4a494f6b09790c82c8bb97db62c5d3fa4032f06dfeceaad9ecb374b747bd1c08d" - "07e78e351dc2eb99bfa714d23cffe31f5fb5a472e6e0252f35a20c304c4f6d0cf7d29c" - "99444d40af3a00a92fc86c6444fcb80ce9765362ac1bdba0b10e", - .p_ciphertext = - "22217953f71932ab4360d97ef495081559f1fcb09caca41fa0c65f7b1792b560eabe18" - "f3b3b06ef80c41886f24c5d6d32d20427e83d8b5564d9ac7435a2842c1cf7c6fcc229e" - "b7f518d3e0167d510efbaee39a0438fc800eb6acfc203c93280c", - .p_key = "4c35be028e1475278346eae531cbee5c" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_112) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=112"), - .p_plaintext = - "37a1205ea929355d2e4ee52d5e1d9cda279ae01e640287ccb153276e7e0" - "ecf2d633cf4f2b3afaecb548a2590ce0445c6a168bac3dc601813eb7459" - "1bb1ce8dfcd740cdbb6388719e8cd283d9cc7e736938240b410dd5a6a48" - "ba49dd2066503e63ab592ffdf3be49e7d2de74f82158b8c", - .p_ciphertext = - "c88e03383ba9da6f982c057fe92c0bb3ed5b9cd18295a100e13a4e12d4" - "40b919bbb8b221abead362902ce44d30d0b80e56bee1f66a7d8de0b1e1" - "b4dbf76c90c1807a3bc5f277e9814c82ab120f7e10217dfdf6092ce495" - "8f8906c5e32279c6537dd1fbae20cb7a1d9f89d0490b6aefc1", - .p_key = "00cc73c990d376b82246e45ea3ae2e37" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_128) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=128"), - .p_plaintext = - "eaf1760c0f25310dada6debeb966304db7a9f1b2d1c3af922623b263649031d299b3c5" - "6146d61d55b6ebf4cf8dd04039a4d1ace3146f49ee915f806afad64cbb2d04a64120de" - "40382e2175dcae9480d1ca8dedc38fb64e4a40112f10f03a4c354fed01f2c5c7017dbd" - "514b2d443a5adfd2e49c986723266cda41a69e6e459908", - .p_ciphertext = - "5ece70a44da41bc7cfb9b582ea9ce0980030ec4af331e76499961f88860aa0554aba3e" - "cbf77ca4293a3fee854a2caf3ae800343fb4521388b16b6dc599b3d60bf82777f98e1a" - "8d04ab9cd54dd9a248095795d4dfe4858bfd9a05f54c795bb086e15f7c22228184ec66" - "a9ca10b1cf71a6bb9303c5cd1dcc056460a86df651f053", - .p_key = "0a53aa7a3e4a4f364e8c6c7224af5501" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_144) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=144"), - .p_plaintext = - "8177d79c8f239178186b4dc5f1df2ea7fee7d0db535489ef983aefb3b20" - "29aeba0bb2b46a2b18c94a1417a33cbeb41ca7ea9c73a677fccd2eb5470" - "c3c500f6d3f1a6c755c944ba586f88921f6ae6c9d194e78c7233c406126" - "633e144c3810ad23ee1b5af4c04a22d49e99e7017f74c2309492569ff49" - "be17d2804920f2ac5f514d13fd3e7318cc7cf80ca5101a465428", - .p_ciphertext = - "5befb3062a7a7246af1f77b0ec0ac614e28be06ac2c81b19e5a0481bf1" - "60f9f2bc43f28f6548787639e4ce3e0f1e95475f0e81ceb793004c8e46" - "670ebd48b866d5b43d104874ead4be8a236bf90b48f862f7e252dec447" - "5fdbb841a662efcd25ed64b2910e9baaea9466e413a4241438b31df0bd" - "3df9a16f4641636754e259861728aa7ddf435cc51f54f79a1db25f52", - .p_key = "b80bcc929052cb5450479442e2b809ce" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Encrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_160) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt message_len=160"), - .p_plaintext = - "451f45663b44fd005f3c288ae57b383883f02d9ad3dc1715f9e3d6948564257b9b06d7" - "dd51935fee580a96bbdfefb918b4e6b1daac809847465578cb8b5356ed38556f801ff7" - "c11ecba9cdd263039c15d05900fc228e1caf302d261d7fb56cee663595b96f192a78ff" - "4455393a5fe8162170a066fdaeac35019469f22b3470686bced2f007a1a2e43e01b456" - "2caaa502ed541b8205874ec1ffb1c8b255766942", - .p_ciphertext = - "01043053f832ef9b911ed387ba577451e30d51d4b6b11f319d4cd539d067b7f4f9b4f4" - "1f7f3d4e920c57cbe2b5e1885aa66203ae493e93a1df63793a9563c176bc6775dd09cc" - "9161e278a01beb8fd8a19200326bd95abc5f716768e34f90b50523d30fdabb103a3bc0" - "20afbbb0cb3bd2ad512a6fea79f8d64cef347458dec48be89451cb0b807d73593f273d" - "9fc521b789a77524404f43e00f20b3b77b938b1a", - .p_key = "ebea9c6a82213a00ac1d22faea22116f" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_16) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=16"), - .p_plaintext = "46f2c98932349c338e9d67f744a1c988", - .p_ciphertext = "065bd5a9540d22d5d7b0f75d66cb8b30", - .p_key = "54b760dd2968f079ac1d5dd20626445d" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_32) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=32"), - .p_plaintext = - "8c8e6ed8a6bdb3baabec78189b7d61010d6d168de2c08ec56f9b9c004a191e21", - .p_ciphertext = - "76fa67e121894dbc2ad85ae7f9c5c44d14ccee5b87d5e7708950338f5c84cf58", - .p_key = "bce4c486cc4a12622b9147df9bca452c" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_48) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=48"), - .p_plaintext = - "8838058bd98072b72fd75641edb216301fee8323ff8c4ba18ee6a4623c2" - "fdeb3df5f8a240a8e7e6d5ae15444614f41fb", - .p_ciphertext = - "1ce69ab7624fed511fb42b8fb639f566d72783f9ab49801651961b048e" - "0f5b7cc0ebb2f514f2d625f927ccc4d5a94593", - .p_key = "279161759d29e92dc8f1fafd8d45533d" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_64) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=64"), - .p_plaintext = - "6061df5bcd421fabdb5235fc032502650448fd8233a0237c5f6f249a63d7db3e4283ac" - "9a8684a363ef64e760c5886564659da619466851568b32091df5516f57", - .p_ciphertext = - "6c53489f6a4bd0f7cd15d20f6ebc7e649fd95b76b107e6daba967c8a9484797f29a8a2" - "82ee31c03fae4f8e9b8930d5473c2ed695a347e88b7ccd62376d5ebb41", - .p_key = "9ba852520c9fd1eb367b6ad2aed07abd" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_80) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=80"), - .p_plaintext = - "3f098ae7e7524ddb556403c5d3d0b10e5db6c324843ca54a47e34ad9bdb" - "ccc93a645e96f2e98651751f0f1a697398ea801a69079c1808b6a8e3bb0" - "2a4cf3292f1a7a05b954571339f7899f9aaa2ae1e9", - .p_ciphertext = - "33cb1a98ce4be97f5b222aa861c945643f372687cbf7f8193a7d304e40" - "baceb877eedfbc05be47437a86bdb1f7f0171b95c6c8b50404a7897332" - "f26fb0f0923991d3a02e926f29babfb52e63d580efff", - .p_key = "cd6a33abb95d7ab92980f9c2b810c90f" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_96) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=96"), - .p_plaintext = - "3dfe918048f4c0b0b22fbc55e5af751cf3e6ce348eb9a888795033f6dd216afbea65fc" - "8df41c0ce6c7316a8183d36060bf19709fe2bec6d13bbdf1a434cc5b8f10aadb368c26" - "9d2dc4474a1f8112640fe52803b1883cb7756743100a758dd862", - .p_ciphertext = - "19d76b386a7715dec7aad8bb01d126c7385a4387f087faec67718f78274cf4a2d7ec3f" - "7c56885c930bbfff1676d8dd3b0b4e1cdf418c086de6f50700b527cfcc2a81d6ba95e3" - "0a526eb4c3dee82af6ccc8c5ab55781db15c57de90995411bff6", - .p_key = "ff71b9f6311a44072ddb1a77488c4870" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_112) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=112"), - .p_plaintext = - "6e19cec775595c2f768de3bda3682fb4026ed1889fc3de11bc45a2a3e2b" - "22694ddaab3274c81b29204fa034eedac564a7dfe27aabb6ff420f9aa5a" - "badf15c74676efeabd96a7ff2491813ba53cb5ab76eacd37255a28daecb" - "be580f5eb77f9bc0339e0da59b2b307f52974b6182cb106", - .p_ciphertext = - "4d6f972946a2e4ca05bfbeecd00535ece6c81ed963c4167063b1c34b6a" - "185d5504646d81a83cd5bce2101120b2f2bc6a2fa856ae6fff4449ab62" - "18189faa13e73038e82c5141c3f6276a8a206b9563ca11fa76092779f4" - "deff2e58659047ed4f1a129092095ab75f1cf4b255c69531f4", - .p_key = "8ec6a5a054fea2fc8dafb5939a4bd788" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_128) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=128"), - .p_plaintext = - "398db04b45a724393e4baec86a220f22358df1bbf0cab278dcfecf7a3f8f6275ef45ed" - "9f039bc1f5030c3a0c245fbb6ea0bff3e2da0859ac498db6624a572023de7c221bf356" - "7f51e98947970dfc581b3ca670ab92953d3bdd97dbf5d6bef8aa2f31500d221198ed9f" - "23b049eaeed67683083034b4a5a82a0e49319e368c6f55", - .p_ciphertext = - "447557bd1561b09a082cabdbf49b0612b46c9793db3c987aa4a843ef28b39fa8d46799" - "b019c0566765c5c8cb53f87ff51ff0c2e65c45df84e9acbfe02163bdba52d0b8477065" - "67320bc6ede07f2eaef86b0f602364f86510eabc58bc9ad1e6f0a6f6df0b83188c01e1" - "7744a4e0053a22810e99cf5a1ed3258f203509fdc3c050", - .p_key = "b53e54b1b09f78abcd6afac1f7e7cda9" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_144) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=144"), - .p_plaintext = - "a2e19c08fa204640b1bc73beac58f81a7923f3ef2a0affcf1568c9179d8" - "16cf1bd16b79418f0266f0ff904e06045f276df187ed72b8f6641b065b8" - "54a7d3f152b8e153cd77ec605e5b75454245745dc0e0dcfc616f5246f86" - "8b6ee5a1df56c4906c5c34bc42309d370733e50d9a1addc3f37cbe4b331" - "ac7d3a920c794484a16b05599f46f42046a6dc9063b1d5a8ae1f", - .p_ciphertext = - "fa2e97bed2f0b76ed2f8c1275f6d50ecfc1131240622ba9da17e5dd0f2" - "0a7d678f537ffc33762524b73e17ac3d8dc322affd679768c66ca430e3" - "f6ab6e70b95f99570e87f02b46ff6b543efff16d339fcbead89b59fea6" - "5403bc7418737c47a301806be66fd7c307d7825da8e1d6496c3921acb7" - "419010b60350fea069f4cf3bb017bfa11a424344e3109d30778fad90", - .p_key = "9e79b681c57d7feb7db7e8a6ad41382c" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 128 Decrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_160) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt message_len=160"), - .p_plaintext = - "9c29eecb2de04254fafb896a994102d1da30ddb49d82728eb23dbd029901e9b75b3d0a" - "ee03f7a05f6c852d8fada0b5c28e8c9aed334fad11829df3dfadc5c2e471eb41af9e48" - "a8a465e03d5ebdb0216915081f3b5a0ebb2308dfc2d28e5a8ba3f32adae4c3575921bc" - "657b63d46ba5a618880ee9ad8af3fba5643a5026facd7d667ce599327f936cdda7e1bb" - "742a33a019990b76be648a6ec725daed540ed9e7", - .p_ciphertext = - "931b2f5f3a5820d53a6beaaa6431083a3488f4eb03b0f5b57ef838e1579623103bd6e6" - "800377538b2e51ef708f3c4956432e8a8ee6a34e190642b26ad8bdae6c2af9a6c7996f" - "3b6004d2671e41f1c9f40ee03d1c4a52b0a0654a331f15f34dce4acb96bd6507815ca4" - "347a3de11a311b7de5351c9787c4538158e28974ffa83d8296dfe9cd09cd87f7bf4f54" - "d97d28d4788799163408323943b3e72f5eab66c1", - .p_key = "44f0ee626d0446e0a3924cfb078944bb" -}; - -#if defined(CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS) -/* AES ECB Multi - NIST CAVS 11.1 Monte Carlo Encrypt 128 */ -ITEM_REGISTER(test_vector_aes_ecb_monte_carlo_data, - test_vector_aes_t test_vector_aes_ecb_128_encrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Encrypt Monte Carlo"), - .p_plaintext = "b9145a768b7dc489a096b546f43b231f", - .p_ciphertext = "fb2649694783b551eacd9d5db6126d47", - .p_key = "139a35422f1d61de3c91787fe0507afd" -}; - -/* AES ECB Multi - NIST CAVS 11.1 Monte Carlo Decrypt 128 */ -ITEM_REGISTER(test_vector_aes_ecb_monte_carlo_data, - test_vector_aes_t test_vector_aes_ecb_128_decrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 128 Decrypt Monte Carlo"), - .p_plaintext = "d1d2bfdc58ffcad2341b095bce55221e", - .p_ciphertext = "b08a29b11a500ea3aca42c36675b9785", - .p_key = "0c60e7bf20ada9baa9e1ddf0d1540726" -}; -#endif /* CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS */ - -#if defined(MBEDTLS_CIPHER_AES_256_ECB_C) - -/* AES ECB - Functional test using test vector NIST CAVS 11.1 ECB KeySbox 192 - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_func_data, - test_vector_aes_t test_vector_aes_ecb_192_functional) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Functional"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "0956259c9cd5cfd0181cca53380cde06", - .p_key = "e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd" -}; - -/* AES ECB - Custom test vector - Encrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_c0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d" -}; - -/* AES ECB - Custom test vector - Decrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_c0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d" -}; - -#if 0 - -ECB padding currently unsupported by mbedTLS. - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_192_encrypt_c3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de", - .p_ciphertext = "e8bcefc38b136209ffe5599f40483121", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_192_decrypt_c3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f", /**< The 15 padded bytes (0x0f) will be removed in the actual generated plaintext. */ - .p_ciphertext = "e8bcefc38b136209ffe5599f40483121", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d" -}; - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_192_encrypt_c4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede", - .p_ciphertext = "6db3bddfafa0ff9de90d9f93e36cca46c1db3328aaf77dd0ba1897508a4bc2ac", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_192_decrypt_c4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede10101010101010101010101010101010", /**< The 16 padded bytes (0x10) will be removed in the actual generated plaintext. */ - .p_ciphertext = "6db3bddfafa0ff9de90d9f93e36cca46c1db3328aaf77dd0ba1897508a4bc2ac", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d" -}; - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_192_encrypt_c5) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=31 pkcs7-padding"), - .p_plaintext = "dedededededededededededededededededededededededededededededede", - .p_ciphertext = "6db3bddfafa0ff9de90d9f93e36cca467f585ccd3aebaab4fd3f8a1b4a1183f8", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_192_decrypt_c5) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=31 pkcs7-padding"), - .p_plaintext = "dedededededededededededededededededededededededededededededede01", /**< The padded byte (0x01) will be removed in the actual generated plaintext. */ - .p_ciphertext = "6db3bddfafa0ff9de90d9f93e36cca467f585ccd3aebaab4fd3f8a1b4a1183f8", - .p_key = "73befbe26caa000bb57574a7d33ad60019b40c7a3ac6562d" -}; -#endif - -/* AES ECB - NIST CAVS 11.1 GFSBox Tests 192 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_gfsb0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt GFSBox 0"), - .p_plaintext = "1b077a6af4b7f98229de786d7516b639", - .p_ciphertext = "275cfc0413d8ccb70513c3859b1d0f72", - .p_key = "000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 GFSBox Tests 192 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_gfsb0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt GFSBox 0"), - .p_plaintext = "1b077a6af4b7f98229de786d7516b639", - .p_ciphertext = "275cfc0413d8ccb70513c3859b1d0f72", - .p_key = "000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 192 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_vk0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "de885dc87f5a92594082d02cc1e1b42c", - .p_key = "800000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 192 Encrypt - Count 191 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_vk191) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt VarKey 191"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "dd8a493514231cbf56eccee4c40889fb", - .p_key = "ffffffffffffffffffffffffffffffffffffffffffffffff" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 192 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_vk0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "de885dc87f5a92594082d02cc1e1b42c", - .p_key = "800000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 192 Decrypt - Count 191 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_vk191) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt VarKey 191"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "dd8a493514231cbf56eccee4c40889fb", - .p_key = "ffffffffffffffffffffffffffffffffffffffffffffffff" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 192 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_vt0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt VarTxt 0"), - .p_plaintext = "80000000000000000000000000000000", - .p_ciphertext = "6cd02513e8d4dc986b4afe087a60bd0c", - .p_key = "000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 192 Encrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_vt127) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt VarTxt 127"), - .p_plaintext = "ffffffffffffffffffffffffffffffff", - .p_ciphertext = "b13db4da1f718bc6904797c82bcf2d32", - .p_key = "000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 192 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_vt0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt VarTxt 0"), - .p_plaintext = "80000000000000000000000000000000", - .p_ciphertext = "6cd02513e8d4dc986b4afe087a60bd0c", - .p_key = "000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 192 Decrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_vt127) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt VarTxt 127"), - .p_plaintext = "ffffffffffffffffffffffffffffffff", - .p_ciphertext = "b13db4da1f718bc6904797c82bcf2d32", - .p_key = "000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_16) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=16"), - .p_plaintext = "60bcdb9416bac08d7fd0d780353740a5", - .p_ciphertext = "24f40c4eecd9c49825000fcb4972647a", - .p_key = "61396c530cc1749a5bab6fbcf906fe672d0c4ab201af4554" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_32) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=32"), - .p_plaintext = - "64145e61e61cd96f796b187464fabbde6f42e693f501f1d73b3c606f00801506", - .p_ciphertext = - "502a73e4051cfac8fe6343211a129f5a5f56710c41b32c84da978dda2cec34ad", - .p_key = "c9c86a51224e5f1916d3f33a602f697afc852a2c44d30d5f" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_48) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=48"), - .p_plaintext = - "07d3781a71e87b8cf12cac4616f9c7a819be57a0770a7a66e0e6e469506" - "826897c8530866f2715b8757f0f01389dc301", - .p_ciphertext = - "0b0455954e477e87d1a338414f8ac4d760efb70e5770e5d496b31152cb" - "07e9316378f7fd38c6903b31d4f1b1a53931af", - .p_key = "c4854919c324d381bbef9bea771172f6e4563ffbd1e1e956" -}; - -/* This test vector file is very long. Chop off a few if this is set. */ -#if defined(CONFIG_CRYPTO_TEST_LARGE_VECTORS) - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_64) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=64"), - .p_plaintext = - "096612f4111ebdb9accf5efbb973589e5a2c9103407ed2da29bc7137a6c02de822df59" - "07201d3dcbc49cb9a3955b2b86811d938422a6f5a23f2dffe4960fecab", - .p_ciphertext = - "d375e1af5fcd03e31d0f735f6bc5d7e773bc34ff3eb706be85842f998e4e361303825b" - "848170608f300ad1ced848b5233477f53710503c55736a730595599964", - .p_key = "3deecf7a037ebb2ada805e8059bfaeaebb195cace379fcd2" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_80) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=80"), - .p_plaintext = - "6f825ad0e2fcabd811db11e2840f0884470b87eaa678e329342bf0d1125" - "569c16dfa924049a51b497d594825ffca4f4062cd02359d0ead2b0e0142" - "64bf1bb313e741a06eb4813205470047520133cf91", - .p_ciphertext = - "e6128a9fb497b2ec0d0e9fe1b24e691ea36c0628eb55046b2f20de9d28" - "1dd9dbbbeaa0519a4875d3516b15022330163b2798a9102ee9d141a341" - "6c1a277442d4cf1fec87ccea571a23b91a461991ec0d", - .p_key = "0c0333d8fe3e99a1eecc120d6b54bb8faa888d12794de93e" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_96) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=96"), - .p_plaintext = - "27756c11f57c40169f95f25141fb1a07d9444d864e4c43b9b16f39fbc2fb9529b6e4c9" - "fb37ba7994add9e057bce070fd0d64b8e452e58baa84005ffb6fe7f3a7710f35f87f28" - "624268526fbb5e8ea88db272972adf2227e0ca7b09ad48915754", - .p_ciphertext = - "7516e53877236e931e7fbae22ed2ca5116b72a700f6e397c2aa47c304b3f5c2a026d89" - "831a5104ae7b73ef48de709c1b9e661ae973dea6bb38217a7650228ccc6b228b33f567" - "121427e9f21cbd3ec6aa35ebba336f51ed8e4bf6e75c5866bc20", - .p_key = "b07da99fbe0b193e5336141a9819974b1a9a4102129db861" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_112) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=112"), - .p_plaintext = - "1e49e9541ed0f97023f8205e71fe75668680f12fb5902d7a11066d108c1" - "adef960321cefaef8f71365b077de66c91e59e6b16c9113eea945fa6bde" - "e3a80f25b38f9422512c97d260e7eb837d3b33247216b0bfac835744f08" - "627884947b98d4573190460e0d410c170524d2437661118", - .p_ciphertext = - "a47e7d0d8266595792bc980bf3c47822229e4428cc91aa1b15519823a1" - "33dd479a4664ec8408b4d9301760454ed2037279d996eb1ccc98df7766" - "0aa97422dca1c54d7bfac37223d0caee6a6b34d760e767b9595f7f3bb6" - "31d6545a7442d3497a7b85054e8b99d24e65df985e5bccf450", - .p_key = "80da652b1844dafe4fd4ca8ccc26b564b263711723b6cd48" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_128) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=128"), - .p_plaintext = - "823fade2722805e4948db57639cbb67d477d4b01319d927826ec594789933486a20acc" - "0393397a8a8ddd1564432e081e9fbfa78cb4a5c30cf5db7b0fa4e556d68db48f7af3ca" - "b02fcb9e62c928428480f7437af0ecd1c864bc1fdf538d0d362baa059d4e7c22cf5ab6" - "9846aecf50532ab5d26d35c068ca05e4802c1b2c53fe0c", - .p_ciphertext = - "52c54ec4345e776b84952f5803ad3a52ba4cfedb32c2dc146ecc8813705f02fd3d4d55" - "9027e895e2ba29710396272436c398fa12ba02c85c02947df8035647334bc6c53e1d71" - "6f582206c8538f397784c3e42f535b68e8151b3cff71a82d2785b0eb298ff63aebc5d8" - "22549f44fbbcf0b69114323c9572d0bf674332fac3b57d", - .p_key = "9a35954f400034b29c9f85766a255cf1393dccb8d6c93e65" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_144) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=144"), - .p_plaintext = - "f4d46d6ac9969cb6994c4f5f97a58634e5927e52bfaa82a2f7cc04a3a10" - "6ec6a0fb530e700eea569141d156483ec91730f670899375d19ccae0926" - "b40bf1aab0c20fcc1a532f34ccc1981de246eeabc245577f5a80dd8aa98" - "b141e8181fc4b8bf528688b2b20f0e58805906148737d2b6fab0b1e02f2" - "7c417634159269ed7803904a2dc3f18b82be52ab9567f143afb5", - .p_ciphertext = - "a61376ae4c6f8fef51736087dd54ddc6cd917735386f73ff95884d9273" - "9d1af4a65386ad396fa01def9e3381133e2357506215519c2ebeffff12" - "c35a70fb149d23f035d026ac1d24e5ec81f5c28684b4a203c29aaffc54" - "794cabd3885090fc871cb8d4569190a39e3d34df87c3e05245ef7de485" - "6d103e2a780361115f78e227622f93b7f9c2fd8390bfaf23a06cb348", - .p_key = "280a05e6ba0542e4e16dafe63d738fb4c544241b6626729a" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Encrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_160) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt message_len=160"), - .p_plaintext = - "7c727bd3e7048e7a8995b7b1169ae4b5a55e854bb4f7a9576d7863ab2868731d307322" - "dcca606e047343676f6af4d9cf6ebf2bf9c95d87848d233c931e7a60eff08fb959924c" - "de1eec8699ebc57890e3887024ef47c89a550018788d1faa3250452e06f148af25f07b" - "c613cd2f0e501a79d738d4361f28f34dbee24034e03367b6b8d34df3738ca3a86b9ebc" - "b09e639bcb5e2f519f4a7a86fc7c41556404a95d", - .p_ciphertext = - "922812ad5feacdf11fe7fdae96300149419e31cff54061b3c5ed27fdb8b50c9c0932b5" - "22a6c04e482499b011ef3c3e9dc56a1a61cfeb78b34032d26dbdc3cac51a3279bc934b" - "9bce2d9c19bf858235613ba784e48e292d22c6b5a28e1d1bb860524fb7b5f9b3d9a5f4" - "da66e340585bd2496fe6d6942db8d05d716fec03b17d19abb58b33332e24beaec7995d" - "69525364fe139aa1fd62054668c58f23f1f94cfd", - .p_key = "4f41fa4d4a25100b586551828373bcca5540c68e9bf84562" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_16) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=16"), - .p_plaintext = "49aabe67da5322b6e11d63b78b5a0e15", - .p_ciphertext = "21c8229a4dceaf533fe4e96eced482a6", - .p_key = "f2d2b82280c2592ecfbcf500ae647078c9c57624cde9bf6c" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_32) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=32"), - .p_plaintext = - "71b805feb56aaca22049073db10ad696751a4818b7005ae35eb3111cfeafcac8", - .p_ciphertext = - "e741f38ed720877b53264ce81bdf2e5ea5b97163710ba29e9755cd3ba2caf091", - .p_key = "4bb83429faaaa25265f65c8ebb1caf815916810defe89281" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_48) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=48"), - .p_plaintext = - "7991ecf8ec98c6da6a27ee89055783f7302f5cb063f9c67084850702dfc" - "9d64834536ecf524dc10f8504c1b132101ce5", - .p_ciphertext = - "d1568d45f495112f12e37461aacddbfda7a71d0a40dacb6c1d7e6e13bb" - "2c0f72110dfd337437ca29b83a978698f5914e", - .p_key = "2ad0db3278b7f6afd75a0cb62b6132d36449010ef509a5b6" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_64) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=64"), - .p_plaintext = - "9b540d3eb0bf52210aefe3b1929b3e43561c4110fb81520d41d671fc0f404dcddd879e" - "f4a70f93311e6b034a6020e2b4fd5161748b57b61e7cbbd1d8e1d2cf42", - .p_ciphertext = - "fd71fec985a92046a5c0b633112bb2cdde3581d98bf4323b417bdbc55a51384d212296" - "02d8b5ef00001e5721d4359616174617b70f0a0198d2d6a3ddc013154f", - .p_key = "b7f4c377e6233c34717e7ac9040d369ac66c6d3f3b1e627d" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_80) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=80"), - .p_plaintext = - "f7058804932feae0851aca9be500c54ec35b3552dbb1417d81de51b0b0f" - "3209dc999302369f25b1f133dfdbd9fe50b6834273806ef525c61ec4f5e" - "88714cb945b0fa6481ce75bbff50e8eece1527baa7", - .p_ciphertext = - "e24ff85f7ae75226ddd393972c3f836a0fc4aa13f997b896ae01249b03" - "0f12c5e58a7a409d29879952063dd3d04f5fb7883e906bd74bb8468ba0" - "a9e3a3cd037456bd545957e884f258cb71b1cd95d673", - .p_key = "f714e621c97768d82eea6bf98ebf4a82c005262188ff894a" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_96) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=96"), - .p_plaintext = - "482466fe1bcbeb5ce8d21eb3b2c30997d36d4dd55f21e8271ad0b1b0cb12be86702eda" - "3879db2838ee3a55fe9aef70c86118ac30b44030b7b53f8b21daba1a4c0137f58e1832" - "aa8247809746e33da9a45ba6431d261546a9784c321be360d32e", - .p_ciphertext = - "2a81ae3d397c7cd3b9746db43cc04b137261e5124c9158ed609e8d7590f903c1e68acf" - "20c347e151390588f7b58e3947e1f38c04c82487ad3cbd1ff57423fc73fad07d9bc5eb" - "fceda11c536cd89e9e520b96430261a3303ee4b6649a2724b130", - .p_key = "7c045f663d668e1f7ba80f06d0d25fefcb00b7808aaa3e95" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_112) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=112"), - .p_plaintext = - "723e9a19c8526d312c75beef81c398dd3371594f98e7740ed9ffd65e347" - "fde28cd677f58284930c6f45c61365103f24bc28034fb19f16549e0acbc" - "af141952e44df19e9256789a5054e8196eb4c52dad29a5e683cc668a78f" - "a43526a0fc62c88229448098ef3d9bc237ff4f97a2e9491", - .p_ciphertext = - "fe9a6e64dc5a5e485c96b854299ba3e6b958610780c325f1647825cf70" - "a3f1c3cc21032dede2972b0992bd5cce78acea539e59c74f324836892c" - "a28e8f31893aabb7a805136b0e9560cf3c3441287cd771977558e686fd" - "074c452e61b1f5bc1f82a68573b6bc6a8e49975e65ec73bcb5", - .p_key = "0b4bd7be14e239620c8eb992a48ab50b3815849401d04e83" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_128) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=128"), - .p_plaintext = - "34a8cbb7afab72a8e5753f04a5d18726f1f0a9a92e02f593d78d28c9dd50377af7bd4e" - "fa3eeb7b71ca7beb420161358088e2bdc295b65fcbe6097f7178a278b601a26102afd3" - "41f8c94f89b792ae421fcd458879704e9224f102b6ce204c55df73e15539d2fe04e8dc" - "3e25e9e893994b5ae2705d65c01e0586ca4b18abf14f30", - .p_ciphertext = - "557d3629e71ba544a20abaa2f314e77b844ac791609b5f6359a6a5a4a7cd3eebd18b8c" - "acd107e86773e92c1ffe6c750e16b42797e163317c6967925141151c316c7c77af7af3" - "6a0ff4f556b7fa2f03e02bd69f91c53e04ce0da93a0df25d3de9edf9001a2b08b1a5ee" - "d73f5031841a598b583a67555662c10f14a6be00ca2b7d", - .p_key = "f5bd199c43e9917dfddf8464483ee605587d21ad907f5c7b" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_144) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=144"), - .p_plaintext = - "d09b7aa92197e1a6a42d67a02091bc10f8b59cfea963d8ea279e8cd46b5" - "17508817aab5d4a7627ea39ad27b03a3b1c610f724bad22996d8249a4ea" - "b076e3091100da1aeb20698c00879b1f44549cc5209a0ee3a2f897355ee" - "d420cfa42a141944e904023bcd099dda51eb5444adbb30d920f887dc043" - "62783c2fed4f336d5c0631acef029d95b545dcf9d0c40df2de6b", - .p_ciphertext = - "c11a65accf2faa952d078713b6a73c7648fe4a4b0f1cd82d06a055deba" - "6f5f9652ace39acce48611898844130ca15704ffbf5b207632af56787d" - "1e5abc08bff6b01519a1bff58b52d47cec961ab26ee107cbc821985a94" - "99dec1f5edb9ec7e79e43f4fe731cc810116cac5c3694247b5680cd978" - "fcfa4d9e3f5322bf3b8364c8f510cd97aad030c5585a18c380baac29", - .p_key = "2f8118dd5b2ec401b9f501cf0149cb65ac451ed943e25e15" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 192 Decrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_160) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt message_len=160"), - .p_plaintext = - "b8bb5ce53a15aa6dfdf2cb61bc8e3617d1d0fefe9ba5d175550470e32397f6f3b3e65b" - "43bded2b21e5c181d3c4c4c526c41ceab044289508458048b63352dfc379de373fd19a" - "2c900c43524b75949e677cceda866f7f2bcc4844ef2e5dac5b804b4045e657c8156d1d" - "cdb43cbf2f5e00a4f9255e3be2439436c4d0449a8d2c4c1a56bece98ea0fd68abaf123" - "98039994aebffc692b9000e580479b4f4b28b5fe", - .p_ciphertext = - "952f4546a8bf7166964917ece01bda3c6857e427cef5da0ff90b0e4bf44cf7ccfccfdf" - "01d713dcf9673f01c87eaed52bf4aa046ff778558ea396dc9cd240716136386148a5c7" - "6378b3ffcd40864407b8e60b40a594e0619eddae3f6d6e3b15b86af231e1bae5ed2aa5" - "12e11da0e5572b67ffff934c36e585cfdd9f877045cb19c183b994bf74645862ffa726" - "739aadcb9e10aaffc881c88ca3aa65b37f667bcb", - .p_key = "9cc24ea1f1959d9a972e7182ef3b4e22a97a87d0da7ff64b" -}; - -#if defined(CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS) -/* AES ECB - NIST CAVS 11.1 Monte Carlo 192 Encrypt */ -ITEM_REGISTER(test_vector_aes_ecb_monte_carlo_data, - test_vector_aes_t test_vector_aes_ecb_192_encrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Encrypt Monte Carlo"), - .p_plaintext = "85a1f7a58167b389cddc8a9ff175ee26", - .p_ciphertext = "5d1196da8f184975e240949a25104554", - .p_key = "b9a63e09e1dfc42e93a90d9bad739e5967aef672eedd5da9" -}; - -/* AES ECB - NIST CAVS 11.1 Monte Carlo 192 Decrypt */ -ITEM_REGISTER(test_vector_aes_ecb_monte_carlo_data, - test_vector_aes_t test_vector_aes_ecb_192_decrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 192 Decrypt Monte Carlo"), - .p_plaintext = "b63ef1b79507a62eba3dafcec54a6328", - .p_ciphertext = "d0bd0e02ded155e4516be83f42d347a4", - .p_key = "4b97585701c03fbebdfa8555024f589f1482c58a00fdd9fd" -}; -#endif /* CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS */ - -/* AES ECB - Functional test using test vector NIST CAVS 11.1 ECB KeySbox 256 - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_func_data, - test_vector_aes_t test_vector_aes_ecb_256_functional) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Functional"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "46f2fb342d6f0ab477476fc501242c5f", - .p_key = "c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558" -}; - -/* AES ECB - Custom test vector - Encrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_c0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d" -}; - -/* AES ECB - Custom test vector - Decrypt - Message length 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_c0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d" -}; - -#if 0 - -ECB padding currently unsupported by mbedTLS. - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_256_encrypt_c3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de", - .p_ciphertext = "884506eb1952533a9020db23b501558b", - .p_key = "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_256_decrypt_c3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=1 pkcs7-padding"), - .p_plaintext = "de0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f", /**< The 15 padded bytes (0x0f) will be removed in the actual generated plaintext. */ - .p_ciphertext = "884506eb1952533a9020db23b501558b", - .p_key = "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d" -}; - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_256_encrypt_c4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede", - .p_ciphertext = "758dbc3193a5d4edbe88d59d5488af319e10a9035476d946d238f0e5813f3678", - .p_key = "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_256_decrypt_c4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=16 pkcs7-padding"), - .p_plaintext = "dededededededededededededededede10101010101010101010101010101010", /**< The 16 padded bytes (0x10) will be removed in the actual generated plaintext. */ - .p_ciphertext = "758dbc3193a5d4edbe88d59d5488af319e10a9035476d946d238f0e5813f3678", - .p_key = "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d" -}; - -/* AES ECB - Custom test vector - Encrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_256_encrypt_c5) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=31 pkcs7-padding"), - .p_plaintext = "dedededededededededededededededededededededededededededededede", - .p_ciphertext = "758dbc3193a5d4edbe88d59d5488af31946e8b4acfb239142704b12f8cd961a0", - .p_key = "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d" -}; - -/* AES ECB - Custom test vector - Decrypt - pkcs7-padding */ -ITEM_REGISTER(test_vector_aes_ecb_data, test_vector_aes_t test_vector_aes_ecb_256_decrypt_c5) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_PKCS7, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=31 pkcs7-padding"), - .p_plaintext = "dedededededededededededededededededededededededededededededede01", /**< The padded byte (0x01) will be removed in the actual generated plaintext. */ - .p_ciphertext = "758dbc3193a5d4edbe88d59d5488af31946e8b4acfb239142704b12f8cd961a0", - .p_key = "c9defba265de96a179a1128c2b5ef0edf6365c3064df88e2d46b2bfae20b599d" -}; -#endif - -/* AES ECB - NIST CAVS 11.1 GFSBox Tests 256 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_gfsb0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt GFSBox 0"), - .p_plaintext = "014730f80ac625fe84f026c60bfd547d", - .p_ciphertext = "5c9d844ed46f9885085e5d6a4f94c7d7", - .p_key = "0000000000000000000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 GFSBox Tests 256 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_gfsb0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt GFSBox 0"), - .p_plaintext = "014730f80ac625fe84f026c60bfd547d", - .p_ciphertext = "5c9d844ed46f9885085e5d6a4f94c7d7", - .p_key = "0000000000000000000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 256 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_vk0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "e35a6dcb19b201a01ebcfa8aa22b5759", - .p_key = "8000000000000000000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 256 Encrypt - Count 255 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_vk255) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt VarKey 255"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "4bf85f1b5d54adbc307b0a048389adcb", - .p_key = "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 256 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_vk0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt VarKey 0"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "e35a6dcb19b201a01ebcfa8aa22b5759", - .p_key = "8000000000000000000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarKey Tests 256 Decrypt - Count 255 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_vk255) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt VarKey 255"), - .p_plaintext = "00000000000000000000000000000000", - .p_ciphertext = "4bf85f1b5d54adbc307b0a048389adcb", - .p_key = "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 256 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_vt0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt VarTxt 0"), - .p_plaintext = "80000000000000000000000000000000", - .p_ciphertext = "ddc6bf790c15760d8d9aeb6f9a75fd4e", - .p_key = "0000000000000000000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 256 Encrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_vt127) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt VarTxt 127"), - .p_plaintext = "ffffffffffffffffffffffffffffffff", - .p_ciphertext = "acdace8078a32b1a182bfa4987ca1347", - .p_key = "0000000000000000000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 256 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_vt0) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt VarTxt 0"), - .p_plaintext = "80000000000000000000000000000000", - .p_ciphertext = "ddc6bf790c15760d8d9aeb6f9a75fd4e", - .p_key = "0000000000000000000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 VarTxt Tests 256 Decrypt - Count 127 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_vt127) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt VarTxt 127"), - .p_plaintext = "ffffffffffffffffffffffffffffffff", - .p_ciphertext = "acdace8078a32b1a182bfa4987ca1347", - .p_key = "0000000000000000000000000000000000000000000000000000000000000000" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_16) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=16"), - .p_plaintext = "ccc62c6b0a09a671d64456818db29a4d", - .p_ciphertext = "df8634ca02b13a125b786e1dce90658b", - .p_key = "cc22da787f375711c76302bef0979d8eddf842829c2b99ef3dd04e23e54cc24b" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_32) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=32"), - .p_plaintext = - "7e771c6ee4b26db89050e982ba7e9803c8da34606434dd85d2910e538076d001", - .p_ciphertext = - "a91d8b2ddf37520bc469470ad0dd6394923143ce55386beb1f9c4bd51584658e", - .p_key = "7a52e4d342aa07255a7e7c34266cf7302abe2d4dd7ec4468a46187ee61825ffa" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_48) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=48"), - .p_plaintext = - "68c9885ba2be03181f65f1e04e83d6ba6880467550bcf099be26dc9d9c0" - "af15ab02abac07c116ac862a41da90cfa604f", - .p_ciphertext = - "a7603d29bbba4c77208bf2f3df9f5ec85204adce012299f2cce7b326ce" - "78f5cf8040343dd291e8cf9f3645726368dc20", - .p_key = "605c4139c961b496ca5148f1bdb1bb1901f2101943a0ec10fcdc403d3b0c285a" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_64) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=64"), - .p_plaintext = - "351fee099122e371c4830f409c6c4411186d22176f7138b054f16b3c79679c2f520685" - "651ba8e4b61c08dccb2c31982f743631a97524d2ca4d351ac23546c178", - .p_ciphertext = - "8b9c9e692c16e7059818e285e85d8fa5433dee2aff9fec61d6a0a781e24b24f64902fb" - "d18cef7461ad7760cfb2442fb74ffd9be108a386545f2a216430ef16fb", - .p_key = "f984b0f534fc0ae2c0a8593e16ab8365f25fcc9c5947f9a2db45b588160d35c3" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_80) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=80"), - .p_plaintext = - "4b4b12d6ee6fc0bf987eaafe2634aad464781ff4c83d3f8a61a6af7c0a6" - "d51f0e3855d0e02feb307652a6f562bfebe4604baf1b4e7cdd01603f231" - "bcf7a0c95645a141b704008cd8d62979201a4c84e2", - .p_ciphertext = - "fa18d25e37ea0ce94f0949efc0edecc6a40fada8f007fd8e760afed0a8" - "3ebb350c82b03baaa6ee19f791bb9bd1b44d27a76fc6eb0e1c0017d687" - "76ed69a541851a732e46ef328def064baf6a0a755588", - .p_key = "ba42b760bb5a5de21acb9aba214c9783cd71ea841ada018580abc4e1be3b76dd" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_96) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=96"), - .p_plaintext = - "b36809198132518d815aa37f32f40dd7a952ec8bd63355700837b450b396b33c72125e" - "23482a84a42b916021c3de78156f85c6a78906167feb64afd8b1d935d641c8ce1a89f3" - "849588eeeb9910d40336ca385fc37a5e87bb84ab9ccbb05b3a28", - .p_ciphertext = - "7ae803b14914d156439f580c02c592bf9a41b7b80c20168129a33fae2290403f01a6fa" - "be4fea7ac770ffbc6c421f8e013b9e831674ef17eb27d446dded3baf50686b809c18b6" - "bbd588cd3c7423b64987e9164b7e1e66987dc9319790ae27b3e8", - .p_key = "1d29079cc34ab5a3bc713f416a129f9d26ada15fca458cc2731404ea857d2f79" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_112) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=112"), - .p_plaintext = - "e199899e1e12cffcb28909aec51b36c2f96fab49ef32b9650cc38aa37d2" - "f4c8b785f9176c590f6a07e04037e13f7535290d5f5fc23aa1113d9dacf" - "34a812749ab27ecfefc83dd3622d1285fa9d5c192a8e4857a5b6454473c" - "db8ff4594f1e906165e08b22effae6b491a55ca6d30ce73", - .p_ciphertext = - "2c4998428e72f6d96e982a316f73bf2a7da81730909b65403489ab92ad" - "a6de11882d08742f90f0f109d3420b00b8abe6873f4fdd1474923da2c5" - "bdea2e4523ffca2132015ecf7c9cac9de2f956b112c4ba8e4c8e4b354a" - "3df6e4652d6a77ae982a24d15cff71b979538d49994fd38761", - .p_key = "2e39c585ce4900d323ce29713bebe73a1be08a0cb22e9f1310fcc14ad4b9b23e" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_128) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=128"), - .p_plaintext = - "0f5321db6fd9d816d88e28183a739d90974e76095caa9f12f11fe49c8fd35fa3524132" - "118f397cdf6728857d9c9a3c74a4fde44afca80aa5bf1cbab47789f2cb3394574dda57" - "27cfbea96f7a74a07eb1e45599f49ce7f0056ac3d14929221c70dbd3f759f83ac22f06" - "994ed96a8e49917eddfdd2e3703b78199c91234ca6c3dc", - .p_ciphertext = - "2ac6de212da0434bea9cdd7332637307131d31e8c4b0c1fd02298e249bfa9f64f34aae" - "45faadf79d971ae82b033d903f6b18adec171ec83ccd147b44d05dec5cedb574534e89" - "01385534c3f1dae4aebee0eb2164975e8b4e85a7b5a766ffd8247885c2b6429eb659b9" - "2c8d953af92b54517933566654d804665112bec17ff3a4", - .p_key = "85405c4f0ebbe8f29228f02f1ff184e2f5e7857e8933c2a1d08f61ecb9b68111" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_144) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=144"), - .p_plaintext = - "3637f71f60a430322980349ad414fcfdc14f87e9915d210e8b7be5aa3e0" - "9814468e0399d17e72fe40ee1e1296a89f31486e12fd71bc7ca61acc9e8" - "d4213a633ab285c87406c2a3729c87fdaa6b0122c2c543a89081ddac455" - "9b15fe59102c2fbdacead8a755e16469b1b90041da31270481cfafe0bc9" - "51235cda51c4d78924efa862efc9ace20fc7d344a321c9984a84", - .p_ciphertext = - "ca0a683e759c1312928fe01198f625bba044bb9003e82b9279b6812fee" - "fe54e30ccc0ca51fb858eba9ed4667e85c146a424071e7bf603f1f538e" - "ad57a3e29c583549c08e279bb078cc51e42eeb3d2443da965192cd0478" - "e8d7ea1343cf90196f520933e3aab6db2dcd9a76534e05483eea2d373d" - "eae95d6213b91db2b96aa6adce727cdf7e43bd01978d07e0241cf1c1", - .p_key = "f157285db00e64c2791668a54493966e3039a19426605056b95b7eac5106667d" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Encrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_160) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt message_len=160"), - .p_plaintext = - "c91b8a7b9c511784b6a37f73b290516bb9ef1e8df68d89bf49169eac4039650c4307b6" - "260e9c4e93650223440252f5c7d31c26c56209cbd095bf035b9705880a1628832daf9d" - "a587a6e77353dbbce189f963235df160c008a753e8ccea1e0732aa469a97659c42e6e3" - "1c16a723153e39958abe5b8ad88ff2e89af40622ca0b0d6729a26c1ae04d3b8367b548" - "c4a6335f0e5a9ec914bb6113c05cd0112552bc21", - .p_ciphertext = - "05d51af0e2b61e2c06cb1e843fee3172825e63b5d1ce8183b7e1db6268db5aa726521f" - "46e948028aa443af9ebd8b7c6baf958067ab0d4a8ac530ecbb68cdfc3eb93034a428eb" - "7e8f6a3813cea6189068dfecfa268b7ecd5987f8cb2732c6882bbec8f716bac254d722" - "69230aec5dc7f5a6b866fd305242552d400f5b0404f19cbfe7291fab690ecfe6018c43" - "09fc639d1b65fcb65e643edb0ad1f09cfe9cee4a", - .p_key = "44a2b5a7453e49f38261904f21ac797641d1bcd8ddedd293f319449fe63b2948" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 0 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_16) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=16"), - .p_plaintext = "8b2b1b22f733ac09d1196d6be6a87a72", - .p_ciphertext = "4154c0be71072945d8156f5f046d198d", - .p_key = "a81fd6ca56683d0f5445659dde4d995dc65f4bce208963053e28d7f2df517ce4" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 1 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_32) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=32"), - .p_plaintext = - "a8fab53790af3519cf21978e3cf03ba8e52b902be23311bf17f1ad2c5ff37c16", - .p_ciphertext = - "0a5f3278d7d96632e0508391e813f06b35d8d754ddf5867240d3168dd69f4a66", - .p_key = "bc1415aa119c29a9a27c0ea9d19ed50ace86c488b8e39d6a056424fb23cddb3e" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 2 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_48) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=48"), - .p_plaintext = - "f17733de8f763110ef4b305594936ca2bb75119ad65261be32ba919a2c3" - "ef8b8f1c42f62b8474362e53ee7cc6c82a647", - .p_ciphertext = - "c1c83fa3cd3d52524876e715bc28efe7c7c4256a139e9d2c874ea029bf" - "56b792ba0606cdd39ddbbdf3b1874304d16d05", - .p_key = "0d0ec1b61ebc5177c4513ef1d7d5bb97d06abaa2d33710a8eda6d3709acf0705" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 3 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_64) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=64"), - .p_plaintext = - "959b7d696e2267f3d465f6f77ff2453296cfa54843363981484853e67cc21d340b803d" - "6d653213d1037b81d849c5acc361771a5a072c9c29d6bc5096c38c9c86", - .p_ciphertext = - "254c015626baa3ed2d7f05f5d0a98c8cc2f29dd7a4410ea41d74db4e2c5d1be1bd0a32" - "7f7b4a4703e66cf9e3a54a4d5b1d87ebc842148b52adf9aacdf05281e1", - .p_key = "ae67999eb240a9e5b6e3f0bd6b504530000be51343b8bc3b0ae8e0eed1335f98" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 4 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_80) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=80"), - .p_plaintext = - "5889ad2c09a6307611e6115a78c13566de05b5892f7850fb917f83898e0" - "7486cc9ce746e891db102a0f570d7ad3c2804f40cdfe23bcc8b2c8a3bfb" - "a48632892d3df3bb7bbd1029b915cab2faf281c4e6", - .p_ciphertext = - "ea1fd2f064548906ad10ce1240758868ed9fb32921dabe18681232a830" - "8b955ad0d28e45c9f34af64bec1d7bfb626dbbf393cc090a8c64f8569b" - "9870f008e801f7001578d8d286b0cc5eebaba2c920e1", - .p_key = "dde079371133ebd68df061b56f0efd3a14c137ced35a30e0eb68422cb924dc3d" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 5 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_96) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=96"), - .p_plaintext = - "a56e000be19eced20479cbe8964fdb366c437ca3b5fd9d04c339c1a51bdb0aad46df1b" - "78ef05b02e492464136155d76dd32c3b4aa4198c3926cb75d2578434ab4fff0894508b" - "6f60ff39686a0fd151d1bffba7a786b1bc02acd2d23b56e45749", - .p_ciphertext = - "59722586a56ed6c8207d6a0a9f7278588f5203782fb64e6ffd71f1486d732d10e1ed7d" - "25d6b66db15beeaf71c8e16cbbac2dd8bf0728090dba7c09573b142a788d3c99b67003" - "3644d5e4a30b94a69bab618186bcfd824a59a93163dfe07036f2", - .p_key = "d68a345159178b9bd2e3bd7a13c9512ee9b397944eff81a8df28b44890a2df3b" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 6 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_112) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=112"), - .p_plaintext = - "34467d07c2e49c44e9003da836786169e7c0fb54f1e2f178387c2f759d5" - "0809ce84d6705fe6350907d5e945e262af378753163f5569be9c09c874d" - "254dde2545898d4cbd2eaa1ade9c8a02f8d76d418565d02075e082999bb" - "f6f2ba985f65f17c73cc0cc29ac04824db98b3cc2b77126", - .p_ciphertext = - "bed9f2db31ebbfac57f3745e0dacf71087cb35c94326b9ba3b1b7dc35f" - "30003942f798e714350a52d0425842b6b3da7dfc3790d6c1bfb76642e2" - "9a1a507fab6e02a4d277a7ae0527feb219cdaa1cd8dbe09653ec632c7a" - "05b2ade91b7f5405d664a74895d2a0d9b24a0b6007cf2f18b1", - .p_key = "5a20ff7da47c7e853becca0ca5f32bc80e17de973337146f7e1f3c93725a850d" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 7 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_128) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=128"), - .p_plaintext = - "51c527c0985369234a599f476731e8b51ac7a44bfbe37ec71a641ad71ad464f9e45467" - "d82a0d101f67043b87e2da34de183459295000cea9e0f0ccdd82270fc70b880fa80104" - "e0b78b7a5b1620dee83da84702223b277a0966b10ddf44ef06b98e48788092c763895d" - "95f13fd389fff5706e70876d5af8c197cdebb38a4d2ba6", - .p_ciphertext = - "496553f24d47264ef74a584b893ccd4ea1cfc0b1044aac15997e6dfab9fca28da68557" - "c058c2e1a0803508e4c7706cc1568521069cbd9d644b8dd40da4c5a182f50b68a56088" - "fa16dde1b8bc8269fca20395b40575b050ab57cfdf76d208743840dfcfc9ec01395718" - "35b0fe458f4498aee6c1d716898e91c32ed55acb2be458", - .p_key = "082d33edd0a1ad3de596762d711bae6f3188a12c7b6ced987fc7e8c9cd7a3cc9" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 8 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_144) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=144"), - .p_plaintext = - "5f967e10da68887567b514293149697212888efc9fd90604459f8a9c4fa" - "1f4117f0214fa675b680571bd980cf941bfccd4826e1fe1420a0ba59554" - "341b507e760d2d85c7219b3f5e261eef2d201bc134d2ec32d8b97157e3d" - "e91f1c312b26ff193e637bf78012850f23d0536715e51a68be730c55375" - "774642345e0daaa4c40185985cab38df09dac9a688e6b597d327", - .p_ciphertext = - "2b3c036be68fba7a625dc72a0e68b6677326f8751714e0e1a14df2b73d" - "5b5df5424dc640130947d643e4b8c4fc702d59a195bfdab2e49077f027" - "097ec23d66cfd82575900e589a21935c17524a968ad47060b7ee805b88" - "71530652ee8c905a2633eb98c2a022bb459bec6d3ec181d7c22aac6819" - "4822d2b81212566f62fd42e49cc8b8409110b028a3bd40ef29da1c0a", - .p_key = "3e1934554952b87a07d6371721f4d78a0e9adadc42be7347a2fcd8f53c81990b" -}; - -/* AES ECB - NIST CAVS 11.1 Multiblock Message Tests 256 Decrypt - Count 9 */ -ITEM_REGISTER(test_vector_aes_ecb_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_160) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt message_len=160"), - .p_plaintext = - "31fd5a307e279b2f34581e2c432379df8eccbaf79532938916711cd377540b9045373e" - "47f2214b8f876040af733f6c9d8f03a7c58f8714d2fbb4c14af59c75b483adc718946e" - "e907a18286cc4efd206789064b6f1b195f0d0d234468e4f00e6f1cad5cd3b9c0a643b3" - "c0dd09280ff2e2a5929183409384dd72dc94e39687ea2b623d5d776700bd8b36e6130f" - "fde966f134c4b1f35f29c5cc4a03297e1ccc9539", - .p_ciphertext = - "2c487fa96f4090c56aa1b5be81918a934c9492878fb0cd686dcf8d17d86485454c5123" - "7bbd09205dcef1552f430dd098b9d827a694730c133a0222c77f540f9d5fc2d36af359" - "583c9e3b49df884228a64de79b67f66207c8281360b99b214042ce61367ff97960e944" - "453cd63679bb44708897d29bc5e70f9fc8f1f715143fbb00f7f5c1b7b161ec26d8d41d" - "36fab0fa8a85c3ee6ce4d37007eb7a89d6753590", - .p_key = "c4a71e055a7254dda360693fe1be49f10faa6731c36dbaa6590b05974e185c5b" -}; - -#if defined(CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS) -/* AES ECB - NIST CAVS 11.1 Monte Carlo 256 Encrypt */ -ITEM_REGISTER(test_vector_aes_ecb_monte_carlo_data, - test_vector_aes_t test_vector_aes_ecb_256_encrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Encrypt Monte Carlo"), - .p_plaintext = "b379777f9050e2a818f2940cbbd9aba4", - .p_ciphertext = "c5d2cb3d5b7ff0e23e308967ee074825", - .p_key = "f9e8389f5b80712e3886cc1fa2d28a3b8c9cd88a2d4a54c6aa86ce0fef944be0" -}; - -/* AES ECB - NIST CAVS 11.1 Monte Carlo 256 Decrypt */ -ITEM_REGISTER(test_vector_aes_ecb_monte_carlo_data, - test_vector_aes_t test_vector_aes_ecb_256_decrypt_monte_carlo) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_DECRYPT, - .p_test_vector_name = TV_NAME("ECB 256 Decrypt Monte Carlo"), - .p_plaintext = "e3d3868f578caf34e36445bf14cefc68", - .p_ciphertext = "89649bd0115f30bd878567610223a59d", - .p_key = "2b09ba39b834062b9e93f48373b8dd018dedf1e5ba1b8af831ebbacbc92a2643" -}; -#endif /* CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS */ -#endif /* CRYPTO_TEST_LARGE_VECTORS */ -#endif /* MBEDTLS_CIPHER_AES_256_ECB_C */ diff --git a/tests/crypto/test_cases/test_vectors_aes_ecb_mac.c b/tests/crypto/test_cases/test_vectors_aes_ecb_mac.c deleted file mode 100644 index 3aacdea02f35..000000000000 --- a/tests/crypto/test_cases/test_vectors_aes_ecb_mac.c +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" - -/**@brief CMAC test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES#CMAC - */ - -/* AES CMAC - NIST SP 800-38B, CMAC-AES128, Example #1 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_128_1) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 128 message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "2b7e151628aed2a6abf7158809cf4f3c" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES128, Example #2 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_128_2) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 128 message_len=16"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172a", - .p_ciphertext = "070a16b46b4d4144f79bdd9dd04a287c", - .p_key = "2b7e151628aed2a6abf7158809cf4f3c" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES128, Example #3 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_128_3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 128 message_len=20"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172aae2d8a57", - .p_ciphertext = "7d85449ea6ea19c823a7bf78837dfade", - .p_key = "2b7e151628aed2a6abf7158809cf4f3c" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES128, Example #4 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_128_4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 128 message_len=64"), - .p_plaintext = - "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c" - "46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710", - .p_ciphertext = "51f0bebf7e3b9d92fc49741779363cfe", - .p_key = "2b7e151628aed2a6abf7158809cf4f3c" -}; - -#if defined(MBEDTLS_AES_256_CMAC_C) -/* AES CMAC - NIST SP 800-38B, CMAC-AES192, Example #1 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_192_1) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 192 message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES192, Example #2 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_192_2) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 192 message_len=16"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172a", - .p_ciphertext = "9e99a7bf31e710900662f65e617c5184", - .p_key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES192, Example #3 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_192_3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 192 message_len=20"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172aae2d8a57", - .p_ciphertext = "3d75c194ed96070444a9fa7ec740ecf8", - .p_key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES192, Example #4 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_192_4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 192 message_len=64"), - .p_plaintext = - "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c" - "46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710", - .p_ciphertext = "a1d5df0eed790f794d77589659f39a11", - .p_key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES256, Example #1 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_256_1) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 256 message_len=0"), - .p_plaintext = "", - .p_ciphertext = "", - .p_key = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES256, Example #2 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_256_2) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 256 message_len=16"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172a", - .p_ciphertext = "28a7023f452e8f82bd4bf28d8c37c35c", - .p_key = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES256, Example #3 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_256_3) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 256 message_len=20"), - .p_plaintext = "6bc1bee22e409f96e93d7e117393172aae2d8a57", - .p_ciphertext = "156727dc0878944a023c1fe03bad6d93", - .p_key = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4" -}; - -/* AES CMAC - NIST SP 800-38B, CMAC-AES256, Example #4 */ -ITEM_REGISTER(test_vector_aes_ecb_mac_data, - test_vector_aes_t test_vector_aes_cmac_256_4) = { - .mode = MBEDTLS_MODE_ECB, - .padding = MBEDTLS_PADDING_NONE, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .direction = MBEDTLS_ENCRYPT, - .p_test_vector_name = TV_NAME("CMAC 256 message_len=64"), - .p_plaintext = - "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c" - "46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710", - .p_ciphertext = "e1992190549f6ed5696a2c056c315410", - .p_key = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4" -}; - -#endif /* MBEDTLS_AES_256_CMAC_C */ diff --git a/tests/crypto/test_cases/test_vectors_ecdh.c b/tests/crypto/test_cases/test_vectors_ecdh.c deleted file mode 100644 index e28d1e7c7002..000000000000 --- a/tests/crypto/test_cases/test_vectors_ecdh.c +++ /dev/null @@ -1,1226 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" - -#include - -/**@brief ECDH test vectors can be found on NIST web pages. - * - * http://read.pudn.com/downloads168/doc/772358/TestVectorsforSEC%201-gec2.pdf - * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Component-Testing - */ -#if defined(MBEDTLS_ECP_DP_SECP160R1_ENABLED) - -/* ECDH - SECP160R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp160r1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP160R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp160r1 valid") -}; - -/* ECDH - GEC 2: Test Vectors for SEC 1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_full_secp160r1_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP160R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp160r1"), - .p_initiator_priv = "aa374ffc3ce144e6b073307972cb6d57b2a4e982", - .p_responder_priv = "45fb58a92a17ad4b15101c66e74f277e2b460866", - .p_initiator_publ_x = "51b4496fecc406ed0e75a24a3c03206251419dc0", - .p_initiator_publ_y = "c28dcb4b73a514b468d793894f381ccc1756aa6c", - .p_responder_publ_x = "49b41e0e9c0369c2328739d90f63d56707c6e5bc", - .p_responder_publ_y = "26e008b567015ed96d232a03111c3edc0e9c8f83", - .p_expected_shared_secret = "ca7c0f8c3ffa87a96e1b74ac8e6af594347bb40a" -}; - -#endif /* MBEDTLS_ECP_DP_SECP160R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP160R2_ENABLED) - -/* ECDH - SECP160R2 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp160r2_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP160R2, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp160r2 valid") -}; - -#endif /* MBEDTLS_ECP_DP_SECP160R2_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - -/* ECDH - SECP192R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp192r1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp192r1 valid") -}; - -/* ECDH - NIST CAVS 14.1 P-192 - Count 0 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp192r1_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp192r1 valid 1"), - .p_responder_priv = "f17d3fea367b74d340851ca4270dcb24c271f445bed9d527", - .p_initiator_publ_x = "42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0", - .p_initiator_publ_y = "dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523", - .p_expected_shared_secret = - "803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0" -}; - -/* ECDH - NIST CAVS 14.1 P-192 - Count 1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp192r1_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp192r1 valid 2"), - .p_responder_priv = "56e853349d96fe4c442448dacb7cf92bb7a95dcf574a9bd5", - .p_initiator_publ_x = "deb5712fa027ac8d2f22c455ccb73a91e17b6512b5e030e7", - .p_initiator_publ_y = "7e2690a02cc9b28708431a29fb54b87b1f0c14e011ac2125", - .p_expected_shared_secret = - "c208847568b98835d7312cef1f97f7aa298283152313c29d" -}; - -/* ECDH - NIST CAVS 14.1 P-192 - Count 2 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp192r1_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp192r1 valid 3"), - .p_responder_priv = "c6ef61fe12e80bf56f2d3f7d0bb757394519906d55500949", - .p_initiator_publ_x = "4edaa8efc5a0f40f843663ec5815e7762dddc008e663c20f", - .p_initiator_publ_y = "0a9f8dc67a3e60ef6d64b522185d03df1fc0adfd42478279", - .p_expected_shared_secret = - "87229107047a3b611920d6e3b2c0c89bea4f49412260b8dd" -}; - -/* ECDH - NIST CAVS 14.1 P-192 - Count 3 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp192r1_4) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp192r1 valid 4"), - .p_responder_priv = "e6747b9c23ba7044f38ff7e62c35e4038920f5a0163d3cda", - .p_initiator_publ_x = "8887c276edeed3e9e866b46d58d895c73fbd80b63e382e88", - .p_initiator_publ_y = "04c5097ba6645e16206cfb70f7052655947dd44a17f1f9d5", - .p_expected_shared_secret = - "eec0bed8fc55e1feddc82158fd6dc0d48a4d796aaf47d46c" -}; - -/* ECDH - NIST CAVS 14.1 P-192 - Count 4 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp192r1_5) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp192r1 valid 5"), - .p_responder_priv = "beabedd0154a1afcfc85d52181c10f5eb47adc51f655047d", - .p_initiator_publ_x = "0d045f30254adc1fcefa8a5b1f31bf4e739dd327cd18d594", - .p_initiator_publ_y = "542c314e41427c08278a08ce8d7305f3b5b849c72d8aff73", - .p_expected_shared_secret = - "716e743b1b37a2cd8479f0a3d5a74c10ba2599be18d7e2f4" -}; - -/* ECDH - NIST CAVS 14.1 P-192 - Invalid public key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp192r1_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_INVALID_KEY, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp192r1 invalid public key"), - .p_responder_priv = "beabedd0154a1afcfc85d52181c10f5eb47adc51f655047d", - .p_initiator_publ_x = "1d045f30254adc1fcefa8a5b1f31bf4e739dd327cd18d594", - .p_initiator_publ_y = "542c314e41427c08278a08ce8d7305f3b5b849c72d8aff73", - .p_expected_shared_secret = - "716e743b1b37a2cd8479f0a3d5a74c10ba2599be18d7e2f4" -}; - -/* ECDH - NIST CAVS 14.1 P-192 - Invalid private key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp192r1_inv_d) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp192r1 invalid private key"), - .p_responder_priv = "ceabedd0154a1afcfc85d52181c10f5eb47adc51f655047d", - .p_initiator_publ_x = "0d045f30254adc1fcefa8a5b1f31bf4e739dd327cd18d594", - .p_initiator_publ_y = "542c314e41427c08278a08ce8d7305f3b5b849c72d8aff73", - .p_expected_shared_secret = - "716e743b1b37a2cd8479f0a3d5a74c10ba2599be18d7e2f4" -}; - -/* ECDH - NIST CAVS 14.1 P-192 - Invalid shared secret test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp192r1_inv_ss) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp192r1 invalid shared secret"), - .p_responder_priv = "beabedd0154a1afcfc85d52181c10f5eb47adc51f655047d", - .p_initiator_publ_x = "0d045f30254adc1fcefa8a5b1f31bf4e739dd327cd18d594", - .p_initiator_publ_y = "542c314e41427c08278a08ce8d7305f3b5b849c72d8aff73", - .p_expected_shared_secret = - "816e743b1b37a2cd8479f0a3d5a74c10ba2599be18d7e2f4" -}; -#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - -/* ECDH - SECP224R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp224r1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp224r1 valid") -}; - -/* ECDH - NIST CAVS 14.1 P-224 - Count 0 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp224r1_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp224r1 valid 1"), - .p_responder_priv = - "8346a60fc6f293ca5a0d2af68ba71d1dd389e5e40837942df3e43cbd", - .p_initiator_publ_x = - "af33cd0629bc7e996320a3f40368f74de8704fa37b8fab69abaae280", - .p_initiator_publ_y = - "882092ccbba7930f419a8a4f9bb16978bbc3838729992559a6f2e2d7", - .p_expected_shared_secret = - "7d96f9a3bd3c05cf5cc37feb8b9d5209d5c2597464dec3e9983743e8" -}; - -/* ECDH - NIST CAVS 14.1 P-224 - Count 1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp224r1_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp224r1 valid 2"), - .p_responder_priv = - "043cb216f4b72cdf7629d63720a54aee0c99eb32d74477dac0c2f73d", - .p_initiator_publ_x = - "13bfcd4f8e9442393cab8fb46b9f0566c226b22b37076976f0617a46", - .p_initiator_publ_y = - "eeb2427529b288c63c2f8963c1e473df2fca6caa90d52e2f8db56dd4", - .p_expected_shared_secret = - "ee93ce06b89ff72009e858c68eb708e7bc79ee0300f73bed69bbca09" -}; - -/* ECDH - NIST CAVS 14.1 P-224 - Count 2 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp224r1_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp224r1 valid 3"), - .p_responder_priv = - "5ad0dd6dbabb4f3c2ea5fe32e561b2ca55081486df2c7c15c9622b08", - .p_initiator_publ_x = - "756dd806b9d9c34d899691ecb45b771af468ec004486a0fdd283411e", - .p_initiator_publ_y = - "4d02c2ca617bb2c5d9613f25dd72413d229fd2901513aa29504eeefb", - .p_expected_shared_secret = - "3fcc01e34d4449da2a974b23fc36f9566754259d39149790cfa1ebd3" -}; - -/* ECDH - NIST CAVS 14.1 P-224 - Count 3 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp224r1_4) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp224r1 valid 4"), - .p_responder_priv = - "0aa6ff55a5d820efcb4e7d10b845ea3c9f9bc5dff86106db85318e22", - .p_initiator_publ_x = - "0f537bf1c1122c55656d25e8aa8417e0b44b1526ae0523144f9921c4", - .p_initiator_publ_y = - "f79b26d30e491a773696cc2c79b4f0596bc5b9eebaf394d162fb8684", - .p_expected_shared_secret = - "49129628b23afcef48139a3f6f59ff5e9811aa746aa4ff33c24bb940" -}; - -/* ECDH - NIST CAVS 14.1 P-224 - Count 4 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp224r1_5) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp224r1 valid 5"), - .p_responder_priv = - "efe6e6e25affaf54c98d002abbc6328da159405a1b752e32dc23950a", - .p_initiator_publ_x = - "2b3631d2b06179b3174a100f7f57131eeea8947be0786c3dc64b2239", - .p_initiator_publ_y = - "83de29ae3dad31adc0236c6de7f14561ca2ea083c5270c78a2e6cbc0", - .p_expected_shared_secret = - "fcdc69a40501d308a6839653a8f04309ec00233949522902ffa5eac6" -}; - -/* ECDH - NIST CAVS 14.1 P-224 - Invalid public key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp224r1_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_INVALID_KEY, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp224r1 invalid public key"), - .p_responder_priv = - "efe6e6e25affaf54c98d002abbc6328da159405a1b752e32dc23950a", - .p_initiator_publ_x = - "3b3631d2b06179b3174a100f7f57131eeea8947be0786c3dc64b2239", - .p_initiator_publ_y = - "83de29ae3dad31adc0236c6de7f14561ca2ea083c5270c78a2e6cbc0", - .p_expected_shared_secret = - "fcdc69a40501d308a6839653a8f04309ec00233949522902ffa5eac6" -}; - -/* ECDH - NIST CAVS 14.1 P-224 - Invalid private key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp224r1_inv_d) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp224r1 invalid private key"), - .p_responder_priv = - "ffe6e6e25affaf54c98d002abbc6328da159405a1b752e32dc23950a", - .p_initiator_publ_x = - "2b3631d2b06179b3174a100f7f57131eeea8947be0786c3dc64b2239", - .p_initiator_publ_y = - "83de29ae3dad31adc0236c6de7f14561ca2ea083c5270c78a2e6cbc0", - .p_expected_shared_secret = - "fcdc69a40501d308a6839653a8f04309ec00233949522902ffa5eac6" -}; - -/* ECDH - NIST CAVS 14.1 P-224 - Invalid shared secret test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp224r1_inv_ss) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp224r1 invalid shared secret"), - .p_responder_priv = - "efe6e6e25affaf54c98d002abbc6328da159405a1b752e32dc23950a", - .p_initiator_publ_x = - "2b3631d2b06179b3174a100f7f57131eeea8947be0786c3dc64b2239", - .p_initiator_publ_y = - "83de29ae3dad31adc0236c6de7f14561ca2ea083c5270c78a2e6cbc0", - .p_expected_shared_secret = - "0cdc69a40501d308a6839653a8f04309ec00233949522902ffa5eac6" -}; -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - -/* ECDH - SECP256R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp256r1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1 valid") -}; - -/* ECDH - RFC 5903 256-Bit Random ECP Group */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_secp256r1_full) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1"), - .p_initiator_priv = - "C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433", - .p_responder_priv = - "C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53", - .p_initiator_publ_x = - "DAD0B65394221CF9B051E1FECA5787D098DFE637FC90B9EF945D0C3772581180", - .p_initiator_publ_y = - "5271A0461CDB8252D61F1C456FA3E59AB1F45B33ACCF5F58389E0577B8990BB3", - .p_responder_publ_x = - "D12DFB5289C8D4F81208B70270398C342296970A0BCCB74C736FC7554494BF63", - .p_responder_publ_y = - "56FBF3CA366CC23E8157854C13C58D6AAC23F046ADA30F8353E74F33039872AB", - .p_expected_shared_secret = - "D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Count 0 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1 valid 1"), - .p_responder_priv = - "7d7dc5f71eb29ddaf80d6214632eeae03d9058af1fb6d22ed80badb62bc1a534", - .p_initiator_publ_x = - "700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287", - .p_initiator_publ_y = - "db71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac", - .p_expected_shared_secret = - "46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Count 1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1 valid 2"), - .p_responder_priv = - "38f65d6dce47676044d58ce5139582d568f64bb16098d179dbab07741dd5caf5", - .p_initiator_publ_x = - "809f04289c64348c01515eb03d5ce7ac1a8cb9498f5caa50197e58d43a86a7ae", - .p_initiator_publ_y = - "b29d84e811197f25eba8f5194092cb6ff440e26d4421011372461f579271cda3", - .p_expected_shared_secret = - "057d636096cb80b67a8c038c890e887d1adfa4195e9b3ce241c8a778c59cda67" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Count 2 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1 valid 3"), - .p_responder_priv = - "1accfaf1b97712b85a6f54b148985a1bdc4c9bec0bd258cad4b3d603f49f32c8", - .p_initiator_publ_x = - "a2339c12d4a03c33546de533268b4ad667debf458b464d77443636440ee7fec3", - .p_initiator_publ_y = - "ef48a3ab26e20220bcda2c1851076839dae88eae962869a497bf73cb66faf536", - .p_expected_shared_secret = - "2d457b78b4614132477618a5b077965ec90730a8c81a1c75d6d4ec68005d67ec" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Count 3 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_4) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1 valid 4"), - .p_responder_priv = - "207c43a79bfee03db6f4b944f53d2fb76cc49ef1c9c4d34d51b6c65c4db6932d", - .p_initiator_publ_x = - "df3989b9fa55495719b3cf46dccd28b5153f7808191dd518eff0c3cff2b705ed", - .p_initiator_publ_y = - "422294ff46003429d739a33206c8752552c8ba54a270defc06e221e0feaf6ac4", - .p_expected_shared_secret = - "96441259534b80f6aee3d287a6bb17b5094dd4277d9e294f8fe73e48bf2a0024" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Count 4 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_5) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256r1 valid 5"), - .p_responder_priv = - "59137e38152350b195c9718d39673d519838055ad908dd4757152fd8255c09bf", - .p_initiator_publ_x = - "41192d2813e79561e6a1d6f53c8bc1a433a199c835e141b05a74a97b0faeb922", - .p_initiator_publ_y = - "1af98cc45e98a7e041b01cf35f462b7562281351c8ebf3ffa02e33a0722a1328", - .p_expected_shared_secret = - "19d44c8d63e8e8dd12c22a87b8cd4ece27acdde04dbf47f7f27537a6999a8e62" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Invalid public key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_INVALID_KEY, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp256r1 invalid public key"), - .p_responder_priv = - "59137e38152350b195c9718d39673d519838055ad908dd4757152fd8255c09bf", - .p_initiator_publ_x = - "51192d2813e79561e6a1d6f53c8bc1a433a199c835e141b05a74a97b0faeb922", - .p_initiator_publ_y = - "1af98cc45e98a7e041b01cf35f462b7562281351c8ebf3ffa02e33a0722a1328", - .p_expected_shared_secret = - "19d44c8d63e8e8dd12c22a87b8cd4ece27acdde04dbf47f7f27537a6999a8e62" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Invalid private key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_inv_d) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp256r1 invalid private key"), - .p_responder_priv = - "69137e38152350b195c9718d39673d519838055ad908dd4757152fd8255c09bf", - .p_initiator_publ_x = - "41192d2813e79561e6a1d6f53c8bc1a433a199c835e141b05a74a97b0faeb922", - .p_initiator_publ_y = - "1af98cc45e98a7e041b01cf35f462b7562281351c8ebf3ffa02e33a0722a1328", - .p_expected_shared_secret = - "19d44c8d63e8e8dd12c22a87b8cd4ece27acdde04dbf47f7f27537a6999a8e62" -}; - -/* ECDH - NIST CAVS 14.1 P-256 - Invalid shared secret test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp256r1_inv_ss) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp256r1 invalid shared secret"), - .p_responder_priv = - "59137e38152350b195c9718d39673d519838055ad908dd4757152fd8255c09bf", - .p_initiator_publ_x = - "41192d2813e79561e6a1d6f53c8bc1a433a199c835e141b05a74a97b0faeb922", - .p_initiator_publ_y = - "1af98cc45e98a7e041b01cf35f462b7562281351c8ebf3ffa02e33a0722a1328", - .p_expected_shared_secret = - "29d44c8d63e8e8dd12c22a87b8cd4ece27acdde04dbf47f7f27537a6999a8e62" -}; -#endif /* MBEDTLS_ECP_DP_SECP256R1 */ - -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - -/* ECDH - SECP384R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp384r1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp384r1 valid") -}; - -/* ECDH - RFC 5903 384-Bit Random ECP Group */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_secp384r1_full) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp384r1"), - .p_initiator_priv = - "099F3C7034D4A2C699884D73A375A67F7624EF7C6B3C0F160647B6" - "7414DCE655E35B538041E649EE3FAEF896783AB194", - .p_responder_priv = - "41CB0779B4BDB85D47846725FBEC3C9430FAB46CC8DC5060855CC9" - "BDA0AA2942E0308312916B8ED2960E4BD55A7448FC", - .p_initiator_publ_x = - "667842D7D180AC2CDE6F74F37551F55755C7645C20EF73E31634" - "FE72B4C55EE6DE3AC808ACB4BDB4C88732AEE95F41AA", - .p_initiator_publ_y = - "9482ED1FC0EEB9CAFC4984625CCFC23F65032149E0E144ADA024" - "181535A0F38EEB9FCFF3C2C947DAE69B4C634573A81C", - .p_responder_publ_x = - "E558DBEF53EECDE3D3FCCFC1AEA08A89A987475D12FD950D83CF" - "A41732BC509D0D1AC43A0336DEF96FDA41D0774A3571", - .p_responder_publ_y = - "DCFBEC7AACF3196472169E838430367F66EEBE3C6E70C416DD5F" - "0C68759DD1FFF83FA40142209DFF5EAAD96DB9E6386C", - .p_expected_shared_secret = - "11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D60313" - "5569B9E9D09CF5D4A270F59746" -}; - -/* ECDH - NIST CAVS 14.1 P-384 - Count 0 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp384r1_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp384r1 valid 1"), - .p_responder_priv = - "3cc3122a68f0d95027ad38c067916ba0eb8c38894d22e1b15618b6" - "818a661774ad463b205da88cf699ab4d43c9cf98a1", - .p_initiator_publ_x = - "a7c76b970c3b5fe8b05d2838ae04ab47697b9eaf52e764592efd" - "a27fe7513272734466b400091adbf2d68c58e0c50066", - .p_initiator_publ_y = - "ac68f19f2e1cb879aed43a9969b91a0839c4c38a49749b661efe" - "df243451915ed0905a32b060992b468c64766fc8437a", - .p_expected_shared_secret = - "5f9d29dc5e31a163060356213669c8ce132e22f57c9a04f40ba7fcead493b457e5621e" - "766c40a2e3d4d6a04b25e533f1" -}; - -/* ECDH - NIST CAVS 14.1 P-384 - Count 1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp384r1_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp384r1 valid 2"), - .p_responder_priv = - "92860c21bde06165f8e900c687f8ef0a05d14f290b3f07d8b3a8cc" - "6404366e5d5119cd6d03fb12dc58e89f13df9cd783", - .p_initiator_publ_x = - "30f43fcf2b6b00de53f624f1543090681839717d53c7c955d1d6" - "9efaf0349b7363acb447240101cbb3af6641ce4b88e0", - .p_initiator_publ_y = - "25e46c0c54f0162a77efcc27b6ea792002ae2ba82714299c8608" - "57a68153ab62e525ec0530d81b5aa15897981e858757", - .p_expected_shared_secret = - "a23742a2c267d7425fda94b93f93bbcc24791ac51cd8fd501a238d40812f4cbfc59aac" - "9520d758cf789c76300c69d2ff" -}; - -/* ECDH - NIST CAVS 14.1 P-384 - Count 2 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp384r1_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp384r1 valid 3"), - .p_responder_priv = - "12cf6a223a72352543830f3f18530d5cb37f26880a0b294482c8a8" - "ef8afad09aa78b7dc2f2789a78c66af5d1cc553853", - .p_initiator_publ_x = - "1aefbfa2c6c8c855a1a216774550b79a24cda37607bb1f7cc906" - "650ee4b3816d68f6a9c75da6e4242cebfb6652f65180", - .p_initiator_publ_y = - "419d28b723ebadb7658fcebb9ad9b7adea674f1da3dc6b6397b5" - "5da0f61a3eddacb4acdb14441cb214b04a0844c02fa3", - .p_expected_shared_secret = - "3d2e640f350805eed1ff43b40a72b2abed0a518bcebe8f2d15b111b6773223da3c3489" - "121db173d414b5bd5ad7153435" -}; - -/* ECDH - NIST CAVS 14.1 P-384 - Count 3 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp384r1_4) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp384r1 valid 4"), - .p_responder_priv = - "8dd48063a3a058c334b5cc7a4ce07d02e5ee6d8f1f3c51a1600962" - "cbab462690ae3cd974fb39e40b0e843daa0fd32de1", - .p_initiator_publ_x = - "8bc089326ec55b9cf59b34f0eb754d93596ca290fcb3444c83d4" - "de3a5607037ec397683f8cef07eab2fe357eae36c449", - .p_initiator_publ_y = - "d9d16ce8ac85b3f1e94568521aae534e67139e310ec72693526a" - "a2e927b5b322c95a1a033c229cb6770c957cd3148dd7", - .p_expected_shared_secret = - "6a42cfc392aba0bfd3d17b7ccf062b91fc09bbf3417612d02a90bdde62ae40c54bb2e5" - "6e167d6b70db670097eb8db854" -}; - -/* ECDH - NIST CAVS 14.1 P-384 - Count 4 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp384r1_5) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp384r1 valid 5"), - .p_responder_priv = - "84ece6cc3429309bd5b23e959793ed2b111ec5cb43b6c18085fcae" - "a9efa0685d98a6262ee0d330ee250bc8a67d0e733f", - .p_initiator_publ_x = - "eb952e2d9ac0c20c6cc48fb225c2ad154f53c8750b003fd3b4ed" - "8ed1dc0defac61bcdde02a2bcfee7067d75d342ed2b0", - .p_initiator_publ_y = - "f1828205baece82d1b267d0d7ff2f9c9e15b69a72df47058a97f" - "3891005d1fb38858f5603de840e591dfa4f6e7d489e1", - .p_expected_shared_secret = - "ce7ba454d4412729a32bb833a2d1fd2ae612d4667c3a900e069214818613447df8c611" - "de66da200db7c375cf913e4405" -}; - -/* ECDH - NIST CAVS 14.1 P-384 - Invalid public key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp384r1_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_INVALID_KEY, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp384r1 invalid public key"), - .p_responder_priv = - "84ece6cc3429309bd5b23e959793ed2b111ec5cb43b6c18085fcae" - "a9efa0685d98a6262ee0d330ee250bc8a67d0e733f", - .p_initiator_publ_x = - "fb952e2d9ac0c20c6cc48fb225c2ad154f53c8750b003fd3b4ed" - "8ed1dc0defac61bcdde02a2bcfee7067d75d342ed2b0", - .p_initiator_publ_y = - "f1828205baece82d1b267d0d7ff2f9c9e15b69a72df47058a97f" - "3891005d1fb38858f5603de840e591dfa4f6e7d489e1", - .p_expected_shared_secret = - "ce7ba454d4412729a32bb833a2d1fd2ae612d4667c3a900e069214818613447df8c611" - "de66da200db7c375cf913e4405" -}; - -/* ECDH - NIST CAVS 14.1 P-384 - Invalid private key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp384r1_inv_d) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp384r1 invalid private key"), - .p_responder_priv = - "94ece6cc3429309bd5b23e959793ed2b111ec5cb43b6c18085fcae" - "a9efa0685d98a6262ee0d330ee250bc8a67d0e733f", - .p_initiator_publ_x = - "eb952e2d9ac0c20c6cc48fb225c2ad154f53c8750b003fd3b4ed" - "8ed1dc0defac61bcdde02a2bcfee7067d75d342ed2b0", - .p_initiator_publ_y = - "f1828205baece82d1b267d0d7ff2f9c9e15b69a72df47058a97f" - "3891005d1fb38858f5603de840e591dfa4f6e7d489e1", - .p_expected_shared_secret = - "ce7ba454d4412729a32bb833a2d1fd2ae612d4667c3a900e069214818613447df8c611" - "de66da200db7c375cf913e4405" -}; - -/* ECDH - NIST CAVS 14.1 P-384 - Invalid shared secret test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp384r1_inv_ss) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp384r1 invalid shared secret"), - .p_responder_priv = - "84ece6cc3429309bd5b23e959793ed2b111ec5cb43b6c18085fcae" - "a9efa0685d98a6262ee0d330ee250bc8a67d0e733f", - .p_initiator_publ_x = - "eb952e2d9ac0c20c6cc48fb225c2ad154f53c8750b003fd3b4ed" - "8ed1dc0defac61bcdde02a2bcfee7067d75d342ed2b0", - .p_initiator_publ_y = - "f1828205baece82d1b267d0d7ff2f9c9e15b69a72df47058a97f" - "3891005d1fb38858f5603de840e591dfa4f6e7d489e1", - .p_expected_shared_secret = - "de7ba454d4412729a32bb833a2d1fd2ae612d4667c3a900e069214818613447df8c611" - "de66da200db7c375cf913e4405" -}; -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - -/* ECDH - SECP521R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp521r1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp521r1 valid") -}; - -/* ECDH - RFC 5903 521-Bit Random ECP Group */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_secp521r1_full) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp521r1"), - .p_initiator_priv = - "0037ADE9319A89F4DABDB3EF411AACCCA5123C61ACAB57B5393DCE47608172A095AA85" - "A30FE1C2952C6771D937BA9777F5957B2639BAB072462F68C27A57382D4A52", - .p_responder_priv = - "0145BA99A847AF43793FDD0E872E7CDFA16BE30FDC780F97BCCC3F078380201E9C677D" - "600B343757A3BDBF2A3163E4C2F869CCA7458AA4A4EFFC311F5CB151685EB9", - .p_initiator_publ_x = - "0015417E84DBF28C0AD3C278713349DC7DF153C897A1891BD98BAB4357C9ECBEE1E3BF" - "42E00B8E380AEAE57C2D107564941885942AF5A7F4601723C4195D176CED3E", - .p_initiator_publ_y = - "017CAE20B6641D2EEB695786D8C946146239D099E18E1D5A514C739D7CB4A10AD8A788" - "015AC405D7799DC75E7B7D5B6CF2261A6A7F1507438BF01BEB6CA3926F9582", - .p_responder_publ_x = - "00D0B3975AC4B799F5BEA16D5E13E9AF971D5E9B984C9F39728B5E5739735A219B97C3" - "56436ADC6E95BB0352F6BE64A6C2912D4EF2D0433CED2B6171640012D9460F", - .p_responder_publ_y = - "015C68226383956E3BD066E797B623C27CE0EAC2F551A10C2C724D9852077B87220B65" - "36C5C408A1D2AEBB8E86D678AE49CB57091F4732296579AB44FCD17F0FC56A", - .p_expected_shared_secret = - "01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E" - "73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA" -}; - -/* ECDH - NIST CAVS 14.1 P-521 - Count 0 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp521r1_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp521r1 valid 1"), - .p_responder_priv = - "017eecc07ab4b329068fba65e56a1f8890aa935e57134ae0ffcce802735151f4eac656" - "4f6ee9974c5e6887a1fefee5743ae2241bfeb95d5ce31ddcb6f9edb4d6fc47", - .p_initiator_publ_x = - "00685a48e86c79f0f0875f7bc18d25eb5fc8c0b07e5da4f4370f3a9490340854334b1e" - "1b87fa395464c60626124a4e70d0f785601d37c09870ebf176666877a2046d", - .p_initiator_publ_y = - "01ba52c56fc8776d9e8f5db4f0cc27636d0b741bbe05400697942e80b739884a83bde9" - "9e0f6716939e632bc8986fa18dccd443a348b6c3e522497955a4f3c302f676", - .p_expected_shared_secret = - "005fc70477c3e63bc3954bd0df3ea0d1f41ee21746ed95fc5e1fdf90930d5e136672d7" - "2cc770742d1711c3c3a4c334a0ad9759436a4d3c5bf6e74b9578fac148c831" -}; - -/* ECDH - NIST CAVS 14.1 P-521 - Count 1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp521r1_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp521r1 valid 2"), - .p_responder_priv = - "00816f19c1fb10ef94d4a1d81c156ec3d1de08b66761f03f06ee4bb9dcebbbfe1eaa1e" - "d49a6a990838d8ed318c14d74cc872f95d05d07ad50f621ceb620cd905cfb8", - .p_initiator_publ_x = - "01df277c152108349bc34d539ee0cf06b24f5d3500677b4445453ccc21409453aafb8a" - "72a0be9ebe54d12270aa51b3ab7f316aa5e74a951c5e53f74cd95fc29aee7a", - .p_initiator_publ_y = - "013d52f33a9f3c14384d1587fa8abe7aed74bc33749ad9c570b471776422c7d4505d9b" - "0a96b3bfac041e4c6a6990ae7f700e5b4a6640229112deafa0cd8bb0d089b0", - .p_expected_shared_secret = - "000b3920ac830ade812c8f96805da2236e002acbbf13596a9ab254d44d0e91b6255ebf" - "1229f366fb5a05c5884ef46032c26d42189273ca4efa4c3db6bd12a6853759" -}; - -/* ECDH - NIST CAVS 14.1 P-521 - Count 2 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp521r1_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp521r1 valid 3"), - .p_responder_priv = - "012f2e0c6d9e9d117ceb9723bced02eb3d4eebf5feeaf8ee0113ccd8057b13ddd416e0" - "b74280c2d0ba8ed291c443bc1b141caf8afb3a71f97f57c225c03e1e4d42b0", - .p_initiator_publ_x = - "0092db3142564d27a5f0006f819908fba1b85038a5bc2509906a497daac67fd7aee0fc" - "2daba4e4334eeaef0e0019204b471cd88024f82115d8149cc0cf4f7ce1a4d5", - .p_initiator_publ_y = - "016bad0623f517b158d9881841d2571efbad63f85cbe2e581960c5d670601a67602726" - "75a548996217e4ab2b8ebce31d71fca63fcc3c08e91c1d8edd91cf6fe845f8", - .p_expected_shared_secret = - "006b380a6e95679277cfee4e8353bf96ef2a1ebdd060749f2f046fe571053740bbcc9a" - "0b55790bc9ab56c3208aa05ddf746a10a3ad694daae00d980d944aabc6a08f" -}; - -/* ECDH - NIST CAVS 14.1 P-521 - Count 3 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp521r1_4) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp521r1 valid 4"), - .p_responder_priv = - "00e548a79d8b05f923b9825d11b656f222e8cb98b0f89de1d317184dc5a698f7c71161" - "ee7dc11cd31f4f4f8ae3a981e1a3e78bdebb97d7c204b9261b4ef92e0918e0", - .p_initiator_publ_x = - "00fdd40d9e9d974027cb3bae682162eac1328ad61bc4353c45bf5afe76bf607d2894c8" - "cce23695d920f2464fda4773d4693be4b3773584691bdb0329b7f4c86cc299", - .p_initiator_publ_y = - "0034ceac6a3fef1c3e1c494bfe8d872b183832219a7e14da414d4e3474573671ec19b0" - "33be831b915435905925b44947c592959945b4eb7c951c3b9c8cf52530ba23", - .p_expected_shared_secret = - "00fbbcd0b8d05331fef6086f22a6cce4d35724ab7a2f49dd8458d0bfd57a0b8b70f246" - "c17c4468c076874b0dff7a0336823b19e98bf1cec05e4beffb0591f97713c6" -}; - -/* ECDH - NIST CAVS 14.1 P-521 - Count 4 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp521r1_5) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp521r1 valid 5"), - .p_responder_priv = - "01c8aae94bb10b8ca4f7be577b4fb32bb2381032c4942c24fc2d753e7cc5e47b483389" - "d9f3b956d20ee9001b1eef9f23545f72c5602140046839e963313c3decc864", - .p_initiator_publ_x = - "0098d99dee0816550e84dbfced7e88137fddcf581a725a455021115fe49f8dc3cf233c" - "d9ea0e6f039dc7919da973cdceaca205da39e0bd98c8062536c47f258f44b5", - .p_initiator_publ_y = - "00cd225c8797371be0c4297d2b457740100c774141d8f214c23b61aa2b6cd4806b9b70" - "722aa4965fb622f42b7391e27e5ec21c5679c5b06b59127372997d421adc1e", - .p_expected_shared_secret = - "0145cfa38f25943516c96a5fd4bfebb2f645d10520117aa51971eff442808a23b4e23c" - "187e639ff928c3725fbd1c0c2ad0d4aeb207bc1a6fb6cb6d467888dc044b3c" -}; - -/* ECDH - NIST CAVS 14.1 P-521 - Invalid public key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp521r1_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_INVALID_KEY, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp521r1 invalid public key"), - .p_responder_priv = - "01c8aae94bb10b8ca4f7be577b4fb32bb2381032c4942c24fc2d753e7cc5e47b483389" - "d9f3b956d20ee9001b1eef9f23545f72c5602140046839e963313c3decc864", - .p_initiator_publ_x = - "00a8d99dee0816550e84dbfced7e88137fddcf581a725a455021115fe49f8dc3cf233c" - "d9ea0e6f039dc7919da973cdceaca205da39e0bd98c8062536c47f258f44b5", - .p_initiator_publ_y = - "00cd225c8797371be0c4297d2b457740100c774141d8f214c23b61aa2b6cd4806b9b70" - "722aa4965fb622f42b7391e27e5ec21c5679c5b06b59127372997d421adc1e", - .p_expected_shared_secret = - "0145cfa38f25943516c96a5fd4bfebb2f645d10520117aa51971eff442808a23b4e23c" - "187e639ff928c3725fbd1c0c2ad0d4aeb207bc1a6fb6cb6d467888dc044b3c" -}; - -/* ECDH - NIST CAVS 14.1 P-521 - Invalid private key test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp521r1_inv_d) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp521r1 invalid private key"), - .p_responder_priv = - "01d8aae94bb10b8ca4f7be577b4fb32bb2381032c4942c24fc2d753e7cc5e47b483389" - "d9f3b956d20ee9001b1eef9f23545f72c5602140046839e963313c3decc864", - .p_initiator_publ_x = - "0098d99dee0816550e84dbfced7e88137fddcf581a725a455021115fe49f8dc3cf233c" - "d9ea0e6f039dc7919da973cdceaca205da39e0bd98c8062536c47f258f44b5", - .p_initiator_publ_y = - "00cd225c8797371be0c4297d2b457740100c774141d8f214c23b61aa2b6cd4806b9b70" - "722aa4965fb622f42b7391e27e5ec21c5679c5b06b59127372997d421adc1e", - .p_expected_shared_secret = - "0145cfa38f25943516c96a5fd4bfebb2f645d10520117aa51971eff442808a23b4e23c" - "187e639ff928c3725fbd1c0c2ad0d4aeb207bc1a6fb6cb6d467888dc044b3c" -}; - -/* ECDH - NIST CAVS 14.1 P-521 - Invalid shared secret test case */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_simple, - test_vector_ecdh_t test_vector_ecdh_secp521r1_inv_ss) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("secp521r1 invalid shared secret"), - .p_responder_priv = - "01c8aae94bb10b8ca4f7be577b4fb32bb2381032c4942c24fc2d753e7cc5e47b483389" - "d9f3b956d20ee9001b1eef9f23545f72c5602140046839e963313c3decc864", - .p_initiator_publ_x = - "0098d99dee0816550e84dbfced7e88137fddcf581a725a455021115fe49f8dc3cf233c" - "d9ea0e6f039dc7919da973cdceaca205da39e0bd98c8062536c47f258f44b5", - .p_initiator_publ_y = - "00cd225c8797371be0c4297d2b457740100c774141d8f214c23b61aa2b6cd4806b9b70" - "722aa4965fb622f42b7391e27e5ec21c5679c5b06b59127372997d421adc1e", - .p_expected_shared_secret = - "0155cfa38f25943516c96a5fd4bfebb2f645d10520117aa51971eff442808a23b4e23c" - "187e639ff928c3725fbd1c0c2ad0d4aeb207bc1a6fb6cb6d467888dc044b3c" -}; -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - -/* NOTE: mbedtls expects a different endianness on the private keys than the one provided by RFC 7748. */ -/* Instead of making a special case in the source, the keys are swapped here. */ -/* Needs a review. */ -/* Should either: */ -/* * Keep it as it is now */ -/* * Delete "unfixed" version (--> can not easily track vector data to RFC 7748) */ -/* * Delete "fixed" version (--> have to concat + reverse in code) */ -#define CURVE25519_REVERSED_VECTORS -#if !defined(CURVE25519_REVERSED_VECTORS) -const char ecdh_curve25519_initiator_priv[] = { - "77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2" - "a" -}; /* Original. - */ -const char ecdh_curve25519_responder_priv[] = { - "5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0e" - "b" -}; /* Original. - */ -const char ecdh_curve25519_initiator_publ_x[] = { - "8520f0098930a754748b7ddcb43ef75a" -}; /* Original. */ -const char ecdh_curve25519_initiator_publ_y[] = { - "0dbf3a0d26381af4eba4a98eaa9b4e6a" -}; /* Original. */ -const char ecdh_curve25519_responder_publ_x[] = { - "de9edb7d7b7dc1b4d35b61c2ece43537" -}; /* Original. */ -const char ecdh_curve25519_responder_publ_y[] = { - "3f8343c85b78674dadfc7e146f882b4f" -}; /* Original. */ -const char ecdh_curve25519_expected_shared_secret[] = { - "4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e16174" - "2" -}; /* Original. - */ -#else -const char ecdh_curve25519_initiator_priv[] = { - "2a2cb91da5fb77b12a99c0eb872f4cdf4566b25172c1163c7da518730a6d077" - "7" -}; /* Reversed. - */ -const char ecdh_curve25519_responder_priv[] = { - "ebe088ff278b2f1cfdb6182629b13b6fe60e80838b7fe1794b8a4a627e08ab5" - "d" -}; /* Reversed. - */ -const char ecdh_curve25519_initiator_publ_x[] = { - "6a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f0208" - "5" -}; /* Reversed - concatenation - of X - and - Y. - */ -const char ecdh_curve25519_initiator_publ_y[] = { "" }; /* Cleared. */ -const char ecdh_curve25519_responder_publ_x[] = { - "4f2b886f147efcad4d67785bc843833f3735e4ecc2615bd3b4c17d7b7ddb9ed" - "e" -}; /* Reversed - concatenation - of X - and - Y. - */ -const char ecdh_curve25519_responder_publ_y[] = { "" }; /* Cleared. */ -const char ecdh_curve25519_expected_shared_secret[] = { - "4217161e3c9bf076339ed147c9217ee0250f3580f43b8e72e12dcea45b9d5d4" - "a" -}; /* Reversed. - */ -#endif /* CURVE25519_REVERSED_VECTORS */ - -/* ECDH - RFC 7748 - 6.1. Curve25519 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_curve25519_full_1) = { - .curve_type = MBEDTLS_ECP_DP_CURVE25519, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("curve25519"), - .p_initiator_priv = ecdh_curve25519_initiator_priv, - .p_responder_priv = ecdh_curve25519_responder_priv, - .p_initiator_publ_x = ecdh_curve25519_initiator_publ_x, - .p_initiator_publ_y = ecdh_curve25519_initiator_publ_y, - .p_responder_publ_x = ecdh_curve25519_responder_publ_x, - .p_responder_publ_y = ecdh_curve25519_responder_publ_y, - .p_expected_shared_secret = ecdh_curve25519_expected_shared_secret -}; - -/* ECDH - Based on RFC 7748 - 6.1. Curve25519 Test Vector */ -ITEM_REGISTER( - test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_curve25519_full_inv_priv_key) = { - .curve_type = MBEDTLS_ECP_DP_CURVE25519, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("curve25519 invalid private key"), - .p_initiator_priv = - "87076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a", - .p_responder_priv = - "6dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb", - .p_initiator_publ_x = ecdh_curve25519_initiator_publ_x, - .p_initiator_publ_y = ecdh_curve25519_initiator_publ_y, - .p_responder_publ_x = ecdh_curve25519_responder_publ_x, - .p_responder_publ_y = ecdh_curve25519_responder_publ_y, - .p_expected_shared_secret = ecdh_curve25519_expected_shared_secret -}; - -/* ECDH - Based on RFC 7748 - 6.1. Curve25519 Test Vector */ -ITEM_REGISTER( - test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_curve25519_full_inv_publ_x_key) = { - .curve_type = MBEDTLS_ECP_DP_CURVE25519, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("curve25519 invalid public X key"), - .p_initiator_priv = ecdh_curve25519_initiator_priv, - .p_responder_priv = ecdh_curve25519_responder_priv, - .p_initiator_publ_x = "9520f0098930a754748b7ddcb43ef75a", - .p_initiator_publ_y = ecdh_curve25519_initiator_publ_y, - .p_responder_publ_x = ecdh_curve25519_responder_publ_x, - .p_responder_publ_y = ecdh_curve25519_responder_publ_y, - .p_expected_shared_secret = ecdh_curve25519_expected_shared_secret -}; - -#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP160K1_ENABLED) - -/* ECDH - SECP160K1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp160k1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP160K1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp160k1 valid") -}; - -#endif /* MBEDTLS_ECP_DP_SECP160K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - -/* ECDH - SECP192K1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp192k1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP192K1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp192k1 valid") -}; -#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - -/* ECDH - SECP224K1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp224k1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP224K1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp224k1 valid") -}; -#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - -/* ECDH - SECP256K1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_secp256k1_random) = { - .curve_type = MBEDTLS_ECP_DP_SECP256K1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("secp256k1 valid") -}; -#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ - -#if defined(CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS) -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - -/* ECDH - BP256R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_bp256r1_random) = { - .curve_type = MBEDTLS_ECP_DP_BP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("bp256r1 valid") -}; - -/* ECDH - RFC 7027 - A.1 - Curve brainpoolP256r1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_bp256r1_full) = { - .curve_type = MBEDTLS_ECP_DP_BP256R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("bp256r1"), - .p_initiator_priv = - "81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d", - .p_responder_priv = - "55e40bc41e37e3e2ad25c3c6654511ffa8474a91a0032087593852d3e7d76bd3", - .p_initiator_publ_x = - "44106e913f92bc02a1705d9953a8414db95e1aaa49e81d9e85f929a8e3100be5", - .p_initiator_publ_y = - "8ab4846f11caccb73ce49cbdd120f5a900a69fd32c272223f789ef10eb089bdc", - .p_responder_publ_x = - "8d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b", - .p_responder_publ_y = - "990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a", - .p_expected_shared_secret = - "89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" -}; - -#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - -/* ECDH - BP384R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_bp384r1_random) = { - .curve_type = MBEDTLS_ECP_DP_BP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("bp384r1 valid") -}; - -/* ECDH - RFC 7027 - A.2 - Curve brainpoolP384r1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_bp384r1_full) = { - .curve_type = MBEDTLS_ECP_DP_BP384R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("bp384r1"), - .p_initiator_priv = - "1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053f" - "c4b0bd65d6f15eb5d1ee1610df870795143627d042", - .p_responder_priv = - "032640bc6003c59260f7250c3db58ce647f98e1260acce4acda3dd" - "869f74e01f8ba5e0324309db6a9831497abac96670", - .p_initiator_publ_x = - "68b665dd91c195800650cdd363c625f4e742e8134667b767b1b4" - "76793588f885ab698c852d4a6e77a252d6380fcaf068", - .p_initiator_publ_y = - "55bc91a39c9ec01dee36017b7d673a931236d2f1f5c83942d049" - "e3fa20607493e0d038ff2fd30c2ab67d15c85f7faa59", - .p_responder_publ_x = - "4d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46" - "db69d19dc8ce6ad18e404b15738b2086df37e71d1eb4", - .p_responder_publ_y = - "62d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a2103" - "8a42e9185329b5b275903d192f8d4e1f32fe9cc78c48", - .p_expected_shared_secret = - "0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf640" - "3715c35d4fb2a5444f575d4f42" -}; - -#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - -/* ECDH - BP512R1 - Random test vectors */ -ITEM_REGISTER(test_vector_ecdh_data_random, - test_vector_ecdh_t test_vector_ecdh_bp512r1_random) = { - .curve_type = MBEDTLS_ECP_DP_BP512R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("bp512r1 valid") -}; - -/* ECDH - RFC 7027 - A.3 - Curve brainpoolP512r1 */ -ITEM_REGISTER(test_vector_ecdh_data_deterministic_full, - test_vector_ecdh_t test_vector_ecdh_bp512r1_full) = { - .curve_type = MBEDTLS_ECP_DP_BP512R1, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("bp512r1"), - .p_initiator_priv = - "16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80" - "279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422", - .p_responder_priv = - "230e18e1bcc88a362fa54e4ea3902009292f7f8033624fd471b5d8ace49d12cfabbc19" - "963dab8e2f1eba00bffb29e4d72d13f2224562f405cb80503666b25429", - .p_initiator_publ_x = - "0a420517e406aac0acdce90fcd71487718d3b953efd7fbec5f7f27e28c6149999397e9" - "1e029e06457db2d3e640668b392c2a7e737a7f0bf04436d11640fd09fd", - .p_initiator_publ_y = - "72e6882e8db28aad36237cd25d580db23783961c8dc52dfa2ec138ad472a0fcef3887c" - "f62b623b2a87de5c588301ea3e5fc269b373b60724f5e82a6ad147fde7", - .p_responder_publ_x = - "9d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8d" - "d4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f", - .p_responder_publ_y = - "2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc1" - "1453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa", - .p_expected_shared_secret = - "a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403" - "c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" -}; - -#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ -#endif /* CONFIG_CRYPTO_TEST_LONG_RUNNING_VECTORS */ diff --git a/tests/crypto/test_cases/test_vectors_ecdsa_random.c b/tests/crypto/test_cases/test_vectors_ecdsa_random.c deleted file mode 100644 index 5ae2ca50649b..000000000000 --- a/tests/crypto/test_cases/test_vectors_ecdsa_random.c +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief ECDSA test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Component-Testing - */ -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -/* ECDSA random - NIST P-256, SHA-256 - first test case */ -ITEM_REGISTER(test_vector_ecdsa_random_data, - test_vector_ecdsa_random_t - test_vector_ecdsa_random_secp256r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .p_test_vector_name = TV_NAME("secp256r1 random SHA256 1"), - .p_input = - "44acf6b7e36c1342c2c5897204fe09504e1e2efb1a900377dbc4e7a6a133ec56", -}; -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ diff --git a/tests/crypto/test_cases/test_vectors_ecdsa_sign.c b/tests/crypto/test_cases/test_vectors_ecdsa_sign.c deleted file mode 100644 index d0a51837241a..000000000000 --- a/tests/crypto/test_cases/test_vectors_ecdsa_sign.c +++ /dev/null @@ -1,711 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include -#include "common_test.h" - -/**@brief ECDSA test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Component-Testing - */ - -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-256 - first test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp224r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA256 1"), - .p_input = - "00c6fc53c1986d19a8a8b580ee553dc1240745d760647d1c0adf442c133c7f56", - .p_qx = "4c741e4d20103670b7161ae72271082155838418084335338ac38fa4", - .p_qy = "db7919151ac28587b72bad7ab180ec8e95ab9e2c8d81d9b9d7e2e383", - .p_x = "888fc992893bdd8aa02c80768832605d020b81ae0b25474154ec89aa" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-256 - second test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp224r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA256 2"), - .p_input = - "fb5dd3b8d280fe7c4838f01b2a5c28493ed3084f46b40642600ba39e43fbff7b", - .p_qx = "897089f4ef05b943eeac06589f0e09ccc571a6add3eb1610a2fc830f", - .p_qy = "62ba3f6b3e6f0f062058b93e6f25b6041246c5be13584a41cae7e244", - .p_x = "5b5a3e186e7d5b9b0fbdfc74a05e0a3d85dc4be4c87269190c839972" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-256 - third test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp224r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA256 3"), - .p_input = - "f4083aebe08c9bdb8c08ff844ffc207f80fa4406fb73bdbc1c6020f71281bdae", - .p_qx = "40a4ab1e6a9f84b4dedb81795e6a7124d1cfdfd7ec64c5d4b9e32666", - .p_qy = "83aa32a3c2fc068e62626f2dafce5d7f050e826e5c145cd2d13d1b27", - .p_x = "f60b3a4d4e31c7005a3d2d0f91cb096d016a8ddb5ab10ecb2a549170" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-512 - first test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp224r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA512 1"), - .p_input = - "3edbb59a32b2464291d0a96023a798c1fc6cb5ff4fcecfadcfac2be00c26fa27181aef" - "76c96d8269aeaf2275eeacbb777abbd9571de9279edc5695a3345cad9b", - .p_qx = "ac635fe00e8b7a3c8ef5655bdfb7f83e8532e59c0cc0b6534d810ffa", - .p_qy = "1d067aebeba66e79b28ecfe59ac6fdf5e1970dc3a84499c9d90cd8e2", - .p_x = "ba5374541c13597bded6880849184a593d69d3d4f0b1cb4d0919cbd6" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-512 - second test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp224r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA512 2"), - .p_input = - "825ab979af5c263d9f074a2d771d1d1cdfa435e7938245a3c9ee30cb77ee8c1475051d" - "2f09d7d11d920a6c754bfd253903131c491994679cafdb8cfbf32b763d", - .p_qx = "ecaea8ceea55c3bd418fd34a4ff2499e25e66a104eed846bc00c31d2", - .p_qy = "3933a356ab1f2dabc303ff0a5d076131e77032e6f502336883bf78a7", - .p_x = "1e27187134d0a63542adf4665fba22f00cfc7b0a1e02effe913ceedc" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-512 - third test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp224r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA512 3"), - .p_input = - "d0db7c20c201cd8c63ca777293543750d7f6a9e375b056e74cfe9fb2c95b2cc9807d8a" - "9607a5b0fad6eeda86e4f73ace139e77a5356181b8cbef3f88173253b6", - .p_qx = "d656b73b131aa4c6336a57849ce0d3682b6ab2113d013711e8c29762", - .p_qy = "6328335ffc2029afbfe2a15cc5636978778c3f9dab84840b05f2e705", - .p_x = "0905b40e6c29bfcbf55e04266f68f10ca8d3905001d68bb61a27749b" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-256 - invalid Q test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp224r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 Q changed SHA256"), - .p_input = - "00c6fc53c1986d19a8a8b580ee553dc1240745d760647d1c0adf442c133c7f56", - .p_qx = "897089f4ef05b943eeac06589f0e09ccc571a6add3eb1610a2fc830f", - .p_qy = "62ba3f6b3e6f0f062058b93e6f25b6041246c5be13584a41cae7e244", - .p_x = "888fc992893bdd8aa02c80768832605d020b81ae0b25474154ec89aa" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-256 - invalid X test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp224r1_SHA256_inv_x) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 X changed SHA256"), - .p_input = - "00c6fc53c1986d19a8a8b580ee553dc1240745d760647d1c0adf442c133c7f56", - .p_qx = "4c741e4d20103670b7161ae72271082155838418084335338ac38fa4", - .p_qy = "db7919151ac28587b72bad7ab180ec8e95ab9e2c8d81d9b9d7e2e383", - .p_x = "5b5a3e186e7d5b9b0fbdfc74a05e0a3d85dc4be4c87269190c839972" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-512 - invalid Q test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp224r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 Q changed SHA512"), - .p_input = - "3edbb59a32b2464291d0a96023a798c1fc6cb5ff4fcecfadcfac2be00c26fa27181aef" - "76c96d8269aeaf2275eeacbb777abbd9571de9279edc5695a3345cad9b", - .p_qx = "ecaea8ceea55c3bd418fd34a4ff2499e25e66a104eed846bc00c31d2", - .p_qy = "3933a356ab1f2dabc303ff0a5d076131e77032e6f502336883bf78a7", - .p_x = "ba5374541c13597bded6880849184a593d69d3d4f0b1cb4d0919cbd6" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-224, SHA-512 - invalid X test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp224r1_sha512_inv_x) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 X changed SHA512"), - .p_input = - "3edbb59a32b2464291d0a96023a798c1fc6cb5ff4fcecfadcfac2be00c26fa27181aef" - "76c96d8269aeaf2275eeacbb777abbd9571de9279edc5695a3345cad9b", - .p_qx = "ac635fe00e8b7a3c8ef5655bdfb7f83e8532e59c0cc0b6534d810ffa", - .p_qy = "1d067aebeba66e79b28ecfe59ac6fdf5e1970dc3a84499c9d90cd8e2", - .p_x = "1e27187134d0a63542adf4665fba22f00cfc7b0a1e02effe913ceedc" -}; -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-256 - first test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 1"), - .p_input = - "44acf6b7e36c1342c2c5897204fe09504e1e2efb1a900377dbc4e7a6a133ec56", - .p_qx = "1ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83", - .p_qy = "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9", - .p_x = "519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-256 - second test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 2"), - .p_input = - "9b2db89cb0e8fa3cc7608b4d6cc1dec0114e0b9ff4080bea12b134f489ab2bbc", - .p_qx = "e266ddfdc12668db30d4ca3e8f7749432c416044f2d2b8c10bf3d4012aeffa8a", - .p_qy = "bfa86404a2e9ffe67d47c587ef7a97a7f456b863b4d02cfc6928973ab5b1cb39", - .p_x = "0f56db78ca460b055c500064824bed999a25aaf48ebb519ac201537b85479813" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-256 - third test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 3"), - .p_input = - "b804cf88af0c2eff8bbbfb3660ebb3294138e9d3ebd458884e19818061dacff0", - .p_qx = "74ccd8a62fba0e667c50929a53f78c21b8ff0c3c737b0b40b1750b2302b0bde8", - .p_qy = "29074e21f3a0ef88b9efdf10d06aa4c295cc1671f758ca0e4cd108803d0f2614", - .p_x = "e283871239837e13b95f789e6e1af63bf61c918c992e62bca040d64cad1fc2ef" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-512 - first test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA512 1"), - .p_input = - "a59ca4dd2b0347f4f2702a8962878a206775fd91047040be60463119f02aa829b7360b" - "940b2785395406c280375c5d90ee655e51d4120df256b9a6287161c7fc", - .p_qx = "6b738de3398b6ac57b9591f9d7985dd4f32137ad3460dcf8970c1390cb9eaf8d", - .p_qy = "83bc61e26d2bbbd3cf2d2ab445a2bc4ab5dde41f4a13078fd1d3cc36ab596d57", - .p_x = "9dd0d3a3d514c2a8adb162b81e3adfba3299309f7d2018f607bdb15b1a25f499" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-512 - second test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA512 2"), - .p_input = - "9e359350e87e7573ad9894cd4aad6c6202a58e9938d098dbf65650fc6f04fce3664b9a" - "db234bfa0821788223a306daaa3e62bd46b19d7eb7a725bc5bce8998f3", - .p_qx = "f2a6674d4e86152a527199bed293fa63acde1b4d8a92b62e552210ba45c38792", - .p_qy = "c72565c24f0eee6a094af341ddd8579747b865f91c8ed5b44cda8a19cc93776f", - .p_x = "f9bf909b7973bf0e3dad0e43dcb2d7fa8bda49dbe6e5357f8f0e2bd119be30e6" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-512 - third test case */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp256r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA512 3"), - .p_input = - "ff5e80ccbb51b75742a1f0e632b4c6cd119692f2aca337378f7eb2f3b17fc3d912828b" - "7e1655d2263d8757715eea31493aa89dfe1db143a8fa13f89a00379938", - .p_qx = "70b877b5e365fcf08140b1eca119baba662879f38e059d074a2cb60b03ea5d39", - .p_qy = "5f56f94d591df40b9f3b8763ac4b3dbe622c956d5bd0c55658b6f46fa3deb201", - .p_x = "724567d21ef682dfc6dc4d46853880cfa86fe6fea0efd51fac456f03c3d36ead" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-256 - invalid Q test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp256r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 Q changed SHA256"), - .p_input = - "44acf6b7e36c1342c2c5897204fe09504e1e2efb1a900377dbc4e7a6a133ec56", - .p_qx = "e266ddfdc12668db30d4ca3e8f7749432c416044f2d2b8c10bf3d4012aeffa8a", - .p_qy = "bfa86404a2e9ffe67d47c587ef7a97a7f456b863b4d02cfc6928973ab5b1cb39", - .p_x = "519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-512 - invalid Q test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp256r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 Q changed SHA512"), - .p_input = - "a59ca4dd2b0347f4f2702a8962878a206775fd91047040be60463119f02aa829b7360b" - "940b2785395406c280375c5d90ee655e51d4120df256b9a6287161c7fc", - .p_qx = "f2a6674d4e86152a527199bed293fa63acde1b4d8a92b62e552210ba45c38792", - .p_qy = "c72565c24f0eee6a094af341ddd8579747b865f91c8ed5b44cda8a19cc93776f", - .p_x = "9dd0d3a3d514c2a8adb162b81e3adfba3299309f7d2018f607bdb15b1a25f499" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-256 - invalid X test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp256r1_SHA256_inv_x) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 X changed SHA256"), - .p_input = - "44acf6b7e36c1342c2c5897204fe09504e1e2efb1a900377dbc4e7a6a133ec56", - .p_qx = "1ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83", - .p_qy = "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9", - .p_x = "0f56db78ca460b055c500064824bed999a25aaf48ebb519ac201537b85479813" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-256, SHA-512 - invalid X test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp256r1_sha512_inv_x) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 X changed SHA512"), - .p_input = - "a59ca4dd2b0347f4f2702a8962878a206775fd91047040be60463119f02aa829b7360b" - "940b2785395406c280375c5d90ee655e51d4120df256b9a6287161c7fc", - .p_qx = "6b738de3398b6ac57b9591f9d7985dd4f32137ad3460dcf8970c1390cb9eaf8d", - .p_qy = "83bc61e26d2bbbd3cf2d2ab445a2bc4ab5dde41f4a13078fd1d3cc36ab596d57", - .p_x = "f9bf909b7973bf0e3dad0e43dcb2d7fa8bda49dbe6e5357f8f0e2bd119be30e6" -}; -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-256 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp384r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA256 1"), - .p_input = - "bbbd0a5f645d3fda10e288d172b299455f9dff00e0fbc2833e18cd017d7f3ed1", - .p_qx = "0400193b21f07cd059826e9453d3e96dd145041c97d49ff6b7047f86bb0b0439e9" - "09274cb9c282bfab88674c0765bc75", - .p_qy = "f70d89c52acbc70468d2c5ae75c76d7f69b76af62dcf95e99eba5dd11adf8f42ec" - "9a425b0c5ec98e2f234a926b82a147", - .p_x = "c602bc74a34592c311a6569661e0832c84f7207274676cc42a89f058162630184b5" - "2f0d99b855a7783c987476d7f9e6b" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-256 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp384r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA256 2"), - .p_input = - "e4cb4f2f94793f4a471a1e1de49b2c6ceb5825c5d02c69a7fe122eebda7b28b9", - .p_qx = "b36418a3014074ec9bbcc6a4b2367a4fb464cca7ec0a324cb68670d5c5e03e7a7e" - "b07da117c5ea50b665ab62bd02a491", - .p_qy = "4ea299c30e7d76e2c5905babada2d3bb4ee5eb35a5a23605cdb0d5133471a53eb9" - "e6758e49105a4eaf29d2267ba84ef2", - .p_x = "0287f62a5aa8432ff5e95618ec8f9ccaa870dde99c30b51b7673378efe4ccac598f" - "4bbebbfd8993f9abb747b6ad638b9" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-256 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp384r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA256 3"), - .p_input = - "a22a3d3da784a68d37ae5aaca8ef28dc1ceefc8e530431e455dd2bb2ed969684", - .p_qx = "c703835d723c85c643260379d8445b0c816fe9534351921e14a8e147fe140ec7b0" - "c4d704f8dc66a232b2333b28f03dee", - .p_qy = "c5d0bb054053fd86c26f147c4966757aa04b00513a02d427b8d06c16055c607955" - "efdc518d338abfe7927c195dc28588", - .p_x = "d44d3108873977036c9b97e03f914cba2f5775b68c425d550995574081191da764a" - "cc50196f6d2508082a150af5cd41f" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-512 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp384r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA512 1"), - .p_input = - "f863cf3749ae5256da0ceb2e6d391fcce939b1490b024527687b1a2908da35c48b4425" - "5d82956c76d70672c41c6456d78c57342e932490083f73016b560a0245", - .p_qx = "fb937e4a303617b71b6c1a25f2ac786087328a3e26bdef55e52d46ab5e69e5411b" - "f9fc55f5df9994d2bf82e8f39a153e", - .p_qy = "a97d9075e92fa5bfe67e6ec18e21cc4d11fde59a68aef72c0e46a28f31a9d60385" - "f41f39da468f4e6c3d3fbac9046765", - .p_x = "217afba406d8ab32ee07b0f27eef789fc201d121ffab76c8fbe3c2d352c594909ab" - "e591c6f86233992362c9d631baf7c" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-512 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp384r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA512 2"), - .p_input = - "68944ca920620e1d42184d264c4ffe295882f00079f9daaaa0efc305fe10cc7bbc6679" - "85c148eacb51ee1c05a6d8a861e98371a045e11e18e200ad52d5b4cb13", - .p_qx = "832cbb7061a719a316e73dbad348fa67cd17c33f40b9000a3d3b691a2a2cd82105" - "2566717c3ead01089b56086af1366f", - .p_qy = "1e15a048d1dce642d9ebcbfac7f92b1bcee90fd0240cc79abd29e32e0e655c4ee1" - "fd34fb88178bba92aca100e7794ed0", - .p_x = "0a3f45a28a355381a919372f60320d6610cfb69c3e318eb1607db3cadfc42b728b7" - "7a6a9e9e333de9183c58933daf60f" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-512 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp384r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA512 3"), - .p_input = - "8876ecd423fd0e903364fac777897b80b31c03f0f1ef1678372a6cb240ab701e49b51b" - "798fd8e588ab39db7d3c77879901916babdd0ef0632cc16d5ccb9d1535", - .p_qx = "a2b24a5ad4a2e91f12199ed7699e3f297e27bf8b8ea8fbe7ed28366f3544cd8e68" - "0c238450f8a6422b40829d6647b25c", - .p_qy = "2732be0075536e6519f6a099b975a40f8e0de337fa4d48bd0762b43f41cab8deaf" - "def9cfbb9973e457801e3bf9c93304", - .p_x = "2e408c57921939f0e0fe2e80ce74a4fa4a1b4fa7ab070206298fe894d655be50e25" - "83af9e45544b5d69c73dce8a2c8e7" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-256 - invalid Q test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp384r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 Q changed SHA256"), - .p_input = - "bbbd0a5f645d3fda10e288d172b299455f9dff00e0fbc2833e18cd017d7f3ed1", - .p_qx = "b36418a3014074ec9bbcc6a4b2367a4fb464cca7ec0a324cb68670d5c5e03e7a7e" - "b07da117c5ea50b665ab62bd02a491", - .p_qy = "4ea299c30e7d76e2c5905babada2d3bb4ee5eb35a5a23605cdb0d5133471a53eb9" - "e6758e49105a4eaf29d2267ba84ef2", - .p_x = "c602bc74a34592c311a6569661e0832c84f7207274676cc42a89f058162630184b5" - "2f0d99b855a7783c987476d7f9e6b" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-256 - invalid X test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp384r1_SHA256_inv_x) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 X changed SHA256"), - .p_input = - "bbbd0a5f645d3fda10e288d172b299455f9dff00e0fbc2833e18cd017d7f3ed1", - .p_qx = "0400193b21f07cd059826e9453d3e96dd145041c97d49ff6b7047f86bb0b0439e9" - "09274cb9c282bfab88674c0765bc75", - .p_qy = "f70d89c52acbc70468d2c5ae75c76d7f69b76af62dcf95e99eba5dd11adf8f42ec" - "9a425b0c5ec98e2f234a926b82a147", - .p_x = "0287f62a5aa8432ff5e95618ec8f9ccaa870dde99c30b51b7673378efe4ccac598f" - "4bbebbfd8993f9abb747b6ad638b9" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-512 - invalid Q test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp384r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 Q changed SHA512"), - .p_input = - "f863cf3749ae5256da0ceb2e6d391fcce939b1490b024527687b1a2908da35c48b4425" - "5d82956c76d70672c41c6456d78c57342e932490083f73016b560a0245", - .p_qx = "832cbb7061a719a316e73dbad348fa67cd17c33f40b9000a3d3b691a2a2cd82105" - "2566717c3ead01089b56086af1366f", - .p_qy = "1e15a048d1dce642d9ebcbfac7f92b1bcee90fd0240cc79abd29e32e0e655c4ee1" - "fd34fb88178bba92aca100e7794ed0", - .p_x = "217afba406d8ab32ee07b0f27eef789fc201d121ffab76c8fbe3c2d352c594909ab" - "e591c6f86233992362c9d631baf7c" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-384, SHA-512 - invalid X test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp384r1_sha512_inv_x) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 X changed SHA512"), - .p_input = - "f863cf3749ae5256da0ceb2e6d391fcce939b1490b024527687b1a2908da35c48b4425" - "5d82956c76d70672c41c6456d78c57342e932490083f73016b560a0245", - .p_qx = "fb937e4a303617b71b6c1a25f2ac786087328a3e26bdef55e52d46ab5e69e5411b" - "f9fc55f5df9994d2bf82e8f39a153e", - .p_qy = "a97d9075e92fa5bfe67e6ec18e21cc4d11fde59a68aef72c0e46a28f31a9d60385" - "f41f39da468f4e6c3d3fbac9046765", - .p_x = "0a3f45a28a355381a919372f60320d6610cfb69c3e318eb1607db3cadfc42b728b7" - "7a6a9e9e333de9183c58933daf60f" -}; - -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-256 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp521r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA256 1"), - .p_input = - "53e6537cb6ea68ae47a81611c22756d770d7a37e336c3af0b0814b04fa39434b", - .p_qx = "007d042ca19408524e68b981f1419351e3b84736c77fe58fee7d11317df2e850d960c7" - "dd10d10ba714c8a609d163502b79d682e8bbecd4f52591d2748533e45a867a", - .p_qy = "0197ac6416111ccf987d290459ebc8ad9ec56e49059c992155539a36a626631f4a2d89" - "164b985154f2dddc0281ee5b5178271f3a76a0914c3fcd1f97be8e8376efb3", - .p_x = "01e8c05996b85e6f3f875712a09c1b40672b5e7a78d5852de01585c5fb990bf3812" - "c3245534a714389ae9014d677a449efd658254e610da8e6cad33414b9d33e0d7a" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-256 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp521r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA256 2"), - .p_input = - "40aef13bb7192a564d72ba58f7efad15635248eca49619b4182bf6f979842d6f", - .p_qx = "010038bb9a7aea626de68c14c64243150e72c69e2f8a1ab922bfbdaa6f33d24fb4542c" - "0324357b0dd640bbcd07632ecd253f64ca2bfbfbf3de9b24fffd0568ab82da", - .p_qy = "00faf867d95308cc36d6f46844a0f535dc70f9768eed011a2464d2f308fa1d8e72c361" - "6aec7e70516908183ffce7fdd36984a15f73efaa3858c2edf16a784d40e6c2", - .p_x = "00b65bf33b2f27d52cbfabcadce741e691bf4762089afd37964de1a0deda98331bf" - "8c74020a14b52d44d26e2f6fa7bcddbe83be7db17a0c8a1b376469cf92c6da27c" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-256 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp521r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA256 3"), - .p_input = - "6fd829bd5fc68d7a36436284c1282e3fae76ba44c5babcee423142c1cf2b52c4", - .p_qx = "00fb3868238ca840dbb36ecc6cf04f5f773ea0ab8e8b0fdcf779dc4039a8d7146a4175" - "04e953c0cb5e7f4e599cc2c168deda8b7f16084b5582f89f2ece4cae5167f7", - .p_qy = "01f90b5c15eeda48e747cf3ee8183166a49dbfac6161cbd09d29d40a6854f4c495e88a" - "435892a920cdaad20d41985890b648badd4f0a858ffcbd9afdfc23134ede18", - .p_x = "002c4e660609e99becd61c14d043e8b419a663010cc1d8f9469897d7d0a4f076a61" - "9a7214a2a9d07957b028f7d8539ba7430d0b9a7de08beeeae8452d7bb0eac669d" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-512 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp521r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA512 1"), - .p_input = - "65f83408092261bda599389df03382c5be01a81fe00a36f3f4bb6541263f801627c440" - "e50809712b0cace7c217e6e5051af81de9bfec3204dcd63c4f9a741047", - .p_qx = "0061387fd6b95914e885f912edfbb5fb274655027f216c4091ca83e19336740fd81aed" - "fe047f51b42bdf68161121013e0d55b117a14e4303f926c8debb77a7fdaad1", - .p_qy = "00e7d0c75c38626e895ca21526b9f9fdf84dcecb93f2b233390550d2b1463b7ee3f58d" - "f7346435ff0434199583c97c665a97f12f706f2357da4b40288def888e59e6", - .p_x = "00f749d32704bc533ca82cef0acf103d8f4fba67f08d2678e515ed7db886267ffaf" - "02fab0080dca2359b72f574ccc29a0f218c8655c0cccf9fee6c5e567aa14cb926" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-512 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp521r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA512 2"), - .p_input = - "a6200971c6a289e2fcb80f78ec08a5079ea2675efd68bcab479552aa5bcb8edf3c993c" - "79d7cebcc23c20e5af41723052b871134cc71d5c57206182a7068cc39b", - .p_qx = "004d5c8afee038984d2ea96681ec0dccb6b52dfa4ee2e2a77a23c8cf43ef19905a34d6" - "f5d8c5cf0981ed804d89d175b17d1a63522ceb1e785c0f5a1d2f3d15e51352", - .p_qy = "0014368b8e746807b2b68f3615cd78d761a464ddd7918fc8df51d225962fdf1e3dc243" - "e265100ff0ec133359e332e44dd49afd8e5f38fe86133573432d33c02fa0a3", - .p_x = "01a4d2623a7d59c55f408331ba8d1523b94d6bf8ac83375ceb57a2b395a5bcf977c" - "fc16234d4a97d6f6ee25a99aa5bff15ff535891bcb7ae849a583e01ac49e0e9b6" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-512 */ -ITEM_REGISTER( - test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t test_vector_ecdsa_sign_secp521r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA512 3"), - .p_input = - "46ff533622cc90321a3aeb077ec4db4fbf372c7a9db48b59de7c5d59e6314110676ba5" - "491bd20d0f02774eef96fc2e88ca99857d21ef255184c93fb1ff4f01d3", - .p_qx = "00c2d540a7557f4530de35bbd94da8a6defbff783f54a65292f8f76341c996cea38795" - "805a1b97174a9147a8644282e0d7040a6f83423ef2a0453248156393a1782e", - .p_qy = "0119f746c5df8cec24e4849ac1870d0d8594c799d2ceb6c3bdf891dfbd2242e7ea24d6" - "aec3166214734acc4cbf4da8f71e2429c5c187b2b3a048527c861f58a9b97f", - .p_x = "014787f95fb1057a2f3867b8407e54abb91740c097dac5024be92d5d65666bb16e4" - "879f3d3904d6eab269cf5e7b632ab3c5f342108d1d4230c30165fba3a1bf1c66f" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-256 - invalid Q test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp521r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 Q changed SHA256"), - .p_input = - "53e6537cb6ea68ae47a81611c22756d770d7a37e336c3af0b0814b04fa39434b", - .p_qx = "004d5c8afee038984d2ea96681ec0dccb6b52dfa4ee2e2a77a23c8cf43ef19905a34d6" - "f5d8c5cf0981ed804d89d175b17d1a63522ceb1e785c0f5a1d2f3d15e51352", - .p_qy = "0014368b8e746807b2b68f3615cd78d761a464ddd7918fc8df51d225962fdf1e3dc243" - "e265100ff0ec133359e332e44dd49afd8e5f38fe86133573432d33c02fa0a3", - .p_x = "01e8c05996b85e6f3f875712a09c1b40672b5e7a78d5852de01585c5fb990bf3812" - "c3245534a714389ae9014d677a449efd658254e610da8e6cad33414b9d33e0d7a" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-512 - invalid Q test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp521r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 Q changed SHA512"), - .p_input = - "65f83408092261bda599389df03382c5be01a81fe00a36f3f4bb6541263f801627c440" - "e50809712b0cace7c217e6e5051af81de9bfec3204dcd63c4f9a741047", - .p_qx = "004d5c8afee038984d2ea96681ec0dccb6b52dfa4ee2e2a77a23c8cf43ef19905a34d6" - "f5d8c5cf0981ed804d89d175b17d1a63522ceb1e785c0f5a1d2f3d15e51352", - .p_qy = "0014368b8e746807b2b68f3615cd78d761a464ddd7918fc8df51d225962fdf1e3dc243" - "e265100ff0ec133359e332e44dd49afd8e5f38fe86133573432d33c02fa0a3", - .p_x = "00f749d32704bc533ca82cef0acf103d8f4fba67f08d2678e515ed7db886267ffaf" - "02fab0080dca2359b72f574ccc29a0f218c8655c0cccf9fee6c5e567aa14cb926" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-256 - invalid X test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp521r1_SHA256_inv_x) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 X changed SHA256"), - .p_input = - "53e6537cb6ea68ae47a81611c22756d770d7a37e336c3af0b0814b04fa39434b", - .p_qx = "007d042ca19408524e68b981f1419351e3b84736c77fe58fee7d11317df2e850d960c7" - "dd10d10ba714c8a609d163502b79d682e8bbecd4f52591d2748533e45a867a", - .p_qy = "0197ac6416111ccf987d290459ebc8ad9ec56e49059c992155539a36a626631f4a2d89" - "164b985154f2dddc0281ee5b5178271f3a76a0914c3fcd1f97be8e8376efb3", - .p_x = "01a4d2623a7d59c55f408331ba8d1523b94d6bf8ac83375ceb57a2b395a5bcf977c" - "fc16234d4a97d6f6ee25a99aa5bff15ff535891bcb7ae849a583e01ac49e0e9b6" -}; - -/* ECDSA sign - NIST CAVS 11.2 P-521, SHA-512 - invalid X test case */ -ITEM_REGISTER(test_vector_ecdsa_sign_data, - test_vector_ecdsa_sign_t - test_vector_ecdsa_sign_secp521r1_sha512_inv_x) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_sign_err_code = 0, - .expected_verify_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 X changed SHA512"), - .p_input = - "65f83408092261bda599389df03382c5be01a81fe00a36f3f4bb6541263f801627c440" - "e50809712b0cace7c217e6e5051af81de9bfec3204dcd63c4f9a741047", - .p_qx = "0061387fd6b95914e885f912edfbb5fb274655027f216c4091ca83e19336740fd81aed" - "fe047f51b42bdf68161121013e0d55b117a14e4303f926c8debb77a7fdaad1", - .p_qy = "00e7d0c75c38626e895ca21526b9f9fdf84dcecb93f2b233390550d2b1463b7ee3f58d" - "f7346435ff0434199583c97c665a97f12f706f2357da4b40288def888e59e6", - .p_x = "01a4d2623a7d59c55f408331ba8d1523b94d6bf8ac83375ceb57a2b395a5bcf977c" - "fc16234d4a97d6f6ee25a99aa5bff15ff535891bcb7ae849a583e01ac49e0e9b6" -}; - -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ diff --git a/tests/crypto/test_cases/test_vectors_ecdsa_verify.c b/tests/crypto/test_cases/test_vectors_ecdsa_verify.c deleted file mode 100644 index 047d37185756..000000000000 --- a/tests/crypto/test_cases/test_vectors_ecdsa_verify.c +++ /dev/null @@ -1,1259 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief ECDSA test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Component-Testing - */ - -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) -#if defined(MBEDTLS_SHA256_C) -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA256 1"), - .p_input = - "f1d42d1c663fa4d88325458d31fb08b35e8fac7cebc04b224db57439680c9be4", - .p_qx = "b870597b4b8dc8fc07ed59b6f079e87936d56d0326c17249", - .p_qy = "e54c404920cd530f0680d8aa2a4fb70b5f8605e6ebbf2751", - .p_r = "b53dc1abd4f65d5e0506fa146bee65ecb6cd5353830b67ea", - .p_s = "aa44232f2fa6613f85fda824ded69e4137cdf5688c6b3ba9" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA256 2"), - .p_input = - "cab19f4afca519c6c8a2a09ba7e631ff56cc898694b64123b62e3c94b9fb4696", - .p_qx = "795bbf28b86af380c2b080e622f92f81de6d2af41a39bc39", - .p_qy = "3d3bcfcbe704426e95d0edbf40eae25a259af239b00158c9", - .p_r = "5a3fd911aac408cce41e0eaf42761cce155c5a6efe03df11", - .p_s = "605ffbb146bf787888d9c3e45f79d0bc6959dcfacfaea437" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA256 3"), - .p_input = - "786f3a4c00a899bfcd2a79e59ad387562c49e01370ee2fc9feab605a3552e37d", - .p_qx = "8109731205bd9e363c0521cddf94af58129af3f38d276f2a", - .p_qy = "9fcf7695165bafb39c2d53b61c4ccfed3891abc6db1fc22c", - .p_r = "cac3fe60f567724f7afb825aeda68c3b345b44ef3879dc70", - .p_s = "4544b7d4457b61b66cabfd6174f2c5a594b2c0f300b0e8ea" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp192r1 R changed SHA256"), - .p_input = - "e9097723aedbac5d15745568fdca435aea353bd0c002b12f9253ee4424377c61", - .p_qx = "390ca1526943a85332c96aab75a10ec30fda9fb197ded9aa", - .p_qy = "1260266139849659339e3cbb83a9ee3a63f45ff7b96266bb", - .p_r = "fdbe0c0864213e258abbedc29dd359a4c58e060c351b15fd", - .p_s = "3dc705de56f9c1d6e7774dbb70dd48d34c891bcffbcc30df" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp192r1 S changed SHA256"), - .p_input = - "4e2ddd608a1de8f2f929947c5bb722345724f909e4e18effd571299c480217d1", - .p_qx = "8698b9f47ce024b0a139d1aee610c1d549aa3512a990b211", - .p_qy = "998be4c51c70d4fea9b2b2e274dad47175f9d68c8a1c28a4", - .p_r = "13d7c9f471863cd4ee3ce5458f1fa436f12f50f965ee40bc", - .p_s = "8cce6c1787a66f30679b92de51cd3b04a0c1900bc1008133" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp192r1 Q changed SHA256"), - .p_input = - "f7d05383c1dd96d0db53de2c33c68eae1fa8328639d7dbe73822ff8a4a480a4c", - .p_qx = "001e75261da06eba07f3ee911276b4b6e25ee37abf54fa41", - .p_qy = "5da176ff885ca3345508bc4c917128b2c87f6ab182113505", - .p_r = "e5e6bb6133dc7dc8926d3705cbced15d5820a29e7ac2de8d", - .p_s = "46a6e3818a7286818250cea5a023be5b401b1026ea316843" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_SHA256_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp192r1 hash changed SHA256"), - .p_input = - "66f284b189756241e94f432b945f176b561c837e75c9a71aafedddcfcd0874c6", - .p_qx = "711bdec50f8409b10fd2cfeb30e9e69c9aa27e3a535fb39a", - .p_qy = "3e90f90551e7eb7eda11fb016b0a386ebf48b4b2f3e8f272", - .p_r = "5e61c8445f402c0c16ddfcd050d2a9fbfe495537c3d76ffb", - .p_s = "09d0219f34b46c528d81d3d9c838253f942528e8f53329a2" -}; - -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA512 1"), - .p_input = - "86df477d86343fa3a5432d45122c6f025e9b35a7b14ff3db6ffdbbcc17b8cb125f59ad" - "b506c2861efca72c3dea5d39550b8bb6d65ade45f1c4f963c6ad357099", - .p_qx = "dea419cbbb2c7be3b59d6eb4db9ca48efb4835eccf8d0a48", - .p_qy = "88dde250494bb6b910e979c5fb3a2fc44d41ae3e761fe85d", - .p_r = "302648f3a89aec847742ec72209ac02d6232fe2363f72fac", - .p_s = "a1895dd201f022c17cd69dab9c5438d2b25f9368aa8b9cc3" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA512 2"), - .p_input = - "6e2286e3f4d125a0cc9d101b879c2207db690207eae578cc94bf2e3593a835fb5e07dc" - "ce35dc964dbaf641829bead62be303ba11ce819200920bf54c91f57cd7", - .p_qx = "2d3cffc6aac703d224029d243036cae359af89fb24801481", - .p_qy = "00346a43ccc3cdcc37cb9b2757d5f88fede01a5ac160f253", - .p_r = "3a844183d6a2a59255ef9105a6b8dbbd0662c227ee04be0e", - .p_s = "4f322c112b5cbdc7c23138ac51fb975cff8277676105e5f1" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp192r1 valid SHA512 3"), - .p_input = - "2b268f3f54998d777824b9b148d4c0c03bdde23053798adef5378d9c7c0a9e6e23fb0d" - "5bd8848dbd884de44b15b90e035d3e758ca8a87ca6a9722668d2478bb6", - .p_qx = "fce011d181c4d3c75043ab6936e2e9a7d6964ad47851e290", - .p_qy = "71b52d04ca114434be936d9518f05ef9791997e240da0740", - .p_r = "ee9a4782853080a2cb2415914dee9bb4245def81ffa83491", - .p_s = "a701084db2870488d00a5886f872b81c53552ef31f09addc" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_sha512_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp192r1 R changed SHA512"), - .p_input = - "50337a209852b14ae223f311667c2e05f5cc076d7afca97cce03bf799a836b99919565" - "73f435af2d2ff4122d53df2831b48c1d738edf5bb288d7f43a535b7f92", - .p_qx = "8a3939d2b4b4a5b251d383fdb6450d818f6319bd91ee1b70", - .p_qy = "88c934f7625438d118ec95085851d56e4504e553c6701be3", - .p_r = "4677fb00515485c96be8cd8556984868697edcc1170b2605", - .p_s = "7a5c09c4c65085b9a25d4a2578aac167fe31404cf8dc5858" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_sha512_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp192r1 S changed SHA512"), - .p_input = - "d70fae6073e92dc72945ddb8dc45853473dac4855f70516dbb875c970109a454e43bb9" - "b99c2bd27f6bc9560862d70830549b07365f302d5a46ca696352006c9b", - .p_qx = "28f4063b8f808a9642f2b04f794d61739b883897495cf057", - .p_qy = "9be6fde04d687ea2778f845f881b059488f916c3218f42c9", - .p_r = "15f3e034340d6763ecd73515ddf0b92e383b539c97f78b37", - .p_s = "fa77e58f64141876845f438ac6da7bd4bf8dd3097a1f27e8" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp192r1 Q changed SHA512"), - .p_input = - "53156f080461d45f7b6e3babcc2195c2db62b54ff95b0791637f195faaf5dd70d394b6" - "ed0e2a2d9ea728846327d9ca1c49add43857e565344ef132a004c8e57a", - .p_qx = "3e64f302334d85913234703619381bb0ee8d68e40334dd0e", - .p_qy = "38e6ef6fe5c364f17ff3947e294613bd07fd25e46be9ee29", - .p_r = "eea898e0fd6b8dea2a316cdd03a2f1a9adf0dd5beb004372", - .p_s = "0bd969fcc0f08281367b0b94dac13aa4737a0861e046d93f" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-192, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp192r1_sha512_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP192R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp192r1 hash changed SHA512"), - .p_input = - "5fafc1d67fdb7c64373c35befc61bd886a3c433493dfdbe67c0fcf4ef2f76e1c808b11" - "f68621743b4f8c3f71787850fd588c33fdf5bea7b8b9700d957715a8e1", - .p_qx = "d008c455eadcdb98234cb6ad2d9876b82c5b0c8867ba86d9", - .p_qy = "32c009ec81f8eeb99859af65e246d089d3a0c0cdaecef798", - .p_r = "79f619e30cd68028263f107beab00ce2375c570a4be16487", - .p_s = "82257c9eaf1e7ace39e2804e535d7df86158cf1c40425f50" -}; - -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -#if defined(MBEDTLS_SHA256_C) - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA256 1"), - .p_input = - "831979405db4eb9dadf01249fa15f68d4846e0ece70a320d3022f75f3dc281cc", - .p_qx = "34c5ff3de565b85bfdd9f0a8b3fb0d46f924c57b276bcc830a1ed580", - .p_qy = "609d22200ef38b410da77f7a8ff2f58448188042978fd9ae1b2b4477", - .p_r = "f0138024fe0516738f3bd0e0fec10defaca8c3b89c161a77489cf2b7", - .p_s = "4ae0934266d9e3d64c2a12f546b132ba0f33ef50abc90e7ef5974805" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA256 2"), - .p_input = - "25ef291dd6a2047ea193f8aedd3f4692f2c135cb519922a17cba3e969423b030", - .p_qx = "a580f9a0cd15abff8e1e712f16b0fd4142d0d773af3c657abc06c2a6", - .p_qy = "22c6286340dc072e64274209eda60503047700571caee64b4a2306c2", - .p_r = "c6fae06274dc052e482102520b49d4ccc4cb7eb8a3ea41bd3680ddad", - .p_s = "50d66b75a2bbd0468be1f9e61bfda85b6329505b0134d60846cbe4b7" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA256 3"), - .p_input = - "e8f714f901cd2390c66f9fa9cb81ecc5f17a82bd934cf19c5ce2bcbd3a985de9", - .p_qx = "5d67c1fca848ba7f3d9de5b1894d3993ac4ebe68cdb0b49553b3b0e9", - .p_qy = "07c219a8323273c81f5694306d0dd1d133a49efce5003bc90f05578f", - .p_r = "767cb6b2efa7a40739830659b0cc24fe3de771d00104b3dcc0f640bc", - .p_s = "f2e7268bc011d79d33f3551d2edd3c95f324955479b8e29e8aba629b" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_SHA256_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 R changed SHA256"), - .p_input = - "21a9f65d4cdcc287e0bf330e4f76f1168d16d0cea796dd6c0e13cd2837decaf1", - .p_qx = "13e84ec2eb993818d7d78330855ee2fbe8ddb548a5e4198e2087b3b2", - .p_qy = "c95dff249e10c506fb547a92ade53c61ddbb667c760e4127a1a7f806", - .p_r = "ed26f00ed696e114305c546ed04db5fc35efa43059c0d8bbcd418d0c", - .p_s = "6e16efbe9501e3055d74966a49232cd76b5d1241468788b4cc7378b4" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_SHA256_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 S changed SHA256"), - .p_input = - "489cd3c10d94f7f284bc4ea472634a5d7f0d280d5abbf139c110ef80c8bf463f", - .p_qx = "465afb14f4bf85022ac1f635f46c0b2f6548bace9352d32f74eab012", - .p_qy = "036371a3246dbf1069d2d268ca431553d1f2bf0181225145881b7be0", - .p_r = "9bcd57a2fec2518903e4b13dc0a7b84bafed5c4908546e94ffae87ed", - .p_s = "a337e06582f6b3973df38b93a0fb2a63f7774b62db50dba557e5cfcc" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 Q changed SHA256"), - .p_input = - "d8454640ad1f4632cc667823418ae56c62028825d727adfc84afdb0842b0c9a4", - .p_qx = "8856fb8b81a4eacd971a954560018f33cbb71cc1fc243d03f63cabcb", - .p_qy = "28afa26baf31b4d89de1dadd2289006f836f23a11383817ec7e4e799", - .p_r = "efccef331805e71bbf876cbbc2342a6bc4508aea7c691029c8396aef", - .p_s = "bed544d09e28dbf01a30b2cfb61b98ad6201a9818f22b4f543f3e7f5" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_SHA256_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 hash changed SHA256"), - .p_input = - "d62496d0ee0453e7f13f8d9c57adcd33442a5365f626381ed665f95f528aa198", - .p_qx = "16c23c93699cf665a5da8b2d4baa72c36158d3433b1b945e47204b0d", - .p_qy = "12023703e1b59ec9054ff22d15567b9f74058b47cc13f2ca08ab77c1", - .p_r = "ada849b673a1bd2949a8b4d8fdfc239ec53524a356d37da3c9d17ae2", - .p_s = "698de3a3d8697c2e8e5b2c85fceb8796750c5b44154f01ce86d99e24" -}; - -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA512 1"), - .p_input = - "eaa81b1236121db12f2036611eb6d3e5386f5733125fb26844cb4188109aae402525fc" - "63bcd73494c36c170d1934b108739d79b0c4f184bd85ffce93b1beecde", - .p_qx = "c6a65011926eb64e02bf472d5ba37841d49cfb7f17a20fb9f59355de", - .p_qy = "386ccb33d944fd7be6b8531863d2b6200cd602d300d7e7681537e53f", - .p_r = "9e7c637a699dd52512faea847079f0ad41b20cd7a5461c36d01e857e", - .p_s = "dec6e9ef361de3f6ec7d87de3129eaac5fd0b43b5f7f58ce46c29173" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA512 2"), - .p_input = - "680aaa97b939a5031737a40b9e34e5fb8047b8a6e495c7c90653458072cb423fb098e6" - "ecef15c9d62d4443337f61cde237c66c1683753e65f8bced5298375bf5", - .p_qx = "f10652c3c2c30a765564f5e393c6c202d436c81fc7d71b88857bd458", - .p_qy = "42979ba5e6c8cd044e262c73e6aa918d8c3e0e08e4bf98ec2d5c6f57", - .p_r = "072e0b130267d8e124dda2d0604f4c575ef4007628fa61f66bcd8f07", - .p_s = "6276475fccda3bee2af7816c7b3ec222e408cec36d0409e672af23b5" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp224r1 valid SHA512 3"), - .p_input = - "d4e0bcf58e2083383ef94b28cfb2710a4e898b2c2a0cf30bebb99c3f2dc93403dd165e" - "1a0c3773ed05adedf967fc92f0a158e5086965a29dab3a4aaa5e9f9911", - .p_qx = "dc85f6701bc95a60ea52f1c476dcb211e5e3eeba5b35dc3a3786113f", - .p_qy = "a52b364fb7c4b4c9155e4ee2d8841386b8a96cbeed1e5c9957214a50", - .p_r = "bdc7b4d3266e54a19f030f3055f83460ccf30fe8f5368be013076081", - .p_s = "82a0e3a21a8d5e9cfcc5a673385cc2d4159498b6c1ef5791b2b02f9f" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_sha512_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 R changed SHA512"), - .p_input = - "f59946dd73887a1fb945ae3e5b44b574512e36dd7d35925b0bdc3a3f69a88e50dc6eba" - "aac86092679961a99d7ba5724363c5886e7c2cd566433c5a9d59e2515d", - .p_qx = "6c6a7deef8b3dee2eaa98d8ec877dddb460365968e63ffe5c249a421", - .p_qy = "1ad1715797b5e47c4be24d7ecb8141f1772344a2f643cc66fbcf3f9d", - .p_r = "f778faa2dc2cee7de2af0bbc4339239dc240907e59ac034464ce986b", - .p_s = "2ac929588a8dc8785808c9d4366bd7b1a81e0fc5be0c63e62344c251" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_sha512_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 S changed SHA512"), - .p_input = - "330f78db9f217f95d99cbcb5414a32523025b85c87ed5aaa3a5e6b006c53cecbbd4461" - "66bb9b98e944626332c3266e82356e72110bdbf7df2431b8e7faf59e45", - .p_qx = "ea7efb9a7e7bf693dc0249504ead70dd422ec86806cd649ed57a7ffe", - .p_qy = "33dfb17b1cb244279990019286ab477a2aff2b55c08959deed0b1a28", - .p_r = "deab574de1f971419b7ba9e169866c3a6233fc627c13dc6a8cb88bdc", - .p_s = "8d4c542bb0046da1b3912652a2c84542668cd89920808785d04e4352" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 Q changed SHA512"), - .p_input = - "3cba2980faf5579c7ddbeb31c3318a162a882129a1efe1fc9acc3219a617c460701f22" - "fd7a5c46b017bd9ec9c40587127319ea14b148d2be4df9875d5bef6e4e", - .p_qx = "72013dd6f5b1eb709b3b7da234987f9a36c6f0b095620b8c31f02381", - .p_qy = "319d54c719b59d91900b3c20d963ddf1a10d80d6601ac155094b075a", - .p_r = "eb38db9b757b3cf04020f09188c789bf0258cd0467cf7d67368e8703", - .p_s = "7664e85f01e67881712b24083f89e838c8b818de4d665494e7016833" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-224, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp224r1_sha512_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP224R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp224r1 hash changed SHA512"), - .p_input = - "bb7394f9b30617419daa71573f5ed9d72732930b6d24141ea2bfb6bcdd67f4fd7a7e6c" - "aed8fcac76f50bad0616c291ff875d866b4085f2a0201289a0895a319a", - .p_qx = "89cef29515f1d30fdd283625eb59e682023bdf2eb0497288ff700b27", - .p_qy = "ca0a3f7ee4853ae8454fff6e926c7a85dc7852fb4d01cc3de861c53d", - .p_r = "0ff5dba589454d0ee5bb391a4dc8446b1ffd1cf8d66c9fc0f05a8a89", - .p_s = "987c32258cd12b6b9cdcc5915eea5eb79a30ead442179a126b97fa9e" -}; - -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED) */ - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -#if defined(MBEDTLS_SHA256_C) - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 1"), - .p_input = - "d1b8ef21eb4182ee270638061063a3f3c16c114e33937f69fb232cc833965a94", - .p_qx = "e424dc61d4bb3cb7ef4344a7f8957a0c5134e16f7a67c074f82e6e12f49abf3c", - .p_qy = "970eed7aa2bc48651545949de1dddaf0127e5965ac85d1243d6f60e7dfaee927", - .p_r = "bf96b99aa49c705c910be33142017c642ff540c76349b9dab72f981fd9347f4f", - .p_s = "17c55095819089c2e03b9cd415abdf12444e323075d98f31920b9e0f57ec871c" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 2"), - .p_input = - "b9336a8d1f3e8ede001d19f41320bc7672d772a3d2cb0e435fff3c27d6804a2c", - .p_qx = "e0fc6a6f50e1c57475673ee54e3a57f9a49f3328e743bf52f335e3eeaa3d2864", - .p_qy = "7f59d689c91e463607d9194d99faf316e25432870816dde63f5d4b373f12f22a", - .p_r = "1d75830cd36f4c9aa181b2c4221e87f176b7f05b7c87824e82e396c88315c407", - .p_s = "cb2acb01dac96efc53a32d4a0d85d0c2e48955214783ecf50a4f0414a319c05a" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA256 3"), - .p_input = - "41007876926a20f821d72d9c6f2c9dae6c03954123ea6e6939d7e6e669438891", - .p_qx = "2d98ea01f754d34bbc3003df5050200abf445ec728556d7ed7d5c54c55552b6d", - .p_qy = "9b52672742d637a32add056dfd6d8792f2a33c2e69dafabea09b960bc61e230a", - .p_r = "06108e525f845d0155bf60193222b3219c98e3d49424c2fb2a0987f825c17959", - .p_s = "62b5cdd591e5b507e560167ba8f6f7cda74673eb315680cb89ccbc4eec477dce" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_SHA256_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 R changed SHA256"), - .p_input = - "5984eab8854d0a9aa5f0c70f96deeb510e5f9ff8c51befcdc3c41bac53577f22", - .p_qx = "5cf02a00d205bdfee2016f7421807fc38ae69e6b7ccd064ee689fc1a94a9f7d2", - .p_qy = "ec530ce3cc5c9d1af463f264d685afe2b4db4b5828d7e61b748930f3ce622a85", - .p_r = "dc23d130c6117fb5751201455e99f36f59aba1a6a21cf2d0e7481a97451d6693", - .p_s = "d6ce7708c18dbf35d4f8aa7240922dc6823f2e7058cbc1484fcad1599db5018c" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_SHA256_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 S changed SHA256"), - .p_input = - "a82c31412f537135d1c418bd7136fb5fde9426e70c70e7c2fb11f02f30fdeae2", - .p_qx = "87f8f2b218f49845f6f10eec3877136269f5c1a54736dbdf69f89940cad41555", - .p_qy = "e15f369036f49842fac7a86c8a2b0557609776814448b8f5e84aa9f4395205e9", - .p_r = "d19ff48b324915576416097d2544f7cbdf8768b1454ad20e0baac50e211f23b0", - .p_s = "a3e81e59311cdfff2d4784949f7a2cb50ba6c3a91fa54710568e61aca3e847c6" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 Q changed SHA256"), - .p_input = - "44b02ad3088076f997220a68ff0b27a58ecfa528b604427097cce5ca956274c5", - .p_qx = "2ddfd145767883ffbb0ac003ab4a44346d08fa2570b3120dcce94562422244cb", - .p_qy = "5f70c7d11ac2b7a435ccfbbae02c3df1ea6b532cc0e9db74f93fffca7c6f9a64", - .p_r = "9913111cff6f20c5bf453a99cd2c2019a4e749a49724a08774d14e4c113edda8", - .p_s = "9467cd4cd21ecb56b0cab0a9a453b43386845459127a952421f5c6382866c5cc" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_SHA256_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 hash changed SHA256"), - .p_input = - "d80e9933e86769731ec16ff31e6821531bcf07fcbad9e2ac16ec9e6cb343a870", - .p_qx = "69b7667056e1e11d6caf6e45643f8b21e7a4bebda463c7fdbc13bc98efbd0214", - .p_qy = "d3f9b12eb46c7c6fda0da3fc85bc1fd831557f9abc902a3be3cb3e8be7d1aa2f", - .p_r = "288f7a1cd391842cce21f00e6f15471c04dc182fe4b14d92dc18910879799790", - .p_s = "247b3c4e89a3bcadfea73c7bfd361def43715fa382b8c3edf4ae15d6e55e9979" -}; - -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA512 1"), - .p_input = - "0250f93e6932887df519921f9a8dcff110be0768dc351ef73a940a579fae2d20061759" - "e892e289c3e4ba5f7fe17d6ebb15c5931d48db55ebc81549f6637292fe", - .p_qx = "9cb0cf69303dafc761d4e4687b4ecf039e6d34ab964af80810d8d558a4a8d6f7", - .p_qy = "2d51233a1788920a86ee08a1962c79efa317fb7879e297dad2146db995fa1c78", - .p_r = "4b9f91e4285287261a1d1c923cf619cd52c175cfe7f1be60a5258c610348ba3d", - .p_s = "28c45f901d71c41b298638ec0d6a85d7fcb0c33bbfec5a9c810846b639289a84" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA512 2"), - .p_input = - "9eb2f9fa96a1f3ffcef9600522730e86d26d328ec0c1bf2fbfe55a38754610341fda1b" - "894fdcf10c9bc4f48819010fdcf0d24f27ff539e40c6855cafbd306386", - .p_qx = "f63afe99e1b5fc652782f86b59926af22e6072be93390fe41f541204f9c935d1", - .p_qy = "f6e19ce5935e336183c21becf66596b8f559d2d02ee282aa87a7d6f936f7260c", - .p_r = "cef4831e4515c77ca062282614b54a11b7dc4057e6997685c2fbfa95b392bf72", - .p_s = "f20dc01bf38e1344ba675a22239d9893b3a3e33d9a403329a3d21650e9125b75" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp256r1 valid SHA512 3"), - .p_input = - "45b082e804443b53a82229cdf13e4c5f8f31fe93170cc8a23f63eef506cb7748388e1a" - "971a2f81e3daa324cf2bb69118f7418f40df66a24f50c34a55e1416c3a", - .p_qx = "2dcbd8790cee552e9f18f2b3149a2252dcd58b99ca7dc9680b92c8c43aa33874", - .p_qy = "5dbc8bb8813c8e019d80e19acdb0792f537980fecde93db621aaf1f6d0e6ee34", - .p_r = "2bdbd8b0d759595662cc10b10236136ef6ce429641f68cf6480f472fcc77bc9f", - .p_s = "7e7df0c8b86f7db06caf1610166f7b9c4c75447f991d5aaf4dea720c25985c8c" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_sha512_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 R changed SHA512"), - .p_input = - "4d74631eb67fd1a6fa93ecb6e6112b6699e78c1d4c24ae81d0d5842efe5d93c2fd7a78" - "63f8d45d1b2fafecbe41b7dc19c4b2bc208e014ffdc216e7eda0392a70", - .p_qx = "bc7c8e09bd093468f706740a4130c544374fdc924a535ef02e9d3be6c6d3bbfa", - .p_qy = "af3f813ae6646f5b6dbfb0f261fd42537705c800bb1647386343428a9f2e10fc", - .p_r = "6bd7ce95af25abfbf14aef4b17392f1da877ab562eca38d785fe39682e9c9324", - .p_s = "6688bea20c87bab34d420642da9bdd4c69456bdec50835887367bb4fb7cd8650" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_sha512_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 S changed SHA512"), - .p_input = - "575c64df58c8dc517ce65b388fa3ed69470163afecbabc3fa94b497ff7f3fe36ff12fa" - "be2b84cebbf667744195091e4e2335a71d36414e0af0d0260fc8e8ea44", - .p_qx = "633c2ee5630b62c9ce839efd4d485a6d35e8b9430d264ffe501d28dbace79123", - .p_qy = "4b668a1a6d1a25b089f75c2bd8d8c6a9a14fe7b729f45a82565da2e866e2c490", - .p_r = "bf2111c93ec055a7eda90c106fce494fd866045634fd2aa28d6e018f9106994e", - .p_s = "86b0341208a0aa55edecfd272f49cb34408ce54b7febc1d0a1c2ce77ab6988f8" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 Q changed SHA512"), - .p_input = - "f91b09107d10904d3968ec29f85e456ac4e828f32e8da3db6a13f5566bfa625e2ad03f" - "8dad5425a073c0d61d25de63dcafa9f4fcd206f29e9cb6b0fecd74aa57", - .p_qx = "e31096c2d512fbf84f81e9bdb16f33121702897605b43a3db546f8fb695b5f6f", - .p_qy = "6fbec6a04a8c59d61c900a851d8bf8522187d3ec2637b10fa8f377689e086bba", - .p_r = "1b244c21c08c0c0a10477fb7a21382d405b95c755088292859ca0e71bab68361", - .p_s = "852f4cbfd346e90f404e1dd5c4b2c1debca3ea1abefe8400685d703aea6c5c7f" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-256, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp256r1_sha512_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP256R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp256r1 hash changed SHA512"), - .p_input = - "f1e9cda2e096ece9a1fc57e55eeeb56b1c635380c0f9a1800a4a1a5f105d1fc0c60e77" - "6234daaa8a6f7c0f5286bb420b3f607e7cc0a7d840ad5dcbab26c797b0", - .p_qx = "484e31e69ef70bb8527853c22c6b6b4cd2a51311dde66c7b63f097dbb6ab27bf", - .p_qy = "e1ff8177f4061d4fbbacbbc70519f0fc8c8b6053d72af0fe4f048d615004f74e", - .p_r = "91a303d8fe3ab4176070f6406267f6b79bfe5eb5f62ae6aeb374d90667858518", - .p_s = "e152119cefa26826ea07ec40a428869132d70812c5578c5a260e48d6800e046a" -}; - -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -#if defined(MBEDTLS_SHA256_C) - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA256 1"), - .p_input = - "e3bcded61cbb0bf6ec20d59f91e8e73e532f15b082b89c984c1b51fb0d1db8a9", - .p_qx = "86ac12dd0a7fe5b81fdae86b12435d316ef9392a3f50b307ab65d9c6079dd0d2d8" - "19dc09e22861459c2ed99fbab66fae", - .p_qy = "ac8444077aaed6d6ccacbe67a4caacee0b5a094a3575ca12ea4b4774c030fe1c87" - "0c9249023f5dc4d9ad6e333668cc38", - .p_r = "798065f1d1cbd3a1897794f4a025ed47565df773843f4fa74c85fe4d30e3a394783" - "ec5723b530fc5f57906f946ce15e8", - .p_s = "b57166044c57c7d9582066805b5885abc06e0bfc02433850c2b74973205ca357a2d" - "a94a65172086f5a1580baa697400b" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA256 2"), - .p_input = - "45c3a1b29a18780234f12f5e4b64e7af9de2acf0029ce55b706cc79a7e4df994", - .p_qx = "9a74ea00203c571bd91ae873ce0ed517f8f0a929c1854d68abd3b83a5051c0b686" - "bb37d12958a54940cfa2de23902da7", - .p_qy = "6f20ccf8fa360a9ec03d7bb79ff17ad885f714757ef62995f824908561dc0c3dff" - "c49d873627936a2fff018b82879ced", - .p_r = "acc1fcac98c593fb0a0765fce35a601c2e9570d63ea1e612fff8bc99ac2d4d87775" - "0bb44cfb1014e52e00b9235e350af", - .p_s = "7f53de3afa4146b1447e829ebac8f5645e948cc99e871c07280cc631613cfdaf52c" - "caeccbe93588a3fd12170a7ec79fa" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA256 3"), - .p_input = - "0c7152ec620fe9b783625196b41192dd5d49df184ad26965c970ac5e28bb1c4b", - .p_qx = "fa8ebc3682d90ac7356f0b75b9e3376e76518676e0bedd176cfa7fa57fea4b3a39" - "9dbb2bf735ec90b9c1705cf9fa6f57", - .p_qy = "18c3fbca0150ec10696b3851f31fb3ba62c0b6be509d249e0d4b374c7a08e49338" - "e0922e2a8a9319999e6569ab8d292e", - .p_r = "fb58ab09b8a7ef7a6ec05b854eae11af9b713f7c7540e25115f609846e636ad4f88" - "dcf4dd61e311273df23ccda474f03", - .p_s = "485be4c21b7c3a9c6b39ffc9f0c39f4050f76d2a6b3fae203d016318c541c1b4ad6" - "cfc0d0950636ff6883895dd49e4e9" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_SHA256_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 R changed SHA256"), - .p_input = - "331aefe2369b9c5ee6dd9f850259b3b8512f5934434e61573f97fe2c1cd2b147", - .p_qx = "0cf4dc51e71185a29c0c6fa3c075d9da5bd7ede085053344dce5dbbe8329e8ac90" - "45f7246c9d0efed393b8e113c71429", - .p_qy = "fdb7917b73974b355cf9f3bef6a0a460c2d39fdf1fe32a7744be0a54ddd1cfa8d0" - "3914cff4b5ca536b40707ff2629aa4", - .p_r = "3812c2dc2881d7ef7f621993b161672329b261ff100bbd19fb5826c9face09aec20" - "17b6843d69336b813b673c5402527", - .p_s = "5dc102fab9d6325131c556ec00309c2959d1031a63fbc1e2d5d04996d3234ed3387" - "5c0ab98e5878e9bc72742519ed398" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_SHA256_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 S changed SHA256"), - .p_input = - "f5b47101b4ff9baf64aca830b6afbc4f9620035d88a1d84a12cefa6f7f99faf2", - .p_qx = "10a784abb3c549444a62c28df1c926b8aabb20c8d9aa4b1f7ca830258857cbe971" - "8dbc9845fa9cbb78587a373baee80d", - .p_qy = "a1ad0c10b5ab6780cad49c8cd3eebd27de8f1b382ddd7a604458cef8e76ca632a7" - "e44e1c63141a742426cec598029e2e", - .p_r = "d9e52be2a3f7f566899cf6daaa38116d092473066f3a1bf91f3df44d81bca1deb43" - "8d9d25ce1632599c1d3576a30f128", - .p_s = "0cad30bce4b3d7f40b3eef762a21bb1a3bad77439838b13024b7b2c70316875a99e" - "80723a74a9e7a404715ca06a5d673" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 Q changed SHA256"), - .p_input = - "647eb206a8477440b4bd048d00f37dca8635b15c2a8e79e2a9d74fb9a5553211", - .p_qx = "97c3f446803a61a7014f61cb7f8b3f36486c7ea96d90ee1767f5c7e1d896dd5114" - "255abb36c74be218c1f0a4e7ebba3d", - .p_qy = "553ed1fed72c62851e042f0171454f120029adba4ee26855ab881d9470355f1947" - "aa1d2e806a7ff2583660fedbd037a0", - .p_r = "7b06d6c2b63f1cc3bfdaa897d07dc15a83bdf35d979f70c34578332b3f4920422bb" - "24867c51bde10831324df424e04ec", - .p_s = "4bef715161f400dc98d4b63bd13ff4ad4a6c981ead44bfc662fe9bca4b56cd79069" - "8e4deddf9a4bd69327f26bfe801e6" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_SHA256_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 hash changed SHA256"), - .p_input = - "9a4985f744dd6f2774cb6f20ad6b6969e212abf4ac035b72ad3f8b1955ae1862", - .p_qx = "08bd5c6cdc1f8c611df96485090e20e9188df6abb766bff3c1ba341ed209ad5dfd" - "78b628ec60998ddfdd0dd029352fbd", - .p_qy = "d9831d75dec760e9f405d1aa5e23aac506dc019fb64d44bd57f6c570d017e6609f" - "8fdbb2dc7b28ca9e00e37cd32a3b73", - .p_r = "8b372c86ed1eec2163d6f7152e53696b4a10958948d863eb622873b471702ac5b2e" - "75ff852149a499e61510905f98e4c", - .p_s = "b2ed728e8b30787a28f2a6d3740872e47348686c7cb426411379411310241d25f08" - "a026b853789b1157f1fc1a7f6ff49" -}; - -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA512 1"), - .p_input = - "ea056beb112fa9aad69c8dfe51ea947b772bf1c11287edcede43a98089d21492ed581e" - "dcb6d1823e2873aabba213b84291db3bffa6eac3ae43a92fc2da276a24", - .p_qx = "c665feccf51e6bca31593087df60f65b9fe14a12022814615deb892eedb99d8606" - "9a82aa91319310b66588185282dad6", - .p_qy = "1e6e25bb8ae7714415b94f89def0f75dcb81d4af6b78d61f277b74b990c11aff51" - "bd12fc88d691c99f2afde7fbd13e51", - .p_r = "0e18c4063137468fe864fdc405ad4e120176eb91b4538b28ce43a22ae1a310cc22a" - "2f7a2b3a0f3d15e0f82038b4a4301", - .p_s = "5a1620e42041ce4357daf824befbb2ed65596bcd8214e88726149b26b1f416b9472" - "a8877413f1c3705fc2edf4731943b" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA512 2"), - .p_input = - "cd7c623c3c3b52f46be0ebb2b353ff97db3cd7dfc1a059a57668fc50101aeeb37b8aee" - "9ddda8ab611546999a120cc9acb0e2c3df48dee66d5c31a46a7be94bc7", - .p_qx = "83a4fecc0bf0a353b0acf6f54094b822f2b12564e172b296f3461cafa7315d7d31" - "d0089b1b4c18ad3c86bd18f539774a", - .p_qy = "e4fd57c5b2937e6fba1e7d72fc3f02352bd79c13611931935f4dfd073b9379f862" - "f2277585137e996e212b5b6533dcba", - .p_r = "fb02804010a570d702ebfbcf3d6cc9d55ddac2bd4b4de56d325e9790571b1737f91" - "d3fa1d4caeec6eea806195aed3187", - .p_s = "1fd20fe383e907e77639c05594642798619b2742090919bedeefb672c5700881baf" - "0df19b9529d64bc7bb02683226103" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp384r1 valid SHA512 3"), - .p_input = - "dd7947a5b9a1c988dd7dff537e15335aacafd3e602adc8373765013f338334dd58aed4" - "fb7144de0007c3410d79f5e78bcd4cf0dd63cc33ed3dd564882e299c7b", - .p_qx = "45cb6dcca8d2e80ac04536a22f9d68ea2313245550108ddcd32799d154c0a55492" - "e49463e826275bd9bf0d5e380205c1", - .p_qy = "6fd124f5a6c745751ccfb3ba4dd9144ea8fd41a4d9a4b34820434da66aa7385e73" - "ffe71e6c11ed1beb6c7af22ce00edf", - .p_r = "2c782c4263eeee63657fbf20fa287a1a81fcd14b1d3bae333928ba4fc31abb20ede" - "bc130714380608e38ea74309eca9d", - .p_s = "716113d95bc9dba532bfb470112b0d43d9cd6560ad15e0de2e514994801ff339bcf" - "19ad4ee2b8af573f57c038fbd70f0" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_sha512_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 R changed SHA512"), - .p_input = - "c0f9ae90fe8aaf54962e7d47a832e4ca6e60355e4066cd2b08bff78650d4e4a5d1eb1d" - "e296f9f0ef92887e09f82e0db4411aa9c3c6b109159bd39feed40419a3", - .p_qx = "9c1eb5cdb1a873e4c275b7ded8712b9058ee0d9ded06c96a2a8d7c652b82e894e2" - "f918dd8e18138e5c34821744b97952", - .p_qy = "dd474c93619f02b5d4fe30ea7805c1a13fb80008a81bb5f3eeb95cd11f38841b8e" - "34d64f2c6cc2d6cc2587365eed6b6e", - .p_r = "f17b2f2fa3b5c8e9c62a633e5d417139ddf3dafba75b464fa156c99b3948a0aca53" - "2c7fd3e14a266eb17e7fa80881da2", - .p_s = "01c246866983fa74d6dff38b1ea091f8afd218b5a42467761b147c19a3bb20cd24b" - "e8ed1f95f1e61863a709d2d0148e2" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_sha512_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 S changed SHA512"), - .p_input = - "242ff2713c03e3d5277652f8e7fb1e5a1f0422b6652e1bdd696e46c03cdd3aaac329b1" - "d88e7aa345ff7224ce6dc6df05c7e9d7dc2665282c817d15a15b8288fd", - .p_qx = "36c1459d9e9f7b6c1598778c784cbf94661a2b11370c02ee092f6ea0ca20acf81f" - "1ed5048a28a1466a91689df26bc291", - .p_qy = "d1367418c7b216bd32c6dafc8b2be99d02cab68df990758b2ddd543b7eb6ff6e28" - "5b649ffe588b1811b549cfb5f0289b", - .p_r = "40c338adeb504193444bdb95336177362031aaadc5b7e151e42030df9dd8687f3cb" - "8fe2292fd4f9206989c089d966dae", - .p_s = "be4b2ba251094c24de006c89af2b5c77e6937f36d7bb703b4f8edcfe65d45f4b2fd" - "2486222163ae0ed9e215c0a96f488" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 Q changed SHA512"), - .p_input = - "d5c82ff11f555ce21c3f20a9ecfa6047cb6895e32fa0fb379f49085a59f61b7c8fa050" - "58ef144cf47db5738fa40f4890cb59695998a2358162bbbf6d7f53517b", - .p_qx = "d4e93c4bafb54c06814011309e9f3d8e68b76a5452e364ef05ccc3b44b271e576c" - "9028106b1584f09271c886d467f41d", - .p_qy = "db730ccfdeb6644362f4fb510d5254bfe6f23e891e936132f90f1913e93baa8b1f" - "8c0613a0f0c61a760ce659f22babc6", - .p_r = "8d0fd14a59c24b0c2a34b438e162f1f536fe09a698cacfe0760d026d1593265d02f" - "2668d2a5e49ac0b21e93807aa9c18", - .p_s = "3162ffd2adc9dd5ec1bb1d97d2b0c27b8ae234235ffb374878d0b76382002ea505e" - "885c178d56a2d7809bd1d83117ef1" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-384, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp384r1_sha512_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP384R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp384r1 hash changed SHA512"), - .p_input = - "81b1303e10f25d37877b09f9d82dbd894e40264992d86cc74656ebeef505b46fdf9dec" - "312a7f0a26e3f56a7195d5b01d198c378fff9d049e00cbad9586da20c9", - .p_qx = "a6bbf85e8068151482ce855ccf0ed22988fcf4b162c4b811cb7243b849299e3390" - "a083147fbd68683203ba33588b13ae", - .p_qy = "5c837ec9f2eda225c83ab2d5f10b1aa5bfb56387deebf27ecda779f6254a179682" - "60247c75dd813ea0e1926887d46f86", - .p_r = "9c11879e59659848274fc1ef5a6a181af813d23708b09a24dc06c089b93b918828d" - "d938a75a34d5a681b0af362dc19a0", - .p_s = "9c362231962ba7579c4a874e87bdc60dc15cb2e0677149c8ea31162963e05a66146" - "16f67a5269616071cf095be7ff44b" -}; - -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -#if defined(MBEDTLS_SHA256_C) - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_SHA256_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA256 1"), - .p_input = - "61bcad3941eeb4005c391745635dbca42b451c3222b6123af2cd1279f89f3b2d", - .p_qx = "00397714abcc503eaa0c18abd1fd26586d28ec1b1035d37ac710f2823911ec9afa429b" - "41ea89cec13d5bcae9d6d7147794407e409f3b267cf4dd27e8c77e7ccf4d36", - .p_qy = "00a3a4b749d19b84708e42b59e9faa5a99ac0f0a01121655fab87785fca38c8cd4277c" - "8c2c9a0024ff608c3cce954596315dfe0e3b133aeab08bb5389eb2a4f1fb42", - .p_r = "019da96a866db12948e0aec7231f797061f345739d439bdaaba63e4d03e0bb52c3f" - "ea2fb593347d983f24a3afa6a77f476e6bb49a5de843b4c4755cddce97b8b909e", - .p_s = "001bb442f428b2ca445a75ad88ed49d965d6659d748d02cebf78faa1ecc187b606f" - "284d11d47791d585dc371c2d91848a55ca7b092f06d561efcf64e0de0814e1db4" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_SHA256_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA256 2"), - .p_input = - "c11b8b03fcd4f2ae25f60af2ec2ccc9afcbf760f61782fad21a02d69b1024cdb", - .p_qx = "0176f1276918fed24a098d6d03077f3c33ae543316df1b6b06ce877e74b69b2cd4131f" - "df797e77e5f6391b0b32411120d03c0c59ba1721a7187d18708121d6f3a86f", - .p_qy = "010f9d38b30a2da1a745840de7c9994578e32bb10f9334b46f533b6eab550aa55048e4" - "ac601889564ac8314e01b61613fc7b8e2bd3f1a188c5c5e869af16a8d61d9b", - .p_r = "019cb5639a321e95214c90a612d29c9ffd5ae5aaa2a814ee2d66ac1ce1d2ab32290" - "09129ec9d472061444cbfbf50c7e4cba09aab65299a42740bce7af3fddf2a1f46", - .p_s = "00082ce6bf1d809d3bb4f9f09a95590bb64b0c41bcee5fcdd332947a9b59618da5d" - "a897fff44968d92635e7833dec1e91d8d99bd8b527609393b446c83d109a32243" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_SHA256_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA256 3"), - .p_input = - "b7e0d79517efe3d961ca5bbdc0916bab7a32743f5150d53cd60300b3edceff49", - .p_qx = "00aa42473f80d9d81f6d41ed05c8ba35c005f90e2690f71dfdb12555b7590c7a8e95b6" - "18368c39f4e84d6cba25f522c9bdd256c60d3f8c8425ad313701225a9cc9c4", - .p_qy = "01992b7966b925f42c91f810eb05d602b804301849ea278466a68e5b616e3a0bce110f" - "c9250db14f9c8f5929347e1bb8727bcf8072c6aebc26958954fe96df04e139", - .p_r = "00cbb35513420f206bd26b568712503b66e159a54e154c8d4e9c661aa954e0bf425" - "871275fff5e8f368c8ccc77ffe6adf84ba88a84483d8ba5cc862bd408f6a192c1", - .p_s = "002ffb4e461e3161c801ad217a0483045181013deed29eec29cca94776139ddf5fe" - "9d7771e5ac7b637a4bf7e5276940489bd8ae36f41ef6be93cff4b96bd0e1f3e59" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_SHA256_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 R changed SHA256"), - .p_input = - "6b7b1a121d5e8f4d3d0294abbb62ae16561f37b6fbdd6d519209c6663669323b", - .p_qx = "009f21a6e7295b183656709089b3c647140c81f71b0b3812e6de22c52245335599ade6" - "a3116cb70277dc2485f91c7b1f46d62afb60fc17a110358c9a02e02e010960", - .p_qy = "01e914284cea47dd6836e7ce899d0c9a88d67fc9d039ffa9fa5bee58d247e0d0dc9251" - "be8b82afd3add327f98c5570bdcd8ad8827820032774d19db09232aeba190a", - .p_r = "00ce4b2ac68afd071531027b90d4b92d9b0e1044b824ccebb2c9ab241d5b909ead1" - "ffa2dc3d330f57187efbea7374bc77c4f7ce7ee689aa5a1e27aa78abc3cc1e751", - .p_s = "00aa85d84f9c7fecd25064dbae69c16d6fcff38040027bf476c7f913746272b5d4b" - "9bd34d2482e27730522df724895b99253aed86011139928fa9a272892f8c99d8f" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_SHA256_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 S changed SHA256"), - .p_input = - "2e139493b5db177dd536c562e0c90445b59a686eeb27e0a7b7cd93d72fa4ab7d", - .p_qx = "006d8c16536b17cab6ff41f5df4038fe416c05ccb601710909708dc561b02ceed9cf02" - "0441d9daa075e8fd604531ff58084035b1c19a498b82582f5b20f9cedf61f9", - .p_qy = "00e89d71c66e55c4f5bf245413388bfe9de83944b11d1abdb4692db7da8a086442965e" - "e512f7089f89464dda5d7786e52cc26a8a30bc8824cc56a289fefcd42bdfd2", - .p_r = "0087f86cf4bd36e8253097ac1bc8500dedafdbccbe5767ec25e53c73c4f053f3b37" - "acd1d5ea4c16e4058919b61d2a67393220ffefe07535d53923ace6815463c4c31", - .p_s = "01def2582fd0df89fa28c9ce882f5c3846135f51bdf7f4b2497b190136ef04618ea" - "a22a8c5a117b0adfc6425eac3111b6558df145a8b14ad39524b98659e01d51c21" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_SHA256_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 Q changed SHA256"), - .p_input = - "63c7b65f78581fc15992ac54b1221f16545a6e50a0c740e3f3a1685f09f358a8", - .p_qx = "00defff5ef7cc5de0e1ac32261e7a74e8c434c0b51f76df7566b612cc5b8201e7b38c5" - "1aa6118b6307f436394bf452a72224c977e37e410eae9525df2ee00a8123bf", - .p_qy = "00263b7db73558ddc783824f0b19776802aaf5e46ccb1b1d1dda07d2d6c5843f5036ae" - "8d381b235ccd2ed04eb90c5d51e32cbd7acdc7031cae63c06797556fb66fe3", - .p_r = "0089bd129a537840a52ef434d5a8ba4add952f72f22a84ac4523ea0bc02cbfa8b68" - "1ab0ed3fa2bca24ae575f23fce7efbb9bfd28e465174158a5ad2b08fd9e0b7132", - .p_s = "0004ed533337791e05f8d097eabdf4be96b3fcc9f876d47fb8c5c7a05cbddba398c" - "ded2edf5ec9b7dbb4e32c1374b46953d66a193c211ef12de4b9d73adc369d5e95" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-256 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_SHA256_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 hash changed SHA256"), - .p_input = - "3dfb0c771418d4f1ffd092de8aae7a563af2c9e559ad0b53a5b61090ea77eacd", - .p_qx = "015bd9bf7a35cc60147b32b64e0e4e54bf9ac2173cc6784b3d4ebd076aa5d45c1e3d08" - "46b20b61d6342341a8801a2f63028c991831318245c2fe31f8acde6bf2003e", - .p_qy = "01afb67c9c700ed332b47a2d148e6ddd3571e138f02a81c3cfe6d4dee0f512d92e7657" - "4fe5797c5566c05b3239fabb212c735615e719e718fb40fa6783c964357f72", - .p_r = "01a341d0e8906239faace79554b90d1445bd28f703d7c7cc8eb163337ad3d4bfb37" - "25cb06e618991491534d399866df5c5bdef897c889947b21148d89c657e64124d", - .p_s = "005c5b728837d44b7b6935efb2b721b4f45c1675d803d87f70158e451434176d968" - "2034c9b356b5f9181e07599bdcb55e5bc808fdd36fef9c19ddb6342c975262024" -}; - -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_sha512_1) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA512 1"), - .p_input = - "97ff5a81fc88f7ddd3bc58154ffd2695912fe50ce7c63b62bd798fb673c6aa49f54bc7" - "301fb7bddc6edc51b7e0d0b4dec9f80851fff02a33671ad9a406bbabe5", - .p_qx = "0153eb2be05438e5c1effb41b413efc2843b927cbf19f0bc9cc14b693eee26394a0d88" - "80dc946a06656bcd09871544a5f15c7a1fa68e00cdc728c7cfb9c448034867", - .p_qy = "0143ae8eecbce8fcf6b16e6159b2970a9ceb32c17c1d878c09317311b7519ed5ece337" - "4e7929f338ddd0ec0522d81f2fa4fa47033ef0c0872dc049bb89233eef9bc1", - .p_r = "00dd633947446d0d51a96a0173c01125858abb2bece670af922a92dedcec067136c" - "1fa92e5fa73d7116ac9c1a42b9cb642e4ac19310b049e48c53011ffc6e7461c36", - .p_s = "00efbdc6a414bb8d663bb5cdb7c586bccfe7589049076f98cee82cdb5d203fddb2e" - "0ffb77954959dfa5ed0de850e42a86f5a63c5a6592e9b9b8bd1b40557b9cd0cc0" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_sha512_2) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA512 2"), - .p_input = - "f8e150be2f657c8266fadc9bdb04648fc5a51f3c3f7521022aaf58d24165f8af4ad663" - "19d8aa2dab48fe8a2f773c8d0e6c8c4f732e0fdfbae4b91918530c1f91", - .p_qx = "00365388d9589c18ae608124b4cf746ff488183a912e07d26b6e867c5defb552a5a0df" - "5a16b6342014dd1b0b6760072bcd60045d6a9a514fc74d16047c2e8765636d", - .p_qy = "01a5319b26fd555f2a12e557418f6aa65a3461aeaea5c0c6d8698ceaa5495eed7a7d2f" - "ed0b76e77b5be11834f36e413d5288e47231c0eb0e9007d4b042bb7a1b6014", - .p_r = "01d9ef377063a592cf81e27815a2c20789ff9b60f7f125e618b52d90b35abdd41cd" - "7f437cfad337953ab0314fe8e79a2f2d27fa08597d4b28313358f714a737321fb", - .p_s = "00f01d4f150e0a174674a6a61a58a4ba781406024f6dd1b5252e04807b8a807a4ff" - "8d52883eaa258286e506ef4b04ca890e6f81a79ed9a0cd5ed585094fea0bc5c43" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_sha512_3) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = 0, - .p_test_vector_name = TV_NAME("secp521r1 valid SHA512 3"), - .p_input = - "8814a9dbef9e6d9b8322bdf8d471b207388bb7bf831d9fba8ad29da52d528d5d5108c0" - "1e4459f5ca13e26bf5da3c848195558828d7a00f53abb9fce47ef35091", - .p_qx = "010d587aa82a4d8e690672c00e3fd71826d892862d14dc4fbad4935aaab86924dc7ee6" - "f7fd3e2bbe86a8652589448494dab83d363d1d623cbae59f6c2670706a0576", - .p_qy = "01a9734c99b6ff21267050738937c30971d0f6fe07e29794748a5017ea1036c975c9a5" - "2e6d3739ca0e8d70e784529cc1a7437aac5d75c69121b69020a95356137f1d", - .p_r = "0188dcb840dfc573a97117009226d58dbb930ba8ec848931786abc770611f3519c8" - "ba73cceb5b489170805bcf04974672fe66c908ba379aca99fa67fec81a994c2d1", - .p_s = "000b1a185512dc6a65e454ea2bdb8049ef8f012a53ae87b759fb5d9edba51ea32e2" - "54e80545a99eb4b7c58af96b7c433535fa3f009cc644b1c97666d88355af9fc19" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_sha512_inv_r) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 R changed SHA512"), - .p_input = - "7679eaaf0495725fa99c51a2dd0c35c8882b840e1c2340ba793013b1e2567471cba35c" - "0dd6247cc2c2ca14f6556912a5687023fb2f0ee02114393bed4c598742", - .p_qx = "012a593f568ca2571e543e00066ecd3a3272a57e1c94fe311e5df96afc1b792e586272" - "0fc730e62052bbf3e118d3a078f0144fc00c9d8baaaa8298ff63981d09d911", - .p_qy = "017cea5ae75a74100ee03cdf2468393eef55ddabfe8fd5718e88903eb9fd241e8cbf9c" - "68ae16f4a1db26c6352afcb1894a9812da6d32cb862021c86cd8aa483afc26", - .p_r = "01aac7692baf3aa94a97907307010895efc1337cdd686f9ef2fd8404796a74701e5" - "5b03ceef41f3e6f50a0eeea11869c4789a3e8ab5b77324961d081e1a3377ccc91", - .p_s = "0009c1e7d93d056b5a97759458d58c49134a45071854b8a6b8272f9fe7e78e1f3d8" - "097e8a6e731f7ab4851eb26d5aa4fdadba6296dc7af835fe3d1b6dba4b031d5f3" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_sha512_inv_s) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 S changed SHA512"), - .p_input = - "b99c410653ce928e365d3613331b5df067020e92f634696279d5cee80f1f4a82f7d976" - "a059e318b36eb25314b56f8765a81070d0944f4c86e8407d9c3e2aa7da", - .p_qx = "01d6aef44370325a8a5882f4667c21172cdc8fa41d712562883ececff53883ac8ee276" - "124e825088c79d6c9d96323cb7b8c0b7ea44d3f0026e2538f4b62d785bb1af", - .p_qy = "0027203959a6e944b91fe6306debe74dc5dde9831fd0ec27e8be2d0b56807d63151b15" - "f6495b8632e919e1e6b015f5ae5f2b6fb8cf75b5f848f00cf4ee457cebed3a", - .p_r = "004417ff74889dde6bb1820b5d13da5c81dcf9b0723ee89bb1ff0d3faa90d497685" - "709f315b2cbe55481dee43ebb6d25b1501ae69494dd69e7bffb72f987d1573b93", - .p_s = "00fd7aa027c665458c7ac11d54d4f32cb4a1e727b499ce27b08d3d647c636cc3222" - "a4f0a6057732249ddc22574d7cb80c3769c3ea9de3d33db3edd8ea90cb3f8dc8a" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_sha512_inv_q) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 Q changed SHA512"), - .p_input = - "996010910456dee59309f1631f30e3dbf7ac2da7d5d7f69223c8a18f491cb18f7e11d0" - "ca09352b715354a071e6d392a8c1dc0751569bdfcf36c158c8b07a5ba6", - .p_qx = "0007067d2cf7b7619b9fcff2c898246ae0950439b8bab92d809624970eda18456cb999" - "53ce1ae45ee5d36ef02fcd5caa4d951de8581f0c21e572caad56d6dce60da3", - .p_qy = "01913c59007a309005f226b6a30122828d60b4d0390359e1977f88b5347dacf2056dd3" - "62648e8b1d6fc038a3bd3fde6f1140c740efa9075ab8b4a64b334c5cd43f09", - .p_r = "012aa4a532c108aa3cfb1753f95ca626bb72bd96a423d727656d4ebdc3f406d6cc6" - "c44d3718f9abae8a0b46be9b57f8fd3a540326b63d0d4a8a93165715920437787", - .p_s = "001badaf38e16efd75915f4806f054d40abd2d11e402039bd48c832f66cbfd145e4" - "dac93357d476b7e608d7b75a017374ae76eee86c505f2cc16eaa19075827ccd60" -}; - -/* ECDSA verify - NIST CAVS 11.0 P-521, SHA-512 */ -ITEM_REGISTER(test_vector_ecdsa_verify_data, - test_vector_ecdsa_verify_t - test_vector_ecdsa_verify_secp521r1_sha512_inv_hash) = { - .curve_type = MBEDTLS_ECP_DP_SECP521R1, - .expected_err_code = MBEDTLS_ERR_ECP_VERIFY_FAILED, - .p_test_vector_name = TV_NAME("secp521r1 hash changed SHA512"), - .p_input = - "ee21776d7174103b7fb65f03fd5d78744d2706c6726ece81e3943cf90f60fad6d8978a" - "f6cae9bc059aee2412ef86d0600694447a10b9d21079b9ca77500634a9", - .p_qx = "01184b27a48e223891cbd1f4a0255747d078f82768157e5adcc8e78355a2ff17d8363d" - "fa39bcdb48e2fae759ea3bd6a8909ce1b2e7c20653915b7cd7b94d8f110349", - .p_qy = "003bd6e273ee4278743f1bb71ff7aefe1f2c52954d674c96f268f3985e69727f22adbe" - "31e0dbe01da91e3e6d19baf8efa4dcb4d1cacd06a8efe1b617bd681839e6b9", - .p_r = "004c1d88d03878f967133eb56714945d3c89c3200fad08bd2d3b930190246bf8d43" - "e453643c94fdab9c646c5a11271c800d5df25c11927c000263e785251d62acd59", - .p_s = "012e31766af5c605a1a67834702052e7e56bbd9e2381163a9bf16b579912a98beba" - "bb70587da58bec621c1e779a8a21c193dda0785018fd58034f9a6ac3e297e3790" -}; - -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ diff --git a/tests/crypto/test_cases/test_vectors_ecjpake.c b/tests/crypto/test_cases/test_vectors_ecjpake.c deleted file mode 100644 index b4bf10c9b32f..000000000000 --- a/tests/crypto/test_cases/test_vectors_ecjpake.c +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include "common_test.h" -#include - -/* - * Test data as used by ARMmbed: https://github.com/ARMmbed/mbed-crypto/blob/master/library/ecjpake.c - */ - -static const unsigned char ecjpake_password[] = - "7468726561646a70616b6574657374"; -static const unsigned char ecjpake_x1[] = - "0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f21"; -static const unsigned char ecjpake_x2[] = - "6162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f81"; -static const unsigned char ecjpake_x3[] = - "6162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f81"; -static const unsigned char ecjpake_x4[] = - "c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe1"; -static const unsigned char ecjpake_round_msg_cli_1[] = - "4104accf0106ef858fa2d919331346805a78b58bbad0b844e5c7892879146187dd2666ada7" - "81bb7f111372251a8910621f634df128ac48e381fd6ef9060731f694a441041dd0bd5d4566" - "c9bed9ce7de701b5e82e08e84b730466018ab903c79eb982172236c0c1728ae4bf73610d34" - "de44246ef3d9c05a2236fb66a6583d7449308babce2072fe16662992e9235c25002f11b150" - "87b82738e03c945bf7a2995dda1e98345841047ea6e3a4487037a9e0dbd79262b2cc273e77" - "9930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37" - "ec91b7e32bb013bb2b4104a49558d32ed1ebfc1816af4ff09b55fcb4ca47b2a02d1e7caf11" - "79ea3fe1395b22b861964016fabaf72c975695d93d4df0e5197fe9f040634ed59764937787" - "be20bc4deebbf9b8d60a335f046ca3aa941e45864c7cadef9cf75b3d8b010e443ef0"; -static const unsigned char ecjpake_round_msg_cli_2[] = - "410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b" - "45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e" - "6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292" - "d36f0d23e055913f45a52b85dd8a2052e9e129bb4d200f011f19483535a6e89a580c9b0003" - "baf21462ece91a82cc38dbdcae60d9c54c"; -static const unsigned char ecjpake_round_msg_srv_1[] = - "41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e14779" - "0aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20eb" - "d7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f" - "65d78742746c12a5ec0a4ffe2f270a750a1d8fb51620934d74eb43e54df424fd96306c0117" - "bf131afabf90a9d33d1198d905193735144104190a07700ffa4be6ae1d79ee0f06aeb544cd" - "5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c11" - "2b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f375" - "2f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd" - "4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb12"; -static const unsigned char ecjpake_round_msg_srv_2[] = - "03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda" - "4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea" - "3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5" - "d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c820ff724a9a70b88cb86f20b434" - "c6865aa1cd7906dd7c9bce3525f508276f26836c"; -static const unsigned char ecjpake_ss[] = - "f3d47f599844db92a569bbe7981e39d931fd743bf22e98f9b438f719d3c4f351"; - -/* - * Uses empty initial data on both sides and deterministic rng. - * Derive a secret for both client and server. - * Should verify: - * Derived secrets same length. - * Derived secrets equal data. - */ -ITEM_REGISTER( - test_vector_ecjpake_random_data, - test_vector_ecjpake_t test_vector_ecjpake_trivial_random_handshake) = { - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_password = ecjpake_password, - .p_test_vector_name = TV_NAME("Trivial random handshake") -}; - -/* - * Uses pre-made private keys to generate public keys. - * Thus only ECJPAKE reads are done, not writes. - * Messages are also pre-defined. - * Should verify: - * Derived secret client same length as pre-made secret. - * Derived secret server same length as pre-made secret. - * Derived secret client equal data in pre-made secret. - * Derived secret server equal data in pre-made secret. - */ -ITEM_REGISTER(test_vector_ecjpake_given_data, - test_vector_ecjpake_t test_vector_ecjpake_given_data_001) = { - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("Predefined private keys"), - .p_password = ecjpake_password, - .p_priv_key_client_1 = ecjpake_x1, - .p_priv_key_client_2 = ecjpake_x2, - .p_priv_key_server_1 = ecjpake_x3, - .p_priv_key_server_2 = ecjpake_x4, - .p_round_message_client_1 = ecjpake_round_msg_cli_1, - .p_round_message_client_2 = ecjpake_round_msg_cli_2, - .p_round_message_server_1 = ecjpake_round_msg_srv_1, - .p_round_message_server_2 = ecjpake_round_msg_srv_2, - .p_expected_shared_secret = ecjpake_ss, -}; diff --git a/tests/crypto/test_cases/test_vectors_hkdf.c b/tests/crypto/test_cases/test_vectors_hkdf.c deleted file mode 100644 index e905242ec886..000000000000 --- a/tests/crypto/test_cases/test_vectors_hkdf.c +++ /dev/null @@ -1,357 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief HKDF test vectors can be found in RFC 5869 document. - * - * https://tools.ietf.org/html/rfc5869 - */ - -const char hkdf_ikm_len_22[] = { - "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" -}; -const char hkdf_ikm_len_80[] = { - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021222324" - "25262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f40414243444546474849" - "4a4b4c4d4e4f" -}; -const char hkdf_ikm_len_250[] = { - "d9ffac12ae7a19e13c9e92b21e341bff5e2a949f240a55595d9cbcd77512480b435237341e" - "dbc831dfc524f35ad8b95d238629d66849d5b66edda67907cbe5556f175a3dedd8f5e5d5ef" - "12102fa1dde3e279b559130d0b441f1a20c04f5dbeb2bf0912272f29b96c390fba1b36a951" - "fea808275c8713b9685398bbbb1ba64f069b231f49c3095d2c95471b27df56acd671d7cbe7" - "817826d107815af721f3f7d262c651f1ebae961979778eb37dac8ce75f1efdb703789764a0" - "d34600ffc056e331dab60b1d207a5935649fb75e5a8d3ea6b09a20954736fad51a4b031a2e" - "961efa85b65a7c7b02345c199e90d8be40bb28496ad1ea93c9daeb55" -}; -const char hkdf_dummy_okm[] = { "3a8d5dc16eba7ac69b38" }; -const char hkdf_salt_len_13[] = { "000102030405060708090a0b0c" }; -const char hkdf_salt_len_20[] = { "1911bff47c578781d0609cb563bb7da69c27fd18" }; -const char hkdf_salt_len_80[] = { - "606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384" - "85868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9" - "aaabacadaeaf" -}; -const char hkdf_salt_len_250[] = { - "7d1ca5017a99229aae0e03c5bfb98b1425e8649956123341543edd6e75600a73fad29a00e7" - "06d68643133758b3602e4522071704eb212dfd613ab48f8826a90c944f626c13f6762d4361" - "a322d4f322c52d659ec0dbabf70d9e2daca42bb2333f5d9bbea1376a2fd895c5dda48270c1" - "757100e9083973e2fb0cdbbeadd44e40309887f300ca59a71167347f5d2e5583b4d5525ded" - "f7f57692397828c7009a834df2f2a711e9c892f6c706d3bf10a8c07db4c42ab74d75f8e249" - "e879a5e96329f04600e1bf81ee567ce0c06bd2a1f969feca465a75f996e7a79523b89ef8e2" - "2b85ecf436d7cfe7b4e6f535e0a661398ca5711f3f4513d864381702" -}; -const char hkdf_info_len_10[] = { "f0f1f2f3f4f5f6f7f8f9" }; -const char hkdf_info_len_20[] = { "3a594a18b699ef8819008ed38c3aa4320581db9d" }; -const char hkdf_info_len_80[] = { - "b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4" - "d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9" - "fafbfcfdfeff" -}; -const char hkdf_info_len_250[] = { - "ccfafb6a30475d53b3a2d420825c54d7e026874e913173108ac83c99aae278b1850538123e" - "c8f9dd00cc18cf0a66d271bf69c8035f1301c11a241eaaf9be56b99b65ef1a596fdb49e46a" - "acbfb39cd0afcd45516ab3b2f7e9fbf16246642f24ffc1d04d5d5e5694569d207feef75ba9" - "55cb119fa4f691a9bce51d32281795ffbd41fb157387b911e252a676b9dbf8e94e0e371495" - "b15602b527ebcfe1ae1773196fad39de7c5351869724f7ef17586ae9d85af304ba132db50f" - "a1449e297f650325558824291b88cbac38f7d27a24d8c18f0ba6bd0e749079184693e21ffe" - "9ee3dae068485e8b22663696f2d70a04e61ceceeb2da839bfbb30838" -}; - -/* HKDF - SHA-256 Custom test case 1 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_c1) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = MBEDTLS_ERR_HKDF_BAD_INPUT_DATA, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 Expand and Extract ikm_len=0 " - "okm_len=10 salt_len=13 info_len=10"), - .p_ikm = "", - .p_okm = hkdf_dummy_okm, - .p_prk = "", - .p_salt = hkdf_salt_len_20, - .p_info = hkdf_info_len_20 -}; - -/* HKDF - SHA-256 Custom test case 2 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_c2) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME( - "SHA256 Expand and Extract ikm_len=1 okm_len=1 salt_len=1 info_len=1"), - .p_ikm = "ab", - .p_okm = "53", - .p_prk = - "1f3624af63d5221a80b6d6cbb7d372e595cb512f4ad248643d8d0a74f0be8335", - .p_salt = "1b", - .p_info = "6f" -}; - -/* HKDF - SHA-256 Custom test case 3 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_c3) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME( - "SHA256 Expand and Extract Invalid ikm_len=20 okm_len=0 " - "salt_len=13 info_len=10"), - .p_ikm = hkdf_ikm_len_22, - .p_okm = "", - .p_prk = - "077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5", - .p_salt = hkdf_salt_len_13, - .p_info = hkdf_info_len_10 -}; - -/* HKDF - SHA-256 Custom test case 4 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_c4) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 Expand and Extract ikm_len=250 " - "okm_len=250 salt_len=250 info_len=250"), - .p_ikm = hkdf_ikm_len_250, - .p_okm = - "825c45e910cfbcdb12d101543cd837bbb654b54e097f45a9092fcb296a61961ff" - "e5e64c081beb8a143d34824c9c72ba51d58f53bc4a537bb1fbfd6ea0d32651241" - "a7a4bf724d8b51b026e4f64f4319b873ca8e77256e022911005e362a302930605" - "659e76c64db566486eaf78fe21fbe0a7caefbccc0ef09d642e9355209c036bbdd" - "64bdefbabb6b79b750c0ebf3f60e62071ce902d76c9af02a24eddc62cc5670439" - "802888dca0d7d954be732c57e9aacd405687a2bc072176052c467347f7e8d0191" - "eb42101ded1a29f1e2bc9e6166f457724f059430d050dc8e5891c7cd37b15b841" - "371d6c7774c25ec79c6dc71ef52ca20f4619110785325", - .p_prk = - "c5b46e0300b99717bf1a005ab63ca09d9478f618efc17a8ef909c0ff9e3c0d84", - .p_salt = hkdf_salt_len_250, - .p_info = hkdf_info_len_250 -}; - -/* HKDF - RFC5869 - Test Case 1 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_1) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 Expand and Extract ikm_len=22 " - "okm_len=42 salt_len=13 info_len=10"), - .p_ikm = hkdf_ikm_len_22, - .p_okm = "3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf3" - "4007208d5b887185865", - .p_prk = - "077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5", - .p_salt = hkdf_salt_len_13, - .p_info = hkdf_info_len_10 -}; - -/* HKDF - RFC5869 - Test Case 2 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_2) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 Expand and Extract ikm_len=80 " - "okm_len=82 salt_len=80 info_len=80"), - .p_ikm = hkdf_ikm_len_80, - .p_okm = - "b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c5" - "9045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc" - "30c58179ec3e87c14c01d5c1f3434f1d87", - .p_prk = - "06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244", - .p_salt = hkdf_salt_len_80, - .p_info = hkdf_info_len_80 -}; - -/* HKDF - RFC5869 - Test Case 3 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_256_3) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 Expand and Extract ikm_len=22 " - "okm_len=42 salt_len=0 info_len=0"), - .p_ikm = hkdf_ikm_len_22, - .p_okm = "8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9" - "d201395faa4b61a96c8", - .p_prk = - "19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04", - .p_salt = "", - .p_info = "" -}; - -#if defined(MBEDTLS_SHA512_C) - -/* HKDF - SHA-512 Custom test case 1 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_512_c1) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_err_code_expand = MBEDTLS_ERR_HKDF_BAD_INPUT_DATA, - .expected_result = EXPECTED_TO_FAIL, - .expected_result_expand = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA512 Expand and Extract ikm_len=0 " - "okm_len=10 salt_len=13 info_len=10"), - .p_ikm = "", - .p_okm = hkdf_dummy_okm, - .p_prk = "", - .p_salt = hkdf_salt_len_20, - .p_info = hkdf_info_len_20 -}; - -/* HKDF - SHA-512 Custom test case 2 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_512_c2) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME( - "SHA512 Expand and Extract ikm_len=1 okm_len=1 salt_len=1 info_len=1"), - .p_ikm = "ab", - .p_okm = "51", - .p_prk = - "37fc3ce6c9e6515c26b58e36bfcd288ba4cedd03c96d83a71dcfa9d0792f671f2" - "0dc2e98470057c79e740053e040385696bb303c643d0cefe3471113ef693e76", - .p_salt = "1b", - .p_info = "6f" -}; - -/* HKDF - SHA-512 Custom test case 3 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_512_c3) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME( - "SHA512 Expand and Extract Invalid " - "ikm_len=20 okm_len=0 salt_len=1 info_len=1"), - .p_ikm = hkdf_ikm_len_22, - .p_okm = "", - .p_prk = - "665799823737ded04a88e47e54a5890bb2c3d247c7a4254a8e61350723590a26c" - "36238127d8661b88cf80ef802d57e2f7cebcf1e00e083848be19929c61b4237", - .p_salt = hkdf_salt_len_13, - .p_info = hkdf_info_len_10 -}; - -/* HKDF - SHA-512 Custom test case 4 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_512_c4) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 Expand and Extract ikm_len=250 " - "okm_len=250 salt_len=250 info_len=250"), - .p_ikm = hkdf_ikm_len_250, - .p_okm = - "43e3f0defa3572efcc26b1c4e4ef47be92cf1fc873e144dc8b2e655c7adc25a7c" - "2487fa0d6d58efa2106c6ed9a99a6a6639530cf68fb67ec769f0afc729f35bc54" - "9afb840915c2b3ebc79aedeb94fddff3e81d32e8cb90b0b851d2d6a3436c57b63" - "154ef0ec026249722538f8d6e1c2b26633e994c1c0ca6886c3348f27551742dce" - "7f9b03c44564b2b709c39c9a6e99815cc2ccfaf3daab7d39c2687e30d561a1218" - "640e0ae0e655028268d358723b15dab2a2f1da1c9abbb86416d8926f39a6570a7" - "7cd3a430855a07462d40d73d20f023da4ed41c8d243c214e040ce9484d0d4ec59" - "27a496a4154ecdd9395233f2e9e447f69e4422d438a3f", - .p_prk = - "f7c9352c4f7a6c451ebd93638975aed3aec3e5127adae77d8074f80844caeac2f" - "b7aabeb37957cdcf738f2282a95b1468ddc014fb00a2d297e7b48d6e2812ccf", - .p_salt = hkdf_salt_len_250, - .p_info = hkdf_info_len_250 -}; - -/* HKDF - Input based on RFC5869, but with SHA-512 - Test Case 1 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_512_1) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 Expand and Extract ikm_len=22 " - "okm_len=42 salt_len=13 info_len=10"), - .p_ikm = hkdf_ikm_len_22, - .p_okm = "832390086cda71fb47625bb5ceb168e4c8e26a1a16ed34d9fc7fe92c148157933" - "8da362cb8d9f925d7cb", - .p_prk = - "665799823737ded04a88e47e54a5890bb2c3d247c7a4254a8e61350723590a26c" - "36238127d8661b88cf80ef802d57e2f7cebcf1e00e083848be19929c61b4237", - .p_salt = hkdf_salt_len_13, - .p_info = hkdf_info_len_10 -}; - -/* HKDF - Input based on RFC5869, but with SHA-512 - Test Case 2 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_512_2) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 Expand and Extract ikm_len=80 " - "okm_len=82 salt_len=80 info_len=80"), - .p_ikm = hkdf_ikm_len_80, - .p_okm = - "ce6c97192805b346e6161e821ed165673b84f400a2b514b2fe23d84cd189ddf1b" - "695b48cbd1c8388441137b3ce28f16aa64ba33ba466b24df6cfcb021ecff235f6" - "a2056ce3af1de44d572097a8505d9e7a93", - .p_prk = - "35672542907d4e142c00e84499e74e1de08be86535f924e022804ad775dde27ec" - "86cd1e5b7d178c74489bdbeb30712beb82d4f97416c5a94ea81ebdf3e629e4a", - .p_salt = hkdf_salt_len_80, - .p_info = hkdf_info_len_80 -}; - -/* HKDF - Input based on RFC5869, but with SHA-512 - Test Case 3 */ -ITEM_REGISTER(test_vector_hkdf_data, - test_vector_hkdf_t test_vector_hkdf_512_3) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_err_code_expand = 0, - .expected_result = EXPECTED_TO_PASS, - .expected_result_expand = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 Expand and Extract ikm_len=22 " - "okm_len=42 salt_len=0 info_len=0"), - .p_ikm = hkdf_ikm_len_22, - .p_okm = "f5fa02b18298a72a8c23898a8703472c6eb179dc204c03425c970e3b164bf90ff" - "f22d04836d0e2343bac", - .p_prk = - "fd200c4987ac491313bd4a2a13287121247239e11c9ef82802044b66ef357e5b1" - "94498d0682611382348572a7b1611de54764094286320578a863f36562b0df6", - .p_salt = "", - .p_info = "" -}; - -#endif /* MBEDTLS_SHA512_C */ diff --git a/tests/crypto/test_cases/test_vectors_hmac.c b/tests/crypto/test_cases/test_vectors_hmac.c deleted file mode 100644 index a5d56c7e1e4a..000000000000 --- a/tests/crypto/test_cases/test_vectors_hmac.c +++ /dev/null @@ -1,538 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief HMAC test vectors can be found in RFC 4231 document and - * on NIST web pages. - * - * https://tools.ietf.org/html/rfc4231 - * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Message-Authentication - */ - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_inv_message) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 invalid - message changed"), - .p_input = - "c1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" - "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" - "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" - "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e", - .p_key = "9779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8" - "c6a8f58ffefa176", - .p_expected_output = - "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_inv_key) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 invalid - key changed"), - .p_input = - "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" - "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" - "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" - "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e", - .p_key = "a779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8" - "c6a8f58ffefa176", - .p_expected_output = - "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_inv_sign) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 invalid - signature changed"), - .p_input = - "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" - "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" - "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" - "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e", - .p_key = "9779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8" - "c6a8f58ffefa176", - .p_expected_output = - "869f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b" -}; - -/* HMAC - Custom test vector */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_min_key_min_message_0) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=1 message_len=1 zeros"), - .p_input = "00", - .p_key = "00", - .p_expected_output = - "6620b31f2924b8c01547745f41825d322336f83ebb13d723678789d554d8a3ef" -}; - -/* HMAC - Custom test vector */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_min_key_min_message_1) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = - TV_NAME("SHA256 key_len=1 message_len=1 non-zeros"), - .p_input = "34", - .p_key = "56", - .p_expected_output = - "9e5770be94a15456f3009ea289aa38368dcf22db52710990327548310eece50e" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac256_0) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=40 message_len=128"), - .p_input = - "b1689c2591eaf3c9e66070f8a77954ffb81749f1b00346f9dfe0b2ee905dcc288baf4a" - "92de3f4001dd9f44c468c3d07d6c6ee82faceafc97c2fc0fc0601719d2dcd0aa2aec92" - "d1b0ae933c65eb06a03c9c935c2bad0459810241347ab87e9f11adb30415424c6c7f5f" - "22a003b8ab8de54f6ded0e3ab9245fa79568451dfa258e", - .p_key = "9779d9120642797f1747025d5b22b7ac607cab08e1758f2f3a46c8be1e25c53b8" - "c6a8f58ffefa176", - .p_expected_output = - "769f00d3e6a6cc1fb426a14a4f76c6462e6149726e0dee0ec0cf97a16605ac8b" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_1) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=45 message_len=128"), - .p_input = - "53cb09d0a788e4466d01588df6945d8728d9363f76cd012a10308dad562b6be0933648" - "92e8397a8d86f1d81a2096cfc8a1bbb26a1a75525ffebfcf16911dadd09e802aa8686a" - "cfd1e4524620254a6bca18dfa56e71417756e5a452fa9ae5aec5dc71591c11630e9def" - "ec49a4ecf85a14f60eb854657899972ea5bf6159cb9547", - .p_key = "b763263dc4fc62b227cd3f6b4e9e358c21ca036ce396ab9259c1bedd2f5cd9029" - "7dc703c336eca3e358a4d6dc5", - .p_expected_output = - "737301dea93db6bcbadd7bf796693961317ca680b380416f12f466f06526b36b" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_2) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=64 message_len=128"), - .p_input = - "ed4f269a8851eb3154771516b27228155200778049b2dc1963f3ac32ba46ea1387cfbb" - "9c39151a2cc406cdc13c3c9860a27eb0b7fe8a7201ad11552afd041e33f70e53d97c62" - "f17194b66117028fa9071cc0e04bd92de4972cd54f719010a694e414d4977abed7ca6b" - "90ba612df6c3d467cded85032598a48546804f9cf2ecfe", - .p_key = - "992868504d2564c4fb47bcbd4ae482d8fb0e8e56d7b81864e61986a0e25682dae" - "b5b50177c095edc9e971da95c3210c376e723365ac33d1b4f391817f4c35124", - .p_expected_output = - "2f8321f416b9bb249f113b13fc12d70e1668dc332839c10daa5717896cb70ddf" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_3) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=74 message_len=128"), - .p_input = - "b9e944e0b42d0ff454f7f8aa24f00e9ee039058ce4094111e39731b6dc3ade2a4acec4" - "cf9c5be078e4f10a72d3d685c1e5e4d5abd92cd07b64dff87f266f0853ddf1cd61d9c6" - "37a9b07ab0be32ecac119faf827218b17ad4541a27519477f76ed918089f54b63d0e1e" - "5a92982979ac187764b5e989e066a61b1065340e9cd203", - .p_key = - "81574323c973540719d192833ddb51f13a52dcbae294aebea51be5f6aa47f3571" - "f5d97facdcf0c7befbe809f44bdc73963d8514e4fd559774bb96087ef8eda6e7c" - "64275d6d96c42b4e4e", - .p_expected_output = - "514bd18495f6de0e237054b8e3ba1a74c3fada4279ad6b8550f3a14712c528df" -}; - -/* RFC 4231 HMAC-SHA Test Case 1 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_rfc1) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=20 message_len=8"), - .p_input = "4869205468657265", - .p_key = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", - .p_expected_output = - "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" -}; - -/* RFC 4231 HMAC-SHA Test Case 2 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_rfc2) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=4 message_len=28"), - .p_input = "7768617420646f2079612077616e7420666f72206e6f7468696e673f", - .p_key = "4a656665", - .p_expected_output = - "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843" -}; - -/* RFC 4231 HMAC-SHA Test Case 3 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_rfc3) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=20 message_len=50"), - .p_input = - "ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd" - "ddddddddddddddddddddddddddddddddddddd", - .p_key = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - .p_expected_output = - "773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe" -}; - -/* RFC 4231 HMAC-SHA Test Case 4 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_rfc4) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=25 message_len=50"), - .p_input = - "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdc" - "dcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", - .p_key = "0102030405060708090a0b0c0d0e0f10111213141516171819", - .p_expected_output = - "82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b" -}; - -/* RFC 4231 HMAC-SHA Test Case 6 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_rfc6) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=131 message_len=54"), - .p_input = - "54657374205573696e67204c6172676572205468616e20426c6f636b2d53697" - "a65204b6579202d2048617368204b6579204669727374", - .p_key = - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - .p_expected_output = - "60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54" -}; - -/* RFC 4231 HMAC-SHA Test Case 7 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_SHA256_rfc7) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 key_len=131 message_len=152"), - .p_input = - "5468697320697320612074657374207573696e672061206c617267657220746" - "8616e20626c6f636b2d73697a65206b657920616e642061206c617267657220" - "7468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6" - "565647320746f20626520686173686564206265666f7265206265696e672075" - "7365642062792074686520484d414320616c676f726974686d2e", - .p_key = - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - .p_expected_output = - "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2" -}; - -#if defined(MBEDTLS_SHA512_C) - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac512_inv_message) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA512 invalid - message changed"), - .p_input = - "3423dff48b312be864cb3490641f793d2b9fb68a7763b8e298c86f42245e4540eb01ae" - "4d2d4500370b1886f23ca2cf9701704cad5bd21ba87b811daf7a854ea24a56565ced42" - "5b35e40e1acbebe03603e35dcf4a100e57218408a1d8dbcc3b99296cfea931efe3ebd8" - "f719a6d9a15487b9ad67eafedf15559ca42445b0f9b42e", - .p_key = - "57c2eb677b5093b9e829ea4babb50bde55d0ad59fec34a618973802b2ad9b78e26b204" - "5dda784df3ff90ae0f2cc51ce39cf54867320ac6f3ba2c6f0d72360480c96614ae6658" - "1f266c35fb79fd28774afd113fa5187eff9206d7cbe90dd8bf67c844e202", - .p_expected_output = - "33c511e9bc2307c62758df61125a980ee64cefebd90931cb91c13742d4714c06de4003" - "faf3c41c06aefc638ad47b21906e6b104816b72de6269e045a1f4429d4" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac512_inv_key) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA512 invalid - key changed"), - .p_input = - "2423dff48b312be864cb3490641f793d2b9fb68a7763b8e298c86f42245e4540eb01ae" - "4d2d4500370b1886f23ca2cf9701704cad5bd21ba87b811daf7a854ea24a56565ced42" - "5b35e40e1acbebe03603e35dcf4a100e57218408a1d8dbcc3b99296cfea931efe3ebd8" - "f719a6d9a15487b9ad67eafedf15559ca42445b0f9b42e", - .p_key = - "67c2eb677b5093b9e829ea4babb50bde55d0ad59fec34a618973802b2ad9b78e26b204" - "5dda784df3ff90ae0f2cc51ce39cf54867320ac6f3ba2c6f0d72360480c96614ae6658" - "1f266c35fb79fd28774afd113fa5187eff9206d7cbe90dd8bf67c844e202", - .p_expected_output = - "33c511e9bc2307c62758df61125a980ee64cefebd90931cb91c13742d4714c06de4003" - "faf3c41c06aefc638ad47b21906e6b104816b72de6269e045a1f4429d4" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac512_inv_sign) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA512 invalid - signature changed"), - .p_input = - "2423dff48b312be864cb3490641f793d2b9fb68a7763b8e298c86f42245e4540eb01ae" - "4d2d4500370b1886f23ca2cf9701704cad5bd21ba87b811daf7a854ea24a56565ced42" - "5b35e40e1acbebe03603e35dcf4a100e57218408a1d8dbcc3b99296cfea931efe3ebd8" - "f719a6d9a15487b9ad67eafedf15559ca42445b0f9b42e", - .p_key = - "57c2eb677b5093b9e829ea4babb50bde55d0ad59fec34a618973802b2ad9b78e26b204" - "5dda784df3ff90ae0f2cc51ce39cf54867320ac6f3ba2c6f0d72360480c96614ae6658" - "1f266c35fb79fd28774afd113fa5187eff9206d7cbe90dd8bf67c844e202", - .p_expected_output = - "43c511e9bc2307c62758df61125a980ee64cefebd90931cb91c13742d4714c06de4003" - "faf3c41c06aefc638ad47b21906e6b104816b72de6269e045a1f4429d4" -}; - -/* HMAC - Custom test vector */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac512_min_key_min_message_0) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=1 message_len=1 zeros"), - .p_input = "00", - .p_key = "00", - .p_expected_output = - "869b81e40c5d97086fcaed2e14edb49ec5db2e4eb5d015b4639cc51098eaa4a4f21556" - "95f831773ad03c716f6f859482cfbf7d0074d4ec7801921fedd07d253d" -}; - -/* HMAC - Custom test vector */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac512_min_key_min_message_1) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = - TV_NAME("SHA512 key_len=1 message_len=1 non-zeros"), - .p_input = "34", - .p_key = "56", - .p_expected_output = - "10574996dffef454583940f057589200331423b354cffe9c5f13a82c49695b0a700fb2" - "607a9242ae83b85e81795e815a549dd5ff25bc9ebfb5f008b4f928c4ab" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_0) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=100 message_len=128"), - .p_input = - "2423dff48b312be864cb3490641f793d2b9fb68a7763b8e298c86f42245e4540eb01ae" - "4d2d4500370b1886f23ca2cf9701704cad5bd21ba87b811daf7a854ea24a56565ced42" - "5b35e40e1acbebe03603e35dcf4a100e57218408a1d8dbcc3b99296cfea931efe3ebd8" - "f719a6d9a15487b9ad67eafedf15559ca42445b0f9b42e", - .p_key = - "57c2eb677b5093b9e829ea4babb50bde55d0ad59fec34a618973802b2ad9b78e26b204" - "5dda784df3ff90ae0f2cc51ce39cf54867320ac6f3ba2c6f0d72360480c96614ae6658" - "1f266c35fb79fd28774afd113fa5187eff9206d7cbe90dd8bf67c844e202", - .p_expected_output = - "33c511e9bc2307c62758df61125a980ee64cefebd90931cb91c13742d4714c06de4003" - "faf3c41c06aefc638ad47b21906e6b104816b72de6269e045a1f4429d4" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_1) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=128 message_len=128"), - .p_input = - "b82eefb2081bd14dab0e9e345248a34ade73f3291886b91ea3e8cc742fd884f6ee0ccd" - "af4c9879f4db12dba58cf491af2541a1d5ef6cc8b1af750ef5d8559ef7ff9cd56d8f59" - "9974be3aecd8c0f4c08f3ae50d86f9f822a1e4ca39fd2f0b4d78d22630733a24d8d63e" - "cdf9555411daf205a761c39ef46ff6292e74129bc13a7f", - .p_key = - "e9e4480d1c4a621e0c4e1505992556347a7ab34fd2b289910474766cc969116f8" - "040d96dc5f66cdc4454fa7bcfb9f838af19195038467ab8a16e1cbc12e598e6fd" - "250e21b2145f1e2e859cf73400be12a0c69749f7100847429875351d5a76970b9" - "ccf700c2ca3ad72e9e4c0f0840e8cf488158136989b0891f867211350134a", - .p_expected_output = - "90093bdcc45da7338bd2efe92e30933b14f75582739c747f7572b3270b104f33af0c93" - "9e3c8ae53b2066fc8c97ccf38785cd2ec3d79e6946499d36121e44a3e7" -}; - -/* HMAC - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_2) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=142 message_len=128"), - .p_input = - "632afa8e79b14b2a3604f5855d2bf182d3c56d6853f21fe46271da5286065f38b31f75" - "1306b63c57b679beb14729c78f0040f7e2a0d615224dc5a693cd0cbec8f87117656d6b" - "6029853ed72b85681a63183c3a6dfccd128afb0dd7e81d36f0231c69070b189560a88c" - "9b697b81b0930701026190cf9ebe23559194d6de4d9a51", - .p_key = - "01b95a887927ce31b1242391bbd00965eb77a903d4b8399b72e6cebda9ae721be" - "efa779145160b626b110cc554671da0d8dcf993a9ab073888e02fa9b803ed43b3" - "f6a3aa1d20340df6ccceac13cb0797cf612cb8fe5fd513228cbd4de249d16bb77" - "587dde98f71bbba1a124ee046f0d239ccea7abb1accb5aab021b00dca491c623f" - "cb3191a9ecf31fc680b4a41e", - .p_expected_output = - "210ad45ca2fd1f105c0a18f993774f933ece57ace4da619689e1cb8b491a189cc6e4ee" - "1954a32201072e70f934837c0fb6e239b4fdfbd26ebf11b9a919eafd09" -}; - -/* RFC 4231 HMAC-SHA Test Case 1 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_rfc1) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=20 message_len=8"), - .p_input = "4869205468657265", - .p_key = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", - .p_expected_output = - "87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833" - "b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" -}; - -/* RFC 4231 HMAC-SHA Test Case 2 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_rfc2) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=4 message_len=28"), - .p_input = "7768617420646f2079612077616e7420666f72206e6f7468696e673f", - .p_key = "4a656665", - .p_expected_output = - "164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf" - "75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737" -}; - -/* RFC 4231 HMAC-SHA Test Case 3 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_rfc3) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=20 message_len=50"), - .p_input = - "ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd" - "ddddddddddddddddddddddddddddddddddddd", - .p_key = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - .p_expected_output = - "fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e84" - "8279a722c806b485a47e67c807b946a337bee8942674278859e13292fb" -}; - -/* RFC 4231 HMAC-SHA Test Case 4 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_rfc4) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=25 message_len=50"), - .p_input = - "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdc" - "dcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", - .p_key = "0102030405060708090a0b0c0d0e0f10111213141516171819", - .p_expected_output = - "b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5" - "c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd" -}; - -/* RFC 4231 HMAC-SHA Test Case 6 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_rfc6) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=131 message_len=54"), - .p_input = - "54657374205573696e67204c6172676572205468616e20426c6f636b2d53697" - "a65204b6579202d2048617368204b6579204669727374", - .p_key = - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - .p_expected_output = - "80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d0" - "37e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598" -}; - -/* RFC 4231 HMAC-SHA Test Case 7 */ -ITEM_REGISTER(test_vector_hmac_data, - test_vector_hmac_t test_vector_hmac_sha512_rfc7) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 key_len=131 message_len=152"), - .p_input = - "5468697320697320612074657374207573696e672061206c617267657220746" - "8616e20626c6f636b2d73697a65206b657920616e642061206c617267657220" - "7468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6" - "565647320746f20626520686173686564206265666f7265206265696e672075" - "7365642062792074686520484d414320616c676f726974686d2e", - .p_key = - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - .p_expected_output = - "e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022c" - "ac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58" -}; - -#endif /* MBEDTLS_SHA512_C */ diff --git a/tests/crypto/test_cases/test_vectors_sha_256.c b/tests/crypto/test_cases/test_vectors_sha_256.c deleted file mode 100644 index 36c368d8adbc..000000000000 --- a/tests/crypto/test_cases/test_vectors_sha_256.c +++ /dev/null @@ -1,364 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief SHA test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing - */ - -/* SHA256 - Based on NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_invalid) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA256 invalid hash"), - .p_input = - "6a86b737eaea8ee976a0a24da63e7ed7eefad18a101c1211e2b3650c5187c2a8a65054" - "7208251f6d4237e661c7bf4c77f335390394c37fa1a9f9be836ac28509", - .p_expected_output = - "42e61e174fbb3897d6dd6cef3dd2802fe67b331953b06114a65c772859dfc1aa" -}; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_0) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=0"), - .p_input = "", - .p_expected_output = - "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" -}; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_4) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=4"), - .p_input = "c98c8e55", - .p_expected_output = - "7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" -}; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_64) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=64"), - .p_input = - "5a86b737eaea8ee976a0a24da63e7ed7eefad18a101c1211e2b3650c5187c2a8a65054" - "7208251f6d4237e661c7bf4c77f335390394c37fa1a9f9be836ac28509", - .p_expected_output = - "42e61e174fbb3897d6dd6cef3dd2802fe67b331953b06114a65c772859dfc1aa" -}; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_361) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=361"), - .p_input = - "82829690aa3733c62b90d3297886952fc1dc473d67bb7d6bb299e088c65fc95ed3ca0f" - "368d111d9fdcc9476cd4065efce7c481be598537f3f53bbbb6ff67973a69837454499e" - "31398b463288e3aafb8b0600fdba1a25af806b83e1425f384e9eac7570f0c823981ba2" - "cd3d868fba94648759623991e30f997c3bfb33d019150f0467a914f1eb79cd8727106d" - "bf7d5310d0975943a6067cc79029b09239511417d922c7c7ac3dfdd8a41c52455b3c5e" - "164b8289e141d820910f17a9668129743d936f7312e1604bc35f73ab164a3fddfe5fe1" - "9b1a4a9f237f61cb8eb792e95d099a1455fb789d8d1622f6c5e976cef951737e36f7a9" - "a4ad19ee0d068e53d9f60457d9148d5a3ce85a546b45c5c631d995f11f037e472fe4e8" - "1fa7b9f2ac4068b5308858cd6d8586165c9bd6b322afa755408da9b90a87f3735a5f50" - "eb8568daa58ee7cbc59abf8fd2a44e1eba72928816c890d1b0dbf6004208ff7381c697" - "755adac0137cca342b1693", - .p_expected_output = - "5f4e16a72d6c9857da0ba009ccacd4f26d7f6bf6c1b78a2ed35e68fcb15b8e40" -}; - -#if defined(CONFIG_CRYPTO_TEST_LARGE_VECTORS) -const char flash_data_sha_256[4096] = { "1234567890" }; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_955) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=955"), - .p_input = - "8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b" - "1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a3" - "0e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b3" - "2fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb113" - "3c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d" - "42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d2737" - "1c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec" - "58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead6" - "6a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce" - "2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0" - "c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555af" - "bf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fb" - "a56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc" - "02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0" - "fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b" - "0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb4" - "40fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67ea" - "e0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc" - "3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0" - "b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf460" - "18a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a" - "3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f8" - "5544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f" - "33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d" - "9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e" - "9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460f" - "b4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e895" - "3647648b4f4ab0ed995e", - .p_expected_output = - "4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" -}; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_1945) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=1945"), - .p_input = - "eeb1a4c660be97e365dfe42a4d3400c6e661caaca02accd2ef41be9bf15b4c9651891a" - "696bc60408b0ccaa2b4c2d2cfe079e321a699630b42218e814a9cc30492255f51c85df" - "8042fdf7f8d68ea02806fba3830ce72665603a809c2bc64c27ff2bbc3dc6f73192f912" - "08d5135ab67d448a17c5696003f53cff23e4c89202bb213267fb510ae3c295b8a64aca" - "f796b2227ba3011b1d5468b238a6c7d35317731500fe37a4031d987eb7795de3ae6a4f" - "0698ee3e0966424428afb44e3552b3d7445d28f7a72d099d1dd72a1846c757dd5aa7a1" - "841b83f513082af37fd4d7fc7016108d4542cfcc58d8e06183db8a87e3857163db39bb" - "945cb9720b6499291dc5f4e3d6285d3091511899c5a58b3e22e9efbedd4c4b5748a8a3" - "4fa5056c923c5f449caba9e0997e1146cbff863c2d4f770056b6de399f387e2e886968" - "365882c46f04b3ceb352bb1fc83eb72ed79d37162000979aebdb8d66c2e7fe97ddc416" - "7edee397a1bfa3710308ba94a645d7024db78628864a536ee8c7320d9a4b1e2015f801" - "ff2aead4c8466c073ef56c23d7a52dae10ad3c4f048da5323d7766aeca0f242591701d" - "2ce76f5eec5e2336c8dea5ea41f814aa1676dcc4af373818bb3af6cc19f87b41f4f706" - "45339c398a1041d5560687c57df1ed5e8d71a2e5488f985157a3da533c751f9489a29f" - "3e4f4125bddac766c79b289199663f2784de700da92d8ce001f8f488a09102103a6fa4" - "b4e6dc4a3c22ee038917b8e26e1fc1a7c185b69bb18c5bbc59b2c71a9635d18116d7c6" - "58b2de5dc9fe60ec231ebddb7cdb6d599af6fc4f14bb5292b4da385d207318feb97004" - "cfc417fa68c8df67133683e9814f5659bb43d6095a96834afbc8f232ee351d9c2e3afd" - "6f96995b24511fe38293847aac8692d15e88893a7493c3bbacfc9461ac6174d747dd60" - "37fc7d7d20bff8ff09fd9a49d5da8255a7bd0d57f70e929de63e50bace08a4e31ef780" - "9965291889ac52deb00903b1c2712d51cdcee117195159e3540a3c55ebb61e40bbd846" - "5be90bb53a0e96647d9841cc486d67abf3d14d060289b26a5740a778a62ba1a12ae9cd" - "2d96ada3824f9ebea3d87eebf78d8a804c95a2ef1b12aa9a0d9a30e9bfeb4f9ac2dad3" - "59e78d9d91b9ea4a814a4f0f923384e7e8d6eef137e60513d82a08e41c7defc9e01aa1" - "5e61166717522ea0272cc3b7a0c62353dc250acd1d9569e770f865bbd75fa3f1a6d7c3" - "352e862ae899f6051615b08aa9350d81dc934904f2bbd9832744fe0be7409bc73ed744" - "c7902e97008a8ecf9458c2965418c01b838f8c65dd1b5ae7d8e9f3542a6859b48bfeae" - "b8bcf9524ac8c84c698a6beb346f28ac447e805f3f956186aaf59dfeff009be100424d" - "aa4aaf619a2d2bbc5bbb5024e41f6b3c9c31c7b6c2472fc40c4daecf8e18996cdef7cf" - "8c768b40f259d9acebfa9ead3959e2f8506fd0e0c5ccc51c037fa7c9403678b3afa62b" - "d0f72db60de5b6684d5dde7daf9755f010888690d29d7a56dbaff9f6e034f3b4e3b21f" - "79fa7ae2265392722875f33b4dc8f482d5580748cdd6a37198e08125cf810b774bfc12" - "447fc5bf5e0bd1ccea8f0ff307bd37a7b1b3c203e48739000423b3ea7c539a15a61cad" - "cceb504b8a2b5fee6d5e70f6e77cb0a8b79bea76175759803777ba5cebcea412a05e1c" - "6b95c4656c48d0151d2e736e8fa6deea1c30e818f1dab0a7cafc84c0fd25029aba557d" - "48916da3d534e35c927fbaf5afb5b27d090dbc6f436db0921875421eefbf3320b065c4" - "1fd7c47000c780da2760c905dfd3dcc3fcb5cc70bf5382dff94602957347f1358e4454" - "3c27b39beebd26de91d61f66d89e266fa2d21a2ce5dcc50ce440b23ca936436daf98fe" - "d7dfff287ebd2a95b4e49fbedfb094147c3a0f9464894d9c4e0661fd96311d513d9335" - "8f30f3a2dccdcd45a4a300cdea79c7dadc92ea62ab30365599572a7c54d3f3a7827d9b" - "079db97dd90143fc44432c7485c51f714987e91f5a4038027eaea3e79d2aeb1b217f81" - "daa2fc480ac3c89b2a57769285c9d981abba1ac221eb07b5585eae04dcb82b2cceeabe" - "39941021d0cf9918738da94901c1bb4e7cf08b090f2c333750469448c240f76f9e01f4" - "f5d34c94d24bf3b27e7048a705efd5265abb4d64ed56c27c7f4c17133500b937ecaa8a" - "8dcda11eac21d62ac466a13983a2c1a139f79eb63a78d03d843be524a1af5f70cf30fd" - "765fd93c4e5b9a1c856b8a2712f97eb08b94da599992a7d8aafae6fae5a124e763924f" - "a99cb3c8e81fa6b9f787eea915aa534eec1387a25eb3093981d34ad1e84d0f2b25fc16" - "198b71fcd939e75ea154793f7b9393a95301a7974efe21135e879c9c14b856cab58fe1" - "358ff31c928df5621f0a550142e348ee6cd078b744f44db802b26b9218c37cd918852f" - "0dd29680ccbca23b459879bbf05065f87d25bac10a08ae4598486bd8c06e63f4a266e4" - "7e1fdfec4b48f33ee3150bb5855bfdd96bf878b04e50a2d72dfeffd04bc3959e77c24e" - "8f8ff09d5a47c6646927391678d3eb195f8fa36e2c02fb93753a58a8edf11fd2340f26" - "ddf470692529e6ffb6c0824cb2640f77f395e01ef2facc49e7f8769d3283d2d3fa34e4" - "68149ccb9526d9ff810c66d7b67a384ed1e306067e9ae88da43823e0dd3d432d29fa6b" - "dde3aeead2f4ef0eed464b3dd47c3041f2e009e4bf9caabd412eee49d3169e3e25d195" - "1b840b22045b11aecdfa859f5597557c1592ed51", - .p_expected_output = - "07ddd5dafcf04956cc36c1ff290f07c1c0e5832cc8dd9aea502da677ea04fe64" -}; - -/* SHA256 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_256_data, - test_vector_hash_t test_vector_SHA256_4123) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA256 message_len=4123"), - .p_input = - "0f5452e6b51540cf219998590995cd7f8785fa40b4f217fc79f07322a2ec5e0834a426" - "1a0177463779dfd958c33c55730dd3759f20167778372688c511967d584572c336d67f" - "99f807c57c71704be39152222d8928a4d8307efef3a606ecd637e9c410825bb6a1da72" - "526aec384ae1a2ff7a0948f425a2eef7829c0daa77d26dc8a4f545b9a3c6a5638e8911" - "42c2b66ebbe3f123ad213c784ab96c4125bed9c18b195ac917cf71208182c227b73bca" - "bd2f66cd617b1e10961eab498c9e4954fcda2b27549ec008147535fe78be3b8557020a" - "854b85a685121b611c343da1a9e65ce3442f7500f549e6af234a804c4f04ddd80229f4" - "4003b3eae2ce822c4d4247ba489aa2c6179e877df91ae625f5908b68d62a43ef75f240" - "333645be90d585e79c630ff4b68b6d96e21acc94d4bfb0b54a0ee6e09fcbbb829d666b" - "3094c2dc8ea83a8c6f6fe6c83dbc1a209cb530174a2c881f492cccc441d17927205d9b" - "ae0389d8fa5919af1945b302fd45f1d22d12b54bbbc7bd007644777760d516e8630fe5" - "423ffbdb6fc77770d94dd8b02d5bd48e5fa4a07aee395536690098e532637a6582459d" - "dead3a999ba7f79d19c7075a5eccc01c8c1e763ab656eeb1f2ff150cb09ef2874af1da" - "73dc75e3dc552a9b6ace9af9851b1893bca046126866dae38c6fa1300046c40fcfd94a" - "f9dd8bde7dcd86d235214e65faa39c415404694834c44990e651faac41733d2e21e7e4" - "69174b2d7c5e3a4e8c11b751509ccf22d3717ae775fcc38f33d828ae2943448855cfab" - "6b9e5b16431542c0687ad20fba020077f057599c2de13cb6d444473a9e2a0fb7ea4214" - "fd5489f48588c8de0d595d4a830d3fe724fb3dd5e5598615124f6e3e354f6f7139a96e" - "8ecf5a40a811256db765e6348da522cf0c7de2f89514c2abc3ee452e5a116b4f7a6686" - "ed196349b9b0e7223e3365ca1f47451aa0b087206808aa7286b7ccc2b11f12b3d4174a" - "ebca9bcf6965c1ad19b6ef06a6884cb5902e74307e7f70b3d51ee59b89ff8b103426e1" - "e665b220c53a1b6d8831b852e43b846f4a12216d0ecd1d34c8b2755efb4b57ebf4bc2c" - "36f553d627936136ab5d48f261bed6759725d1377462d33e765458e520c116dcec858d" - "7087efde0c3d68e000b2557182d43f0af20d319763bd628556e7141cc82bbc0f70f463" - "5142f24c2b37cbd78c500da5a0d968fda3eb1a6ff834aab775fad9e4025ed6b962deb1" - "53501e120ccee82ba0ba71eb8ea2de74c1d906d070ca7adf438dc394b7b8ea61c3783e" - "f0bce05114768044ffac3a44b5a15155c108c34e2621d9259826fc6dece5ca1dceae69" - "93b26f1bd90d1e1326c45788a8e447078095c80d0f49cdd57039016f4512ab12b7ebd5" - "b3b87badd68b892ba587a3f43f18137f52060f76ecfa305f8e3e267b83c4a9ee6f6ab2" - "212b7cec65d07a65d9121c8a8dd09452e7e813b946508e70e663c2d30478761b42b900" - "d54c330a93bc2996e13bae407ae973c3bc00ddbf5ab45aba515df6641dd7291f2c29f3" - "be93662b8d00d11592ef44321321d35c594aac12b30b4110bd1faa22e1d9443b1fce9f" - "c10acf972c131ac0cf0ad008f5e2aa9730b5e8faee078b814d4fc4e531b4ac2e931435" - "d41c4a6125f2b1b2e6d2e4e13d5fc8d3cfb9cdc8255270d654fd0596dd48b31dd20cc0" - "2d3a420eadb718e6576645f5b10799943e5ed84df5d8c89af27289ef6cd725fbe7c868" - "2caac1f27174da8a436bebb5e655f387ec0abbbafc29b6fdd10b2c8e85f5970b10924e" - "860ca060d7bbe9c3364a75ae0957fe43fab2a4714d60e21970e6c16fd4c44ba4fc3f43" - "c2d46313d7434906550396b7b9b144ca6b20a5d9e5f3a4b1186b4fbf0b7d92c5c62845" - "d16e056a70b120af1f65063b026b1fa6d9da3e492f5977b9d4cd318e8e357b690cd1a4" - "351b8a05ac1d8e221db63bf26dc83e7a5da2fca10a74313fba06d677d5aa49473270a8" - "5d94987d2c754da14002905ace6672c7904b867ecf9e9673c293951c16ead5d2ce707a" - "7b4dc82f66b16b177663ee0683ec84f2fd0bc3a4d204abb3923ae4b3d20047aaceada0" - "c352eeb247da617cc8f85fbba0f619b09abce623eef5dba8736e9d2110be7384732c9f" - "df06cdef991fed8ffa78b021eddef90f052d8b20bf7b6f4a079495c8fda7be6cf83e98" - "35cb732b244861754c03da512959589e32b0359cb1ff1e99d392c5cefb07d6845c9d2d" - "7bc7ae468bc179f48cd9255674390307bf7a149614bdcb3625f713b6d78c94b3a32032" - "0c3ba9d79671c97311555c415b9e4d4be44cad30628b0625c6d9ec3a6e6bd6df9ccd2c" - "a627caa14a708bc3f19803d0aef08acc4ab1c7d044eed4a516c69d92bade89716d0f5d" - "08b35b5d979b26b4ae44a21541a08ca3fe78160edeb024fffbcdbab7a1b4b5f3a7b4ba" - "1200c76d798d15e33735ba59e538c926d0c091ee5bba1f199ee3048353265875f325fe" - "d51c162a9936d02181562540066273408e7776b8e18760e3e0472ca475482fc7c663f0" - "8aae5b395c6dbe6ee49e0c1e456a1bd8a1fcba40dc349561a2a05945aba818c33d08ee" - "99f384e5bbbed616ea29ec1187e1507faa74e8066f59df6d9031e301394c9137176f2d" - "92b3d497c7fe737a202c80c71ec6356262fbd11bcd38e1dfe7f8be2f7ddc57d28ffe30" - "c76983ab7e0f6f8748debda60b71b0133ac264430491a89bcc0a1033daa245da5042a0" - "5a5fa7f7fdba09b74f4bfa332626923ce0bbc9f2ec4f24d98cad9430d8189b7e0785b0" - "6dea07e5dbb98bc72f12c585e93f6a557eb8a01462e8b32c663409bb443a58f2785616" - "bb526b319e4ae001e593e87bfef307a722d1d2543490f60aec1b7b4034c14acfd244ed" - "a7482c97c0f86164548cf9e14c954fcff872552402742b53a540f0cd1a74d8c8538d7e" - "3fec087c3a5fc73a4f77b7036907b05ec8db9c9b49efdcace8dfe736839f34e8e16c5b" - "0cf202775b5810ce1627e9b452e97cac94e686d19da2067487a6f207118328393815a7" - "630705ff23af910646da90cdec3db0d2e66c037763f3bab3cca23008ec282ab554e45d" - "2cfef730c6309ec4b6a3bf313ce5c1131bfca1464c4c42edf4bb05b994129a687fa616" - "8b9239458d1f1b41f12a9443dbd887bad2244f9ac4d4edf74aab65d22ee165332bd028" - "78f3f09aec7705bd9b62974b65e6a39d52bc90cb2566641534b838817696eac6deff11" - "69e74b362671b04191cb0b31fd11dd109db89426e9670d6e43085646db20b86ad05bf5" - "23986ccebca113c836387f303dabd75d5aaa143569f311f34e2fe527e41670fd36da34" - "c3f2c366a61a1645bcfd3cab486620e23913d9b8f36889d65265854decd6b67297c93f" - "ec2c455f0b8a39995cddb3137a20523d26e0feb29a43d6631b4a6af2ce532b5ccce220" - "db78a0da0b11a4a94b83f2106683417773da0220f9019d5c57effeff632f5011523508" - "c6d8f226b08fa6b7349df69f3b923e95298f286f13ad7ea02d9c3cff818beacae74828" - "ea31a98b78a62aa781b2d76d06db6db847f7bc22429c4f1c76d94f3eec23a5db78925f" - "d93d4e55bf6f440c105d1ddad8ae704b84ea36c4f63d7f66d978643532593d7a380c14" - "6666f159f7cea0d620b02be6244ba3e243f3dddd9864759142561498c252efe0a4c390" - "596250d9f0856946c10d207288133bdd59ad87ec92126f310dfecced9a58ffd3ac133e" - "0f52522b8769cfab61117df5c55d6ce9e44feda43903f8510e2aca4143bad23f4be4ce" - "1d774732937763c94a1e509e3365af1d1db3e276875b7842b266eb69fb948e43689dc1" - "fd81bc673f616e9a0b0c789de90327114116db6c087ac7a89e1bf238f7338140fa1c39" - "05266340a37b1d23fe987e1dfa21a797ef63c0eb573b476dca33a7ac2def0df526c877" - "19d2b60e70bb73b51e04dde295e79dac5c6206260e2c3feca5eea5fbf8b06bc6839183" - "8667bcc2d1b1973f6edf3efc68a12fc861dc476329f4ede48f4b8d58770548ac2d0fe9" - "cdf95f1b0df47ddac9194228489fdf01e78722907371f5a3d7b3285df7ac702adb56af" - "f8101b75a54beac7b350892043122db6411c48fedc2fa272392dab926835102997108c" - "d185cc01b93aa6c7a6f62e433867a5bc6f1eaa6b6d4416d17e89244e555ed5ee996492" - "86a02413007a0081f33169d7774f538e37a1e679c73b77ee38bcb626ead329e6a202d9" - "5fdca24b546328b17a1ea662242d95881f35d118dbf7e508cc2889bc107c69c1520528" - "bdeebba5a6565c7d33b476d190d1c1495635b358ba904fc205583e5c44b42013409924" - "30b032d6dbae8639dd685516aa1842939e36380787eb060d64ca4cd86cbb9bc65237d8" - "37c8bbe19f427673dafc454cc03ee28cfadf59611408bbe3d23a153dc892a30e254c42" - "0fd08724f5b647c79962c02856ced234b278d07f41b98538c752795d9d48702b56f334" - "d9a151948571a0ad6f5c2b68654164447e2e33560b818e8ecb4d4a3b5eff30d1fc4154" - "ea671ea28c1e67baaad456feed2072e8b476b2a25956e5d0b6c351b0e7f79b665255e7" - "91e59f3f229f69396e52ced482a761a4b662662f85e743969bfd317830d33713954159" - "ac0c4f0d31ddfbee1ea637b49df33264f10ed8c414199c129f5975f5ebd526b47620c3" - "a6887371ea16fe6d57e68050b6f416912f15504b02da8a4078b77a1f186405021d8457" - "3b2885325033c78644c60043186ddf6b9269ef6b3da6bfabb1ed4064145b6eb2e11232" - "eae82e872d97fbdd3d7765ba90f9afa7a373684a91669bd0e402478eabec0ee7cd3e31" - "709cd0bc52adb6fef0e8093ccadbeba7a153c58add2ed3c82b6be3866a835925c8fc77" - "73283bdb22c89a497920baab490d1b56232ee98fc88e194ee184b542f0d8741487278e" - "f0b889ce42cc70e9bd37d40ea2cc8dbe3f2e00deb687fd0bff7ce82d3060174ffca77c" - "ae7a9e840f285a3e5630eec055eae2c7e2a1e09d2c9aaf404f5266c02508d9e95f7b58" - "22d5f599951b88f2905598cb2b4c9a542cc11a7327010301eab91b35180ccd6013e32b" - "db1f84333ec56751d37644264b717188afe76bca995cb33da350dbf6201fe0d20a26ba" - "b83c27321ee1eef4cf2d35e5eb4bc6b62f96dfba760bdaf480fe0d75f30df0e59f537d" - "5f06dedd821c6240c44b2e0d0aba603b76cf55fe80f364a74995ccc52b71ea919512b0" - "891695525ab7b142038ef45f38904f6a04a7d5b9b305c02fefb7b56b297d49403bd9c3" - "654b66236ef26b64fb9db0ff303490b065fa507c1eb5aff33d0ebeb3763af22d04da78" - "ac9a20c8939d347de590d6640bd044d3d2815e3cb4c80801583ad08a5c95d19651aed6" - "ce07abc3a00b72314a6f625935c94033857e74dfee417543c9d682f6671c935ca54a8f" - "13c079bf8e6b6383001f6a437cb3dca95a2c750ddcd625311294142ffa74e4afec8636" - "5d35ef6f9b0339bc7281ed53cf4264fcece3dad00cecc4416bf8635b75169a4a366efd" - "1b12282ac7b6895c6d4e5f3ddff8a0fc60794ea0ac309d9c394858a3bd3181bdf05038" - "9b93f5dd27b18e7960251b5a655ce2fecf5c643344058f7b4a9735b55875bdfa332919" - "c678a7f85874d63c5b3c4caec5fa59f0008648b44836e12c54f633c1389b90088a74d8" - "f2c322fb43e9aab9456bc9acbd4d88891e840fa3fda4beb0c5b87ad0ac7145cbe58412" - "9a174dd72a0fb8e35cb261725035fa7fe390eed9762f4379f2ebc513083a61ebbea2cf" - "ea277474f171b6866d2661712cabcd796f0d69a140fcafcc05185723566ccbb60c38dc" - "669af4b302a1910ab0be029c8fa7fbd99a76f9dfd04482a692faae7a", - .p_expected_output = - "f98918c63e3a9238e78dbd5bebe4e47eaeec0ae1627387dcd2a5ae4725f7e47c" -}; - -ITEM_REGISTER(test_vector_hash_256_long_data, - test_vector_hash_t test_vector_SHA256_long) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .mode = NO_MODE, - .chunk_length = 4096, - .update_iterations = 256, - .p_test_vector_name = TV_NAME("SHA256 message_len=1048576"), - .p_input = flash_data_sha_256, - .p_expected_output = - "7b09661bdd3dc086e9303102e0c1da76eef506e403419f722947e377a6edec00" -}; - -ITEM_REGISTER(test_vector_hash_256_long_data, - test_vector_hash_t test_vector_SHA256_long_flash) = { - .digest_type = MBEDTLS_MD_SHA256, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .mode = DO_MEMCPY, - .chunk_length = 4096, - .update_iterations = 256, - .p_test_vector_name = TV_NAME("SHA256 flash memcpy message_len=1048576"), - .p_input = flash_data_sha_256, - .p_expected_output = - "7b09661bdd3dc086e9303102e0c1da76eef506e403419f722947e377a6edec00" -}; - -#endif /* CRYPTO_TEST_LARGE_VECTORS */ diff --git a/tests/crypto/test_cases/test_vectors_sha_512.c b/tests/crypto/test_cases/test_vectors_sha_512.c deleted file mode 100644 index fc4216fe07ad..000000000000 --- a/tests/crypto/test_cases/test_vectors_sha_512.c +++ /dev/null @@ -1,279 +0,0 @@ -/* - * Copyright (c) 2019 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include -#include - -#include "common_test.h" -#include - -/**@brief SHA test vectors can be found on NIST web pages. - * - * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing - */ - -/* SHA512 - Based on NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_invalid) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_FAIL, - .p_test_vector_name = TV_NAME("SHA512 invalid hash"), - .p_input = - "d1ca70ae1279ba0b918157558b4920d6b7fba8a06be515170f202fafd36fb7f79d69fa" - "d745dba6150568db1e2b728504113eeac34f527fc82f2200b462ecbf5d", - .p_expected_output = - "046e46623912b3932b8d662ab42583423843206301b58bf20ab6d76fd47f1cbbcf421d" - "f536ecd7e56db5354e7e0f98822d2129c197f6f0f222b8ec5231f3967d" -}; - -/* SHA512 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_0) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 message_len=0"), - .p_input = "", - .p_expected_output = - "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d1" - "3c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" -}; - -/* SHA512 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_4) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 message_len=4"), - .p_input = "a801e94b", - .p_expected_output = - "dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf7" - "38bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" -}; - -/* SHA512 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_64) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 message_len=64"), - .p_input = - "c1ca70ae1279ba0b918157558b4920d6b7fba8a06be515170f202fafd36fb7f79d69fa" - "d745dba6150568db1e2b728504113eeac34f527fc82f2200b462ecbf5d", - .p_expected_output = - "046e46623912b3932b8d662ab42583423843206301b58bf20ab6d76fd47f1cbbcf421d" - "f536ecd7e56db5354e7e0f98822d2129c197f6f0f222b8ec5231f3967d" -}; - -#if defined(CONFIG_CRYPTO_TEST_LARGE_VECTORS) -const char flash_data_sha_512[4096] = { "1234567890" }; - -/* SHA512 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_955) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 message_len=955"), - .p_input = - "990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8" - "d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b6" - "8f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a854" - "7c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b7" - "0fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b830" - "1ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6" - "c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8" - "fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35d" - "bbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59" - "144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe3" - "02b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e024" - "22ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee" - "58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02" - "643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca" - "1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef8" - "6c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce48" - "3ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6f" - "ecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da" - "3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817" - "910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0" - "246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a5" - "4c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbf" - "c0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5" - "986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a72" - "41cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d9" - "9ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01" - "897d6de97ed3058d91dd", - .p_expected_output = - "8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6c" - "cd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" -}; - -/* SHA512 - NIST CAVS 11.0 */ -ITEM_REGISTER(test_vector_hash_512_data, - test_vector_hash_t test_vector_sha512_4088) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .p_test_vector_name = TV_NAME("SHA512 message_len=4088"), - .p_input = - "c8e2e36403ad4ff9f60010cb877a57139ac1463a8522059cc377128dec4ed899e44784" - "1053be14c356aab00875c53e04d4ee3129adcba1fdfdb2a11d7ecacd82d66d22040ed1" - "131c45e8d8eea6840a8797bf6d63339a0d32fbe48cdbc85ebac2051c66471a2e748f2b" - "80308603ffe2244bfda3f000d76ec324d57acfb351c7dfd81cf7e0611d60a1713b5fd7" - "747eef6458707ad9fbcaef39df4c140025ed1e63b9347fdacae6ffdc7de10ee9e24858" - "ce27e09b250bbab51b961302760778e4d60f2ea33a3cd078c7b83ae4c533a646eb1e15" - "addc1af1ebf1b0f0eb39423b44be41d00d0aa124f4ea8a0d8a7251e0e141a6d659070f" - "b5b74495ac7752bc7e64a5b9e36552e02b9ace5c24a7f8223e505a28ed47acd14f419a" - "ac0f4fc85f896c12de2e5218e12a93fa9445e4609007bcbe0a201ed64a07b27e5fe01b" - "a312a3858e187b7d668c6c06f69c39e9b182854cf3b638868a6124327515e982ebbc15" - "d7a0cf908e43c9381c4bdac85df3dffe298392fd29d2fef0e80937f02da9472889d06b" - "362cb880d5fc80b8b9e92f91bb7af60836acb509b1fdc12bbec4e59a21c3a65435ffcb" - "998cd01d9cd6346c7f0468d27eadba3c6bb099255a1beea59d4bafabf355b086fca5bd" - "abf0e5e7b291211ba15e28f96d0a35e2be2cce53f338ed7266ae5ee7f19168edb11baf" - "a909af59baea0f701152cf8703130aa19cd6534e375fee174b13411c88b785fc237ac1" - "f56e36f94dabf3a2f022ad5a5a7157d6b7241f1c4985f4f20bb5459694fc0caf3d5e0c" - "84866f566cb6681285c2797ca970612d9ebc3d9c8d7b9de4b63eddc86179b3f418e504" - "851322fcccf4a15d4fb5c11711de381a14fbb5681b4dc46eb4c0f194761d301388817c" - "06630ebfc5d8e0f26e544285c46322013d73c3ec56dbb2ed2a1bfb3043659c0cb05d3a" - "e3571e134a8d7d346ae491eca64473807f3e4220b49c6a1aad3d264e192044e2d7be29" - "37129d141bb122a740eea7a3ec44cdf3f38f13ece36fa8d37eed7e9f6d61a0013293c5" - "a25f2025ac051f8b8b7005acf511c6b727bc3d2d7214cef3f7434aa6afee122eae6780" - "96a825821ab47288825064a1afa50ee0740df705a7d3cc59773a51daffc09d981ca387" - "5f7ca55c96f80cd36724ee422124ab11dac1bb6f58bcaa45326160683260a613fed9e6" - "94f7b63245623d88bec6e55549946937970d1c07b1617c17301409b8b1a65800847363" - "caa4d823fdec976112877dc9d0a942405a7cb0776c5e07c0e249a1217a92d2a7dad712" - "fdd5335e3deab3db060d0ebdcfab90677be858d32d2bc3355ddc28db2c6cc658f496fa" - "e124e5b6f74b772e477200d4ceaf118740f79b07ab34afad57978759f230caabe9bc0c" - "7619be9471a7d163302c3c725316c73afe4bcd79890f93347827d8f8ad3ead66dc8987" - "ef40a793db8ccb4990251c44118e5c51c523c8c67a0b4015a968a8a0fbd08ecf0d010d" - "6070d0f1fff5631b1727a028e718e54dd861fa850e6444ef3dd43b71be781ea2e22be5" - "e7862877dce7841df5b8fc366572f12d3eecb1a9da2bf8037b7bb7fd2ebe13b1f505b1" - "c7245d31eb0cecf87ed73c338cb3d618ff33136f12f12f5208799f311d62a419bdbe21" - "35f4b5aa95266cdd2e002cf522aec09c424e1e01d1a54a2b8b11788de6bf71da981e37" - "1a5994ecfeea6ff070561e4a6f78a1491abd3e6a0a2c767de5a33704306353dc65ce31" - "1f4670c348703db7983319f2b9a19e3aa2e51932bad7d58c40cd9d7aeab37c65cc5ec7" - "e27c1d5de274912e28b7bffa01b8645b2f77880626ed564e7baa2bea99bdedf7b6d49e" - "4105a431be2d8b9c5bfb742efb53fc23bd6dd3767e3e64f6a033b89c0925971c6e8af1" - "bad1e87d5f4890a0ec018890ce83c9b9d336aa603b269d861304190fbe6ed723d56f41" - "d5314a28024573b57cb1dfa268157da9e523053deff9f07982adc7560229a120da39e8" - "2b64e25bc209f65960a9e55c233cd6c47dbaf6d62d3910046d555f6e6dd5a0aa018c6a" - "c0967cc2796b42ebdafeae7bebc4b1b4bd1c7c10aa86e61edf100e8d18124286ab1b20" - "40c82bfbceff23813b02799ad8ad3093d543087b0ffbf2cd29bbc650de23383c95cd09" - "9e36d37afd3d92063e0dae50c586575bddd9caf95a9b1a867d1930d517ec106bf1cd5f" - "eb6caa22d265f9c9645b4c6ce7d425540efc0cbdb890e0dadbfa6b1ababe38aa5f14a9" - "3b45d64405559d4e0c13289ba21afda42dc652da2a302d3a725fcb22bcbc3f6364c75b" - "976b09d3b5be49a0e2bb03a38af1168bb027bdf882a0c0e0319eec33ff25c0ba9a0169" - "45a80bf105a3a7b337e791120209da6aa36b2d47c70d57d538a60698bcf4d15d3b5079" - "711f856f1000e29620818e4920751ca05b475fef61988090b7294de3cefcd49232b631" - "1a0448a487aacee77ec5b7be816327cf6f7799b44a86c94f3da2d15dde9c924eb07655" - "55ec17b2bb8142b27859c93004defe856bbd6b64a0e9c30213e4187a853a4d711b4ecf" - "f5b25880ab73aff42aa744e0a2cc6fcfc1e8ef17d71d2c0c387ebe73e221333a5f750d" - "66edd60b4cdd5faa043900ea1ba9d0558897a43ee192e047cff08d26c0b8aca8dbbfca" - "f53910d51752912eb6b5e4ff25fd8ccfa3005154da49e588acc9c7ff2fc96877f6238d" - "b193b2f47f59073a1f675dfcc7e2cf3d8181c907394fbd5514ac17310495721a9a260c" - "a81b5d7773d5219230b383b81d104337a0c996042a9626ad629a5b8e8038d948f6294a" - "6f56cb5d8370bc0e22baa8297bf65f09060e2ba6734360cfe08634b34e26d1a656aca9" - "2218040a0c75ddf2397e5124312bc97b33511b7f79cef636bc06803dfb943d16793933" - "c405184c957d26fb4095dc222fd52f341ee1c197e5fd594c92d091d1bb68ce46137f75" - "d03afd5c3bdabe7fe3ef94f5d466902230ea7d2dd1fbaeb43040fabf851e04f33089c0" - "09581a327ed262798b447f0d578aec456c589e1c67214c34f4380e1bfa3629ce139b29" - "7b3fb8318bd9cc90e0ca6d945bfc29a3a2126e872056a70a4df2a8c32f644c2f212c5c" - "04d3c7b3c192e1a08ac9c78c33c81bdd9bc5cb1a3b20434ffeece2b353aaab8881573e" - "433caa06ed7597b3c97617eb372d2b3cd8c81e56f3830b7717bea02602532124c226b0" - "a01afecbaa279316ea43e85b922adacf915cf9970ac2988a049320396379aa2c17f0cc" - "6f93efb24e80cb715cb35899ba5d51099582fa08f1ad0391a5e1b0eda7d237888a556a" - "fd451695733689aa2c67239b5b0fc908365c891a4d6f88af1aa93bb7d925dadd9a8512" - "6b94f2fb67bc5e4902960cc6344b5300a0fd9f3ebd57b8b93768470993b196de137c97" - "f0d97028394e639561c56f5e7a5c483bed23cc5eb481dcf8cad36bfee055d42d524671" - "4c594769b18205c9065f17d74d7c2aa322945bde4005e4ef4782fb44bd08f7e65213b5" - "5168113a82d2179951dcd317018cc28e1628a20f66f82bcb734dfa34f8c3ce5fc2c2f6" - "adc14b0aaa5ff1da351025a4e22bb78a9cf89a428f0ae81045cf25f10e65c819a6aff7" - "a012a99379cbf874a31ec6f6a3d3ccb4310db09332719203e68ae281636c74604298d6" - "ca9820e102280c8eebd6fb0bce5f0e0e5848016ae2149be0f6ba49370e56068e9e1f7d" - "f25599722ca00c5edc713459cc3e3a3d7e4ce309072d0883208846227b18f62a53f75f" - "19471d2b42682318b8914df06df7c8bb9b00303363595678b5433f056f2d70e3c98868" - "1cf0d76f73f1058e52d9fcdf041a73072431070056868e1c3594a8468c49968bc8b050" - "daadcdd10849c9b617264f07b8c435550e465f05b56ce0eb03c1631b8e16cafbee2e14" - "9dc4bb844cfb89ff654dfab76909b2064f14939c1f2eecddbc77ed8501325f8e10c892" - "53e71096f535cdadfe6b790144154193116b5074802350372a8a2ea602d31eb47eafe0" - "b3f81e41c75384e49be1ff425284f8f0c114f821db01bd6b6c3a8ece0b4dcbf249cfc8" - "b02ffedbd4e8a5b421ba40ed963b61e2f0c152c3701afce8de7d0764cec143dc22cd47" - "9ad05058dde6b28c73cb4a2e8ac7d165c4c516118958f4f6a1fd811c02a08975e6613b" - "c1219721afb215564598adf381e7f3ca411a435760ab06f322e1304bd2ea0d11a9293e" - "f1f2d1ffc76cb3ab0ff054819c5343a88e8ea9717e1c22ddfba4cb5f3ad89de2099df9" - "0e056c83c70df834f7f611ab8e80c8c4c789d46cac8134b4dc1e16248c51f851cc780d" - "b10bd5e2afde3f41fbfd1756248e7e1068a7c5cacb0e252b6643b14a02c08816e57f4f" - "f6ecbddfacdafe3a7ff051c499bed5b0ae387cb8de0c0f11dd33729e51c62a647b141c" - "3e1af197d18c5195c337153e282724ae3df8bef859f70d6b2084fd14fabb4e83c453e8" - "d2c5c56ee4e3b115eb167eb72d1e42230771e1b83278783245fafcc37bd91e66b7fc72" - "70c58cd167e363fc1880c181e44341e35b4f0cf50cc64d879a8be544134d5fdb7ec126" - "5db32ef5e6702f9080a8b5b2441e4b46c3339ed9a4fc3c508e989cd648c15f191ea0d5" - "b687e6c3f1061863aa4e2aad8da950d5889a111582c19dac4a006027cddcd7df8d26a3" - "c34edadc571247a7fd48700b7441b3009ee3a8c986a14c84a1ab5f0054610aceb70ec5" - "9b99d378bdc4e1e00b81eb35f25fdc0ac531c5745556196ec23d1c7c9027998ffd2fd3" - "299288bfc1f90770690ee1d3ae38b59cc0facd80d3c5a1a5c4119c5700ac23fca251d4" - "4adb7c0bb7977dab315dcb1b10779c8e4954b288e42a789eb0df4d7d352a202deaf63d" - "97a80766455fdf266a08e36222daba31fac1f6eeb30cf68b43650a271d07d9e3b22b00" - "f238c3fcf0aa6b4a75109dcce900246f9a65d30b0b7f768b902b094d176528cc490bc7" - "7cd2e323f5fce0f85483a1f5dea53b6de778384ff380e0581a81b787b19246d226731e" - "172c201b5518a6e61c8b36bd42527877d88a21c25c08c8b030f8f6724bc37c632f3709" - "481be2fbd581be7674ba14b343f99a9b5b7ede95580ce89c169c1b94b8535ddeefb278" - "2a790dbf8ce73ef4d3a49a69163324668fb801cbacba2cf664276be7c89882a2dad7a6" - "d5a19f34bb7da2a340b9d0b8665fd7f8e750e6631c93b75f1deeccf32ab3f9354add22" - "06315b46fc67acbca0a7acbdda86ae23a955ca70174779126dd75fe6a36467fa1a1e15" - "978e26187f46f11f738deeeef86668b15b7cad90f3587083a6d66c68aeda4a539d3fc5" - "259f100c6000fb6739ee021eef7f74975cf61cbeca42b8a907c7ad7dbc61f88bfaa668" - "bf166c0a3bb78ce53f2de5e84c04a32189d9c130656dccfa7ef8eaa2c2c01cb5d3e9c0" - "a4b08f5a78931293c115b182cf985b2b25e6c1452b16b04123b09e875e118303b010ea" - "e021e14793e53a8b1c8fb5f68881762cbba70d8c6c659dbd71cd3e893d16a1efa749f3" - "73ed3e03b9f8c7a652e12b5bd6b5d62b33754ed344616925a676beacc736598f3fa7b3" - "b7649ee134183d0bdde6bb20374e63c8995ce09a8d80b790789915b77e53cb2ba0b397" - "4327f0a509468555edfb843fba362d75c83dbf07744f8ecdcd8756609004cf6a574781" - "200ddcda0ca53d7e100bf3dea85bfe0c6f5277cee50274f16fc92cdf9f835c74b6ffe9" - "0e67b0c6e3dea5189801bb980ff6123980e5bd0ccbffbe600cbf312d706fc7b348ef76" - "5e5cb26fed820951d36fa49cddcc5568168d1857e87e51c8831e544d83b12a60cc9193" - "51b9c5478377d481d8abdbbe6a5bdec27c0b5cddb026266c7aa071a2", - .p_expected_output = - "e8e09fc57bd3b8e18b2726418836852cf1544eb2cf28c18f5b98436382d0b621953d2f" - "aa60d155dd28c2cb76c00ee93d3de56289b399c22a4fd82f00dd35ef27" -}; - -ITEM_REGISTER(test_vector_hash_512_long_data, - test_vector_hash_t test_vector_sha512_long) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .mode = NO_MODE, - .chunk_length = 4096, - .update_iterations = 256, - .p_test_vector_name = TV_NAME("SHA512 message_len=1048576"), - .p_input = flash_data_sha_512, - .p_expected_output = - "4f544f809b8a0a7052eca55df04ba4b19c3ecd2dca6c721ab7e88d94574d663cbde4ca" - "3dc114f92c827226184899c5c48c706b20d66cb056f97e0a21cf2979f5" -}; - -ITEM_REGISTER(test_vector_hash_512_long_data, - test_vector_hash_t test_vector_sha512_long_flash) = { - .digest_type = MBEDTLS_MD_SHA512, - .expected_err_code = 0, - .expected_result = EXPECTED_TO_PASS, - .mode = DO_MEMCPY, - .chunk_length = 4096, - .update_iterations = 256, - .p_test_vector_name = TV_NAME("SHA512 flash memcpy message_len=1048576"), - .p_input = flash_data_sha_512, - .p_expected_output = - "4f544f809b8a0a7052eca55df04ba4b19c3ecd2dca6c721ab7e88d94574d663cbde4ca" - "3dc114f92c827226184899c5c48c706b20d66cb056f97e0a21cf2979f5" -}; - -#endif // CRYPTO_TEST_LARGE_VECTORS diff --git a/tests/crypto/testcase.yaml b/tests/crypto/testcase.yaml deleted file mode 100644 index 1be8eabb7799..000000000000 --- a/tests/crypto/testcase.yaml +++ /dev/null @@ -1,55 +0,0 @@ -tests: - crypto.cc3xx: - sysbuild: true - extra_args: OVERLAY_CONFIG=overlay-cc3xx.conf - platform_allow: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - - nrf9160dk/nrf9160 - - nrf9161dk/nrf9161 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - - nrf9160dk/nrf9160 - - nrf9161dk/nrf9161 - tags: - - crypto - - ci_build - - legacy - - cc3xx_legacy - - sysbuild - - ci_tests_crypto - harness_config: - type: multi_line - regex: - - ".*PROJECT EXECUTION SUCCESSFUL.*" - timeout: 200 - crypto.oberon: - sysbuild: true - extra_args: OVERLAY_CONFIG=overlay-oberon.conf - platform_allow: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - - nrf9160dk/nrf9160 - - nrf9161dk/nrf9161 - integration_platforms: - - nrf52840dk/nrf52840 - - nrf5340dk/nrf5340/cpuapp - - nrf9151dk/nrf9151 - - nrf9160dk/nrf9160 - - nrf9161dk/nrf9161 - tags: - - crypto - - ci_build - - legacy - - oberon_legacy - - sysbuild - - ci_tests_crypto - harness_config: - type: multi_line - regex: - - ".*PROJECT EXECUTION SUCCESSFUL.*" - timeout: 200 diff --git a/tests/drivers/dect/dect_mdm/integration/prj.conf b/tests/drivers/dect/dect_mdm/integration/prj.conf index 4b2db0576b98..b92f58f48521 100644 --- a/tests/drivers/dect/dect_mdm/integration/prj.conf +++ b/tests/drivers/dect/dect_mdm/integration/prj.conf @@ -149,4 +149,3 @@ CONFIG_MODEM_INFO=n # Disable components that require hardware for testing CONFIG_MBEDTLS=n -CONFIG_NORDIC_SECURITY_BACKEND=n diff --git a/tests/lib/app_jwt/prj.conf b/tests/lib/app_jwt/prj.conf index a6eec9eb78fa..94d934365f93 100644 --- a/tests/lib/app_jwt/prj.conf +++ b/tests/lib/app_jwt/prj.conf @@ -16,8 +16,7 @@ CONFIG_BASE64=y CONFIG_ENTROPY_GENERATOR=y CONFIG_TEST_RANDOM_GENERATOR=y -CONFIG_MBEDTLS_PSA_CRYPTO_C=y - +CONFIG_PSA_CRYPTO=y CONFIG_PSA_WANT_ALG_ECDSA=y CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_ECC_SECP_R1_256=y diff --git a/tests/lib/hw_unique_key/prj.conf b/tests/lib/hw_unique_key/prj.conf index 24a5dc3d327e..a9aa870c2da2 100644 --- a/tests/lib/hw_unique_key/prj.conf +++ b/tests/lib/hw_unique_key/prj.conf @@ -6,6 +6,5 @@ CONFIG_ZTEST=y CONFIG_HW_UNIQUE_KEY=y -CONFIG_NORDIC_SECURITY_BACKEND=y -CONFIG_CC3XX_BACKEND=y +CONFIG_PSA_CRYPTO=y CONFIG_MPU_ALLOW_FLASH_WRITE=y diff --git a/tests/psa_crypto/src/psa_tests_common.h b/tests/psa_crypto/src/psa_tests_common.h index 6720a42752bc..b55e2c453b12 100644 --- a/tests/psa_crypto/src/psa_tests_common.h +++ b/tests/psa_crypto/src/psa_tests_common.h @@ -7,7 +7,6 @@ #include #include #include -#include "common.h" #include #include #include diff --git a/tests/psa_crypto/tests/test_ikg_identity_key_sign_verify.c b/tests/psa_crypto/tests/test_ikg_identity_key_sign_verify.c index b88b85a2d884..264720549ff3 100644 --- a/tests/psa_crypto/tests/test_ikg_identity_key_sign_verify.c +++ b/tests/psa_crypto/tests/test_ikg_identity_key_sign_verify.c @@ -42,7 +42,6 @@ static uint8_t m_plain_text[NRF_CRYPTO_TEST_IKG_TEXT_SIZE] = { static uint8_t m_pub_key[NRF_CRYPTO_EXAMPLE_ECDSA_PUBLIC_KEY_SIZE]; static uint8_t m_signature[NRF_CRYPTO_TEST_IKG_SIGNATURE_SIZE]; -static psa_key_handle_t key_handle; static psa_key_id_t key_id; /* ====================================================================== */ @@ -53,9 +52,9 @@ int get_identity_key(void) psa_status_t status; size_t data_length; - key_handle = mbedtls_svc_key_id_make(0, identity_key_id); + key_id = mbedtls_svc_key_id_make(0, identity_key_id); - status = psa_export_public_key(key_handle, + status = psa_export_public_key(key_id, m_pub_key, sizeof(m_pub_key), &data_length); diff --git a/tests/psa_crypto/tests/test_kmu_use.c b/tests/psa_crypto/tests/test_kmu_use.c index f9ca3f806699..62ffaefec810 100644 --- a/tests/psa_crypto/tests/test_kmu_use.c +++ b/tests/psa_crypto/tests/test_kmu_use.c @@ -39,7 +39,7 @@ static uint8_t m_signature[NRF_CRYPTO_EXAMPLE_EDDSA_SIGNATURE_SIZE] = { 0x6f, 0x16, 0x7b, 0xa8, 0x58, 0x7f, 0xc2, 0x86, 0xbb, 0x5e, 0x8d, 0x46, 0xef, 0xf0, 0x58, 0x41, 0xe5, 0xac, 0x42, 0x2c, 0xd1, 0xed, 0x29, 0x74, 0x0e }; -static psa_key_handle_t key_handle; +static psa_key_id_t key_id; /* ====================================================================== */ @@ -49,12 +49,12 @@ int get_eddsa_pub_key(void) psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; - key_handle = PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT( + key_id = PSA_KEY_ID_FROM_CRACEN_KMU_SLOT( CRACEN_KMU_KEY_USAGE_SCHEME_RAW, KMU_SLOT_NUM); psa_key_attributes_t attr = PSA_KEY_ATTRIBUTES_INIT; - status = psa_get_key_attributes(key_handle, &attr); + status = psa_get_key_attributes(key_id, &attr); if (status != PSA_SUCCESS) { return status; } @@ -75,7 +75,7 @@ int verify_message_kmu(void) } /* Verify the signature of the message */ - status = psa_verify_message(key_handle, + status = psa_verify_message(key_id, PSA_ALG_PURE_EDDSA, m_plain_text, sizeof(m_plain_text), diff --git a/tests/psa_crypto/tests/test_kmu_write.c b/tests/psa_crypto/tests/test_kmu_write.c index 6c3a5564b405..222920d62811 100644 --- a/tests/psa_crypto/tests/test_kmu_write.c +++ b/tests/psa_crypto/tests/test_kmu_write.c @@ -24,7 +24,7 @@ LOG_MODULE_DECLARE(app, LOG_LEVEL_DBG); * Global variables/defines for the kmu write test */ -static psa_key_handle_t key_handle; +static psa_key_id_t key_id; #define KMU_SLOT_NUM 125 /* *This is a sample public key for testing purposes only. @@ -53,9 +53,9 @@ int write_key_to_kmu(void) PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_CRACEN_KMU)); psa_set_key_id(&key_attributes, - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, KMU_SLOT_NUM)); + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, KMU_SLOT_NUM)); - status = psa_import_key(&key_attributes, m_pub_key, sizeof(m_pub_key), &key_handle); + status = psa_import_key(&key_attributes, m_pub_key, sizeof(m_pub_key), &key_id); if (status != PSA_SUCCESS) { return APP_ERROR; } diff --git a/tests/subsys/bluetooth/mesh/light_ctrl/boards/native_sim.conf b/tests/subsys/bluetooth/mesh/light_ctrl/boards/native_sim.conf deleted file mode 100644 index 49f485d31cff..000000000000 --- a/tests/subsys/bluetooth/mesh/light_ctrl/boards/native_sim.conf +++ /dev/null @@ -1,3 +0,0 @@ -# nrf_security only supports Cortex-M via PSA crypto libraries. -# Enable Mbed TLS for native simulator. -CONFIG_MBEDTLS=y diff --git a/tests/subsys/bluetooth/mesh/light_ctrl/prj.conf b/tests/subsys/bluetooth/mesh/light_ctrl/prj.conf index 55195d4e9726..c6526f1ec83c 100644 --- a/tests/subsys/bluetooth/mesh/light_ctrl/prj.conf +++ b/tests/subsys/bluetooth/mesh/light_ctrl/prj.conf @@ -10,3 +10,5 @@ CONFIG_ZTEST_MOCKING=y CONFIG_ZTEST_PARAMETER_COUNT=30 CONFIG_NET_BUF=y + +CONFIG_PSA_CRYPTO=y diff --git a/tests/subsys/bluetooth/mesh/light_hue/boards/native_sim.conf b/tests/subsys/bluetooth/mesh/light_hue/boards/native_sim.conf deleted file mode 100644 index 49f485d31cff..000000000000 --- a/tests/subsys/bluetooth/mesh/light_hue/boards/native_sim.conf +++ /dev/null @@ -1,3 +0,0 @@ -# nrf_security only supports Cortex-M via PSA crypto libraries. -# Enable Mbed TLS for native simulator. -CONFIG_MBEDTLS=y diff --git a/tests/subsys/bluetooth/mesh/light_hue/prj.conf b/tests/subsys/bluetooth/mesh/light_hue/prj.conf index 5f379c9aa638..11fca35faefc 100644 --- a/tests/subsys/bluetooth/mesh/light_hue/prj.conf +++ b/tests/subsys/bluetooth/mesh/light_hue/prj.conf @@ -10,3 +10,5 @@ CONFIG_ZTEST_MOCKING=y CONFIG_ZTEST_PARAMETER_COUNT=30 CONFIG_NET_BUF=y + +CONFIG_PSA_CRYPTO=y diff --git a/tests/subsys/bluetooth/mesh/scheduler_model/action_planning/boards/native_sim.conf b/tests/subsys/bluetooth/mesh/scheduler_model/action_planning/boards/native_sim.conf deleted file mode 100644 index 49f485d31cff..000000000000 --- a/tests/subsys/bluetooth/mesh/scheduler_model/action_planning/boards/native_sim.conf +++ /dev/null @@ -1,3 +0,0 @@ -# nrf_security only supports Cortex-M via PSA crypto libraries. -# Enable Mbed TLS for native simulator. -CONFIG_MBEDTLS=y diff --git a/tests/subsys/bluetooth/mesh/scheduler_model/action_planning/prj.conf b/tests/subsys/bluetooth/mesh/scheduler_model/action_planning/prj.conf index 927ea79bbc02..c00de817193f 100644 --- a/tests/subsys/bluetooth/mesh/scheduler_model/action_planning/prj.conf +++ b/tests/subsys/bluetooth/mesh/scheduler_model/action_planning/prj.conf @@ -9,3 +9,5 @@ CONFIG_ZTEST=y CONFIG_TEST_RANDOM_GENERATOR=y CONFIG_NET_BUF=y + +CONFIG_PSA_CRYPTO=y diff --git a/tests/subsys/bluetooth/mesh/scheduler_model/message_validity/boards/native_sim.conf b/tests/subsys/bluetooth/mesh/scheduler_model/message_validity/boards/native_sim.conf deleted file mode 100644 index 49f485d31cff..000000000000 --- a/tests/subsys/bluetooth/mesh/scheduler_model/message_validity/boards/native_sim.conf +++ /dev/null @@ -1,3 +0,0 @@ -# nrf_security only supports Cortex-M via PSA crypto libraries. -# Enable Mbed TLS for native simulator. -CONFIG_MBEDTLS=y diff --git a/tests/subsys/bluetooth/mesh/scheduler_model/message_validity/prj.conf b/tests/subsys/bluetooth/mesh/scheduler_model/message_validity/prj.conf index ca7918e97c62..a56e991ae7dd 100644 --- a/tests/subsys/bluetooth/mesh/scheduler_model/message_validity/prj.conf +++ b/tests/subsys/bluetooth/mesh/scheduler_model/message_validity/prj.conf @@ -10,3 +10,5 @@ CONFIG_TEST_RANDOM_GENERATOR=y CONFIG_ZTEST_MOCKING=y CONFIG_NET_BUF=y + +CONFIG_PSA_CRYPTO=y diff --git a/tests/subsys/bluetooth/mesh/scheduler_model/timing/boards/native_sim.conf b/tests/subsys/bluetooth/mesh/scheduler_model/timing/boards/native_sim.conf deleted file mode 100644 index 49f485d31cff..000000000000 --- a/tests/subsys/bluetooth/mesh/scheduler_model/timing/boards/native_sim.conf +++ /dev/null @@ -1,3 +0,0 @@ -# nrf_security only supports Cortex-M via PSA crypto libraries. -# Enable Mbed TLS for native simulator. -CONFIG_MBEDTLS=y diff --git a/tests/subsys/bluetooth/mesh/scheduler_model/timing/prj.conf b/tests/subsys/bluetooth/mesh/scheduler_model/timing/prj.conf index 7990ce3e79e4..f8ebcbe1038b 100644 --- a/tests/subsys/bluetooth/mesh/scheduler_model/timing/prj.conf +++ b/tests/subsys/bluetooth/mesh/scheduler_model/timing/prj.conf @@ -9,3 +9,5 @@ CONFIG_ZTEST=y CONFIG_TEST_RANDOM_GENERATOR=y CONFIG_NET_BUF=y + +CONFIG_PSA_CRYPTO=y diff --git a/tests/subsys/bluetooth/mesh/sensor_subsys/boards/native_sim.conf b/tests/subsys/bluetooth/mesh/sensor_subsys/boards/native_sim.conf deleted file mode 100644 index 49f485d31cff..000000000000 --- a/tests/subsys/bluetooth/mesh/sensor_subsys/boards/native_sim.conf +++ /dev/null @@ -1,3 +0,0 @@ -# nrf_security only supports Cortex-M via PSA crypto libraries. -# Enable Mbed TLS for native simulator. -CONFIG_MBEDTLS=y diff --git a/tests/subsys/bluetooth/mesh/sensor_subsys/prj.conf b/tests/subsys/bluetooth/mesh/sensor_subsys/prj.conf index 8415edeff196..04d1055cd69b 100644 --- a/tests/subsys/bluetooth/mesh/sensor_subsys/prj.conf +++ b/tests/subsys/bluetooth/mesh/sensor_subsys/prj.conf @@ -8,3 +8,5 @@ CONFIG_ZTEST=y CONFIG_CBPRINTF_FP_SUPPORT=y CONFIG_NET_BUF=y + +CONFIG_PSA_CRYPTO=y diff --git a/tests/subsys/bluetooth/mesh/silvair_enocean_model/boards/native_sim.conf b/tests/subsys/bluetooth/mesh/silvair_enocean_model/boards/native_sim.conf deleted file mode 100644 index 49f485d31cff..000000000000 --- a/tests/subsys/bluetooth/mesh/silvair_enocean_model/boards/native_sim.conf +++ /dev/null @@ -1,3 +0,0 @@ -# nrf_security only supports Cortex-M via PSA crypto libraries. -# Enable Mbed TLS for native simulator. -CONFIG_MBEDTLS=y diff --git a/tests/subsys/bluetooth/mesh/silvair_enocean_model/prj.conf b/tests/subsys/bluetooth/mesh/silvair_enocean_model/prj.conf index 8d691a9f3860..814d904bef14 100644 --- a/tests/subsys/bluetooth/mesh/silvair_enocean_model/prj.conf +++ b/tests/subsys/bluetooth/mesh/silvair_enocean_model/prj.conf @@ -9,3 +9,5 @@ CONFIG_ZTEST=y CONFIG_ZTEST_MOCKING=y CONFIG_NET_BUF=y + +CONFIG_PSA_CRYPTO=y diff --git a/tests/subsys/bluetooth/mesh/time_model/boards/native_sim.conf b/tests/subsys/bluetooth/mesh/time_model/boards/native_sim.conf deleted file mode 100644 index 49f485d31cff..000000000000 --- a/tests/subsys/bluetooth/mesh/time_model/boards/native_sim.conf +++ /dev/null @@ -1,3 +0,0 @@ -# nrf_security only supports Cortex-M via PSA crypto libraries. -# Enable Mbed TLS for native simulator. -CONFIG_MBEDTLS=y diff --git a/tests/subsys/bluetooth/mesh/time_model/prj.conf b/tests/subsys/bluetooth/mesh/time_model/prj.conf index 927ea79bbc02..c00de817193f 100644 --- a/tests/subsys/bluetooth/mesh/time_model/prj.conf +++ b/tests/subsys/bluetooth/mesh/time_model/prj.conf @@ -9,3 +9,5 @@ CONFIG_ZTEST=y CONFIG_TEST_RANDOM_GENERATOR=y CONFIG_NET_BUF=y + +CONFIG_PSA_CRYPTO=y diff --git a/tests/subsys/bootloader/boot_lock_kmu_keys/src/main.c b/tests/subsys/bootloader/boot_lock_kmu_keys/src/main.c index 56da0c2fc3f3..7b79c6e05272 100644 --- a/tests/subsys/bootloader/boot_lock_kmu_keys/src/main.c +++ b/tests/subsys/bootloader/boot_lock_kmu_keys/src/main.c @@ -13,7 +13,7 @@ #define PSA_KEY_STARTING_ID_UROT 242 #define MAKE_PSA_KMU_KEY_ID(id) \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, id) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, id) static psa_key_id_t key_ids[] = { MAKE_PSA_KMU_KEY_ID(PSA_KEY_STARTING_ID_BL), diff --git a/tests/subsys/kmu/verify_west_ncs_provision/src/main.c b/tests/subsys/kmu/verify_west_ncs_provision/src/main.c index 464ddd6f9098..b407402c992b 100644 --- a/tests/subsys/kmu/verify_west_ncs_provision/src/main.c +++ b/tests/subsys/kmu/verify_west_ncs_provision/src/main.c @@ -25,8 +25,8 @@ #define UROT_PUBKEY_1 228 #define UROT_PUBKEY_0 226 -#define MK_PSA_KEY_HANDLE(key) \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, key) +#define MK_PSA_KEY_ID(key) \ + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, key) uint8_t signature_default[] = { 0x2e, 0x89, 0x14, 0x67, 0x34, 0x61, 0x7c, 0x9f, @@ -89,7 +89,7 @@ int main(void) return 0; } - status = test_verify_key(MK_PSA_KEY_HANDLE(UROT_PUBKEY_0), signature_default, + status = test_verify_key(MK_PSA_KEY_ID(UROT_PUBKEY_0), signature_default, sizeof(signature_default), test_message, sizeof(test_message)); if (status == PSA_SUCCESS) { printk("Default key verified\n"); @@ -97,7 +97,7 @@ int main(void) printk("Default key failed\n"); } - status = test_verify_key(MK_PSA_KEY_HANDLE(UROT_PUBKEY_1), signature_1, + status = test_verify_key(MK_PSA_KEY_ID(UROT_PUBKEY_1), signature_1, sizeof(signature_1), test_message, sizeof(test_message)); if (status == PSA_SUCCESS) { printk("Key 1 verified\n"); @@ -105,7 +105,7 @@ int main(void) printk("Key 1 failed\n"); } - status = test_verify_key(MK_PSA_KEY_HANDLE(UROT_PUBKEY_2), signature_2, + status = test_verify_key(MK_PSA_KEY_ID(UROT_PUBKEY_2), signature_2, sizeof(signature_2), test_message, sizeof(test_message)); if (status == PSA_SUCCESS) { printk("Key 2 verified\n"); diff --git a/tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt b/tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt index e8470a9c867c..b1995fcf7dbe 100644 --- a/tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt +++ b/tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt @@ -80,7 +80,7 @@ set(includes "include/" # Must be included first to redefine functions as non-static-inline "${ZEPHYR_NRF_MODULE_DIR}/include/" "${ZEPHYR_NRF_MODULE_DIR}/subsys/net/lib/nrf_provisioning/include/" - "${NRFXLIB_DIR}/nrf_modem/include/" + "${ZEPHYR_NRFXLIB_MODULE_DIR}/nrf_modem/include/" "${ZEPHYR_BASE}/include/" "src/" ) diff --git a/tests/subsys/nrf_security/psa_core_lite/src/main.c b/tests/subsys/nrf_security/psa_core_lite/src/main.c index 5e15f8107ea0..46d37732a9b7 100644 --- a/tests/subsys/nrf_security/psa_core_lite/src/main.c +++ b/tests/subsys/nrf_security/psa_core_lite/src/main.c @@ -19,39 +19,39 @@ /* Ed25519 public key to check usage and ability to revoke */ #define KMU_KEY_ID_PUBKEY_ED25519_REVOKABLE \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 4) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 4) /* Ed25519 public key to check usage and ability to lock */ #define KMU_KEY_ID_PUBKEY_ED25519_READ_ONLY \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 6) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 6) /* Ed25519 public key to check usage and ability to revoke */ #define KMU_KEY_ID_PUBKEY_ED25519PH_REVOKABLE \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 8) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 8) /* Ed25519 public key to check usage and ability to lock */ #define KMU_KEY_ID_PUBKEY_ED25519PH_READ_ONLY \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 10) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 10) /* ECDSA secp256r1 public key to check usage and ability to revoke */ #define KMU_KEY_ID_PUBKEY_SECP256R1_REVOKABLE \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 12) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 12) /* ECDSA secp256r1 public key to check usage and ability to lock */ #define KMU_KEY_ID_PUBKEY_SECP256R1_READ_ONLY \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 16) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 16) /* ECDSA secp384r1 public key to check usage and ability to revoke */ #define KMU_KEY_ID_PUBKEY_SECP384R1_REVOKABLE \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 20) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 20) /* ECDSA secp384r1 public key to check usage and ability to lock */ #define KMU_KEY_ID_PUBKEY_SECP384R1_READ_ONLY \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 26) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, 26) /* AES-256 key used to unwrap another AES-256 key */ #define KMU_KEY_ID_AES_256_KW_ENC_KEY_READ_ONLY \ - PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_PROTECTED, 32) + PSA_KEY_ID_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_PROTECTED, 32) /* X25519 Curve25519 secret key to calculate shared secret with ECDH */ #define KMU_KEY_ID_KEY_PAIR_X25519_READ_ONLY \ diff --git a/tests/tfm/tfm_psa_test/CMakeLists.txt b/tests/tfm/tfm_psa_test/CMakeLists.txt index 0dcb6dad13a7..4143b099375f 100644 --- a/tests/tfm/tfm_psa_test/CMakeLists.txt +++ b/tests/tfm/tfm_psa_test/CMakeLists.txt @@ -87,6 +87,26 @@ set_property(TARGET zephyr_property_target -DTEST_PSA_API=${TEST_PSA_API} ) +set(INSTALL_INTERFACE_INC_DIR ${CMAKE_BINARY_DIR}/tfm/api_ns/interface/include) + +file( + COPY + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto_compat.h + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto_driver_common.h + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto_extra.h + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto_platform.h + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto_sizes.h + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto_struct.h + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto_types.h + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto_values.h + ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}/include/psa/crypto.h + ${NRF_SECURITY_DIR}/include/psa/crypto_driver_contexts_key_derivation.h + ${NRF_SECURITY_DIR}/include/psa/crypto_driver_contexts_primitives.h + ${NRF_SECURITY_DIR}/include/psa/crypto_driver_contexts_composites.h + DESTINATION + ${INSTALL_INTERFACE_INC_DIR}/psa +) + include(ExternalProject) if(CONFIG_DEBUG_OPTIMIZATIONS) diff --git a/west.yml b/west.yml index 312e9a8fcdb8..10de573d9490 100644 --- a/west.yml +++ b/west.yml @@ -65,7 +65,7 @@ manifest: # https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/zephyr/guides/modules.html - name: zephyr repo-path: sdk-zephyr - revision: ecbc745ca398363d241e71af35ce643c73cc6bd3 + revision: 544950b66a38cde53c651a4259a76d392d390006 import: # In addition to the zephyr repository itself, NCS also # imports the contents of zephyr/west.yml at the above @@ -92,6 +92,7 @@ manifest: - hal_st # required for ST sensors (unrelated to STM32 MCUs) - hal_tdk # required for Invensense sensors such as ICM42670 - hal_wurthelektronik + - hostap - liblc3 - libmetal - libsbc @@ -100,6 +101,7 @@ manifest: - lvgl - lz4 - mipi-sys-t + - mldsa-native - nanopb - net-tools - nrf_hw_models @@ -108,6 +110,7 @@ manifest: - picolibc - segger - tf-m-tests + - tf-psa-crypto - uoscore-uedhoc - zcbor - zscilib @@ -127,7 +130,7 @@ manifest: compare-by-default: true - name: mcuboot repo-path: sdk-mcuboot - revision: 54ea1144f26c8086208f023721a2a8b46915dcb2 + revision: 2c2583658b9a8010bc3d8c5d54593f833c84a909 path: bootloader/mcuboot - name: qcbor url: https://github.com/laurencelundblade/QCBOR @@ -136,19 +139,19 @@ manifest: - name: mbedtls path: modules/crypto/mbedtls repo-path: sdk-mbedtls - revision: 5bb86aeae32420e4f537e5cc390f7219a1bcf500 + revision: 92d44566209a0d94a571cc7f71a4a7b9262f7602 - name: oberon-psa-crypto path: modules/crypto/oberon-psa-crypto repo-path: sdk-oberon-psa-crypto - revision: fdca9eba5d6fd3fdfdf87196cb4d0d37a5529632 + revision: 3a9005029dae919e3f6d9d4182465a8e2572cf9f - name: nrfxlib repo-path: sdk-nrfxlib path: nrfxlib - revision: 3acc454e3ddb409d6ddf3b894eb41bec479e2a16 + revision: 697869f61b8288b4198dbc0e25004f0e9c60635f - name: trusted-firmware-m repo-path: sdk-trusted-firmware-m path: modules/tee/tf-m/trusted-firmware-m - revision: e45f5f8c5b4f12843be48e136e6bcf143fa1cc5e + revision: e476105018a2bf2dd8f87bca30a8e766846b4048 - name: psa-arch-tests repo-path: sdk-psa-arch-tests path: modules/tee/tf-m/psa-arch-tests @@ -156,7 +159,7 @@ manifest: - name: matter repo-path: sdk-connectedhomeip path: modules/lib/matter - revision: 4ad89bf237fff34d7f2195bd027f906d750f2637 + revision: 106cf3d26c6b3354fc2006aa71684a9905d1af64 west-commands: scripts/west/west-commands.yml submodules: - name: nlio @@ -196,7 +199,7 @@ manifest: compare-by-default: false - name: find-my repo-path: sdk-find-my - revision: 8ffe25f09bcef3d5d007b94dc580e8b45e99b7ce + revision: 160e6cfde82c37614d62911fd025837347df9645 groups: - find-my - name: azure-sdk-for-c @@ -224,7 +227,7 @@ manifest: - name: openthread repo-path: sdk-openthread path: modules/lib/openthread - revision: ncs-thread-reference-20250402 + revision: 0fe68ff23527e8bb9a9821ca96a255fccfbb44a7 userdata: ncs: upstream-url: https://github.com/openthread/openthread @@ -276,10 +279,6 @@ manifest: revision: d5fad6bd094899101a4e5fd53af7298160ced6ab groups: - benchmark - - name: hostap - repo-path: sdk-hostap - path: modules/lib/hostap - revision: 8fd18deb93f639919650fd7a35546a958c3f25c6 # West-related configuration for the nrf repository. self: